mirror/keycloak
1
0
Fork 0
mirror of https://github.com/keycloak/keycloak.git synced 2026-02-12 10:19:13 -06:00
Code Issues Packages Projects Releases Wiki Activity
23,430 Commits 23 Branches 294 Tags
2b4e49e87ec0ff2af22597cd9acb04ec20091dff
Commit Graph

23430 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Tomas Ondrusko
2b4e49e87e Update web elements of the Instagram login page 
Signed-off-by: Tomas Ondrusko <tondrusk@redhat.com>
(cherry picked from commit 26342d829c)
 2024-01-09 15:54:02 +01:00
Sebastian Schuster
4c82f231d8 enable dot in attribute when user profile enabled 
Closes #24918

Signed-off-by: Erik Jan de Wit <erikjan.dewit@gmail.com>
Signed-off-by: Sebastian Schuster <sebastian.schuster@bosch.io>
Co-authored-by: Erik Jan de Wit <erikjan.dewit@gmail.com>
 2024-01-09 14:50:48 +00:00
Daniel Fesenmeyer
3947958ab6 Bugfix for: Removing all group attributes no longer works with keycloak-admin-client (java) 
Closes #25677

Signed-off-by: Daniel Fesenmeyer <daniel.fesenmeyer@bosch.com>
(cherry picked from commit baafb670f7)
 2024-01-09 14:53:09 +01:00
Alexander Schwartz
397ee94d0a Add the build step to the overall status check (#26014) 
Closes #25981

Signed-off-by: Alexander Schwartz <aschwart@redhat.com>
 2024-01-09 13:34:18 +01:00
Hynek Mlnařík
04f2f90c04 added permission checking to ui-ext realm resource so realm names are not leaked to users without the appropriate permissions. #25679 (#25683) (#25845) 
Closes: #25392
Closes: #25679

Signed-off-by: Garth <244253+xgp@users.noreply.github.com>
(cherry picked from commit 9be7f0e474)

Co-authored-by: Garth <244253+xgp@users.noreply.github.com>
 2024-01-09 10:25:46 +01:00
Steven Hawkins
1b65d4a0f4 fix: do not split on space for option errors (#25955) 
closes #25783

Signed-off-by: Steve Hawkins <shawkins@redhat.com>
 2024-01-08 20:21:17 +00:00
Ryan Emerson
bcfcea65c6 Update Route53 HA guide to be compatible with ROSA and OpenShift 4.14.x (#25900) 
Closes #25733

Signed-off-by: Ryan Emerson <remerson@redhat.com>
Signed-off-by: Alexander Schwartz <aschwart@redhat.com>
Co-authored-by: Alexander Schwartz <aschwart@redhat.com>
 2024-01-08 16:34:50 +01:00
Pedro Ruivo
5ebcf584e2 High Availability Docs: use unbounded token for cross-site connection 
Expirable tokens are more secure but it requires manual intervention to
create and share them when they expire.

I have updated the documentation to use non-expirable tokens.

Closes #25909

Signed-off-by: Pedro Ruivo <pruivo@redhat.com>
Signed-off-by: Alexander Schwartz <aschwart@redhat.com>
Co-authored-by: Alexander Schwartz <aschwart@redhat.com>
 2024-01-08 16:34:24 +01:00
Ricardo Martin
4188bc33ae Escape action in the form_post.jwt and only decode path in RedirectUtils (#93) 
Closes #90

Signed-off-by: rmartinc <rmartinc@redhat.com>
 2024-01-04 13:46:43 +01:00
Jordi Mallach
c46920bfdd Fix links in HTML email templates 
Closes #25878

Signed-off-by: Jordi Mallach <jordi@mallach.net>
 2024-01-03 17:58:51 +00:00
Réda Housni Alaoui
53731027be @NoCache is not considered anymore 
Closes #25120

Signed-off-by: Réda Housni Alaoui <reda-alaoui@hey.com>

Conflicts:
	rest/admin-ui-ext/src/main/java/org/keycloak/admin/ui/rest/UserResource.java
	services/src/main/java/org/keycloak/authorization/admin/PolicyService.java
	services/src/main/java/org/keycloak/authorization/admin/ResourceSetService.java
	services/src/main/java/org/keycloak/authorization/admin/ScopeService.java
	services/src/main/java/org/keycloak/services/resources/account/SessionResource.java
	testsuite/integration-arquillian/test-apps/servlets-jakarta/pom.xml
 2024-01-02 19:10:40 +01:00
Hynek Mlnařík
e3d24311c1 Do not show sign-out action for offline sessions (#25577) 
Closes: #24763

Signed-off-by: Hynek Mlnarik <hmlnarik@redhat.com>
(cherry picked from commit c6ce859493)
 2024-01-02 15:27:51 +01:00
Alexander Schwartz
de3634a1de Adding a test case to check that the expiration time is set on logout tokens 
Closes #25753

Signed-off-by: Alexander Schwartz <aschwart@redhat.com>
(cherry picked from commit 9e890264df)
 2023-12-27 14:39:36 +01:00
Niko Köbler
9659182472 add the exp claim to the backchannel logout token 
This is now, as of Dec 15th 2023, part of the OIDC Backchannel Logout spec, chapter 2.4.

As of chapter 4, the logout token should have a short expiration time, preferably at most two minutes in the future. So we set the expiration to this time.

resolves #25753

Signed-off-by: Niko Köbler <niko@n-k.de>
(cherry picked from commit 5e623f42d4)
 2023-12-27 14:39:36 +01:00
Niko Köbler
ca7b8d610b make css classes for password visibility configurable through theme properties 
Closes #25016

Signed-off-by: Niko Köbler <niko@n-k.de>
(cherry picked from commit a5f276ce28)
 2023-12-22 11:37:23 +01:00
Alexander Schwartz
a28e8e0063 Adding parsing of "fixes"/"fixed" Keyword and the colon (#25755) 
Closes #25633

(cherry picked from commit a420b46913)

Signed-off-by: Alexander Schwartz <aschwart@redhat.com>
 2023-12-22 10:45:44 +01:00
rmartinc
2b785ac7e1 Workaround to allow percent chars in getGroupByPath via PathSegment 
Closes #25111

Signed-off-by: rmartinc <rmartinc@redhat.com>
(cherry picked from commit 522e8d2887)
 2023-12-20 13:11:52 +01:00
mposolda
753485c1c5 User Profile: If required roles ('user') and reqired scopes are set, the required scopes have no effect 
closes #25475

Signed-off-by: mposolda <mposolda@gmail.com>
(cherry picked from commit cd154cf318)
 2023-12-18 14:47:00 -03:00
Alexander Schwartz
79f3ca5590 Showing the original exception plus any swallowed exceptions (#25616) 
Closes #25424

Signed-off-by: Alexander Schwartz <aschwart@redhat.com>
(cherry picked from commit c4ada85233)
 2023-12-18 12:01:49 +01:00
Marek Posolda
48dcaf83eb Change arg of getSubGroups to briefRepresentation (#25587) 
Parameter name briefRepresentation should mean briefRepresentation,
   not full. This way callers will by default get the full
   representation, unless true is passed as value for
   briefRepresentation.

   Fixes #25096

Signed-off-by: Erwin Rooijakkers <erwin@rooijakkers.software>
(cherry picked from commit 860978b15a)

Co-authored-by: Erwin Rooijakkers <erwin@rooijakkers.software>
 2023-12-18 10:49:35 +00:00
Alexander Schwartz
ff2242cabb Avoid shutdown of Infinispan when using cache (#25615) 
Closes #24508

Signed-off-by: Alexander Schwartz <aschwart@redhat.com>
(cherry picked from commit e01827693a)
 2023-12-18 10:22:43 +01:00
Martin Bartoš
e1d0b45f61 PubKeySignRegisterTest failures in WebAuthn tests 
Fixes #9693

Signed-off-by: Martin Bartoš <mabartos@redhat.com>
 2023-12-15 17:37:37 +01:00
rmartinc
3d16564f0d Do not allow remove a credential in account endpoint if provider marks it as not removable 
Closes #25220

Signed-off-by: rmartinc <rmartinc@redhat.com>
(cherry picked from commit d004e9295f)
 2023-12-15 13:42:49 +01:00
Hynek Mlnarik
496ca92320 Fix resource path for account console 
Closes: #25437

Signed-off-by: Hynek Mlnarik <hmlnarik@redhat.com>
(cherry picked from commit 5f18d8b94b)
 2023-12-15 12:49:54 +01:00
Jon Koops
87753adb08 Fix broken assertion in Cypress tests (#25389) 
Signed-off-by: Jon Koops <jonkoops@gmail.com>
 2023-12-15 12:48:52 +01:00
mposolda
834fdaa494 Introduce ProtocolMapper.getEffectiveModel to make sure values displayed in the admin console UI are 'effective' values used when processing mappers 
closes #24718

Signed-off-by: mposolda <mposolda@gmail.com>

Co-authored-by: Jon Koops <jonkoops@gmail.com>
 2023-12-15 12:48:08 +01:00
Lukas Hanusovsky
48e777ff31 25208 MSSQL startup message - fix 
closes #25208

Signed-off-by: Lukas Hanusovsky <lhanusov@redhat.com>
 2023-12-15 12:47:35 +01:00
Marek Posolda
2b0c91ab08 Retrieve ClientConnection by invoking getConnection() instead of getContextObject() 
Closes #25231

(cherry picked from commit 0e535d2bbe)

Signed-off-by: Fouad Almalki <me@fouad.io>
Co-authored-by: Fouad Almalki <me@fouad.io>
 2023-12-15 12:45:49 +01:00
Alexander Schwartz
eeebae650a Allow concurrent remote cache operations 
Closes #25388

Signed-off-by: Alexander Schwartz <aschwart@redhat.com>
(cherry picked from commit 5b1b3ca11b)
 2023-12-15 10:57:15 +01:00
Alexander Schwartz
65588e31cd Avoid logged warning about objects not present in the cache for tasks 
Closes #25322

Signed-off-by: Alexander Schwartz <aschwart@redhat.com>
(cherry picked from commit a8cff72ed0)
 2023-12-15 10:16:58 +01:00
Ricardo Martin
2578591a26 Escape action in the form_post response mode (#60) 
Closes https://issues.redhat.com/browse/RHBK-652

Signed-off-by: rmartinc <rmartinc@redhat.com>
 2023-12-12 14:48:38 +01:00
Ricardo Martin
b2e9110531 Strip off user-info from redirect URI when validating using wildcard (#61) 
Closes https://issues.redhat.com/browse/RHBK-679

Signed-off-by: rmartinc <rmartinc@redhat.com>
 2023-12-12 14:48:38 +01:00
Steven Hawkins
2eba785736 Iss25307 backport (#25435) 
* fix: use name to find the admin secret

closes: #25307

Signed-off-by: Steve Hawkins <shawkins@redhat.com>

* doc: adding a note about removing the

closes: #25307

Signed-off-by: Steve Hawkins <shawkins@redhat.com>

---------

Signed-off-by: Steve Hawkins <shawkins@redhat.com>
 2023-12-12 14:48:05 +01:00
Pedro Igor
024bff166f Make sure realm is available from session when migrating to 23 (#25325) 
Closes #25183

Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>
 2023-12-06 13:36:03 +01:00
Pedro Igor
ee6a1b81a0 Make sure username is lowercase when normalizing attributes 
Closes #25173

Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>

Conflicts:
    server-spi-private/src/main/java/org/keycloak/userprofile/DefaultAttributes.java
    testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/user/profile/UserProfileTest.java
 2023-12-05 17:05:19 +01:00
Michal Hajas
87d5ebde12 Upgrade Infinispan to 14.0.21.Final 
Closes #25287

Signed-off-by: Michal Hajas <mhajas@redhat.com>
(cherry picked from commit b1777defbd)
 2023-12-05 15:13:25 +01:00
Alexander Schwartz
5be23a0ec6 Add links to guides and GitHub discussions (#25285) 
This should increase the likelihood for feedback

Closes #25270

(cherry picked from commit a08f112f79)

Signed-off-by: Alexander Schwartz <aschwart@redhat.com>
 2023-12-05 12:18:42 +01:00
rmartinc
942aa38ea7 Remove lowercase for the hostname as recommended/advised by OAuth spec 
Closes https://github.com/keycloak/keycloak/issues/25001

Signed-off-by: rmartinc <rmartinc@redhat.com>
 2023-12-05 11:59:17 +01:00
rmartinc
3b2b6e4277 Revert "Fix lowerCaseHostname to lower-case scheme and host properly" 
This reverts commit 1241bd2919.

Signed-off-by: rmartinc <rmartinc@redhat.com>
 2023-12-05 11:59:17 +01:00
Jon Koops
f5c09a0cbc Fix 'Cancel' button in the user form (#25161) (#25164) 
Closes #25051

Signed-off-by: Jon Koops <jonkoops@gmail.com>
 2023-12-04 21:29:34 -05:00
Michal Hajas
58a4ac8341 Add tests for lb-check endpoint 
Added documentation why the check retries and updated outdated docs

Closes #25113

Signed-off-by: Michal Hajas <mhajas@redhat.com>
Signed-off-by: Alexander Schwartz <aschwart@redhat.com>
Co-authored-by: Alexander Schwartz <aschwart@redhat.com>
(cherry picked from commit d387f13525)
 2023-12-04 12:51:22 +01:00
Pedro Igor
78df6da7ba added PATCH and PUT methods to get FormBodyHandler (#25093) (#25212) 
Signed-off-by: Garth <244253+xgp@users.noreply.github.com>
Co-authored-by: Garth <244253+xgp@users.noreply.github.com>
 2023-12-04 10:02:57 +01:00
Stian Thorgersen
b1f6bbd8ab Fix pr-find-issues script (#25254) 2023-12-04 08:51:57 +01:00
Stian Thorgersen
c84eb20421 Fix auto labelling for release labels (#25249) (#25250) 
Closes #25248

Signed-off-by: stianst <stianst@gmail.com>
 2023-12-04 08:41:50 +01:00
Ricardo Martin
61151af9d6 Add active RSA key to decryption if deprecated mode (#25205) (#25228) 
Closes https://github.com/keycloak/keycloak/issues/24652

Signed-off-by: rmartinc <rmartinc@redhat.com>
 2023-12-04 08:16:54 +01:00
Jon Koops
8a7f0248f9 If application has no URL, render text only (#25138) (#25198) 
Fixes #25124

Signed-off-by: Stan Silvert <ssilvert@redhat.com>
Co-authored-by: Stan Silvert <ssilvert@redhat.com>
 2023-12-01 11:07:18 +00:00
Stian Thorgersen
f156b944da Add summary to label run (#25192) (#25194) 
Signed-off-by: stianst <stianst@gmail.com>
 2023-12-01 08:11:56 +01:00
Michal Hajas
5b9cafe29e Add documentation for lb-check 
Closes #25077

Signed-off-by: Michal Hajas <mhajas@redhat.com>
Signed-off-by: Alexander Schwartz <aschwart@redhat.com>
Co-authored-by: Alexander Schwartz <aschwart@redhat.com>

(cherry picked from commit cafc238ff2)
 2023-11-30 21:15:26 +01:00
Michal Hajas
19a06eab21 Publish information about Infinispan availability in lb-check if MULTI_SITE is enabled 
Closes #25077

Signed-off-by: Michal Hajas <mhajas@redhat.com>
Signed-off-by: Alexander Schwartz <aschwart@redhat.com>
Co-authored-by: Pedro Ruivo <pruivo@redhat.com>
Co-authored-by: Alexander Schwartz <aschwart@redhat.com>
(cherry picked from commit 2b2207af93)
 2023-11-30 21:15:26 +01:00
Steven Hawkins
aba49b7f8a fix: corrects the db property handling and null mapped values (#25088) (#25159) 
closes #25010

Signed-off-by: Steve Hawkins <shawkins@redhat.com>
 2023-11-30 19:09:14 +01:00