mirror/keycloak
1
0
Fork 0
mirror of https://github.com/keycloak/keycloak.git synced 2025-12-30 11:29:57 -06:00
Code Issues Packages Projects Releases Wiki Activity
29,547 Commits 20 Branches 287 Tags
36011008e8b59fcb33630f1e88b44cccaae4d2ab
Commit Graph

1449 Commits

Author SHA1 Message Date
Stian Thorgersen
36011008e8 Remove PostgreSQL 13.x support (#44103) 
Closes #42905

Signed-off-by: stianst <stianst@gmail.com>
 2025-11-11 09:35:27 +01:00
Martin Kanis
39e1e40be4 Document missing artifact dependency for UserStoragePrivateUtil 
Closes #43212

Signed-off-by: Martin Kanis <mkanis@redhat.com>
 2025-11-10 10:41:12 -03:00
Martin Bartoš
1f9694358f Ability to enable/disable feature via single property (#43542) 
* Ability to enable/disable feature via single property

Closes #43541

Signed-off-by: Martin Bartoš <mabartos@redhat.com>

* Provide support for specifying profile preview

Signed-off-by: Martin Bartoš <mabartos@redhat.com>

* Remove duplication check, use the new WildcardOptionUtil

Signed-off-by: Martin Bartoš <mabartos@redhat.com>

* Create quarkus specific single profile config resolver

Signed-off-by: Martin Bartoš <mabartos@redhat.com>

* Remove the feature profile capability for single feature option

Signed-off-by: Martin Bartoš <mabartos@redhat.com>

---------

Signed-off-by: Martin Bartoš <mabartos@redhat.com>
 2025-11-07 13:35:39 +01:00
Steven Hawkins
4a63fcffaf fix: considering source ordinality with spi options (#43805) 
closes: #43793

Signed-off-by: Steve Hawkins <shawkins@redhat.com>
 2025-11-06 18:01:18 +01:00
Stian Thorgersen
b278dbbb3d Allow identity provider configuration without defaults for user authentication (#43963) 
Closes #43552

Signed-off-by: stianst <stianst@gmail.com>
 2025-11-05 10:13:40 -03:00
KONSTANTINOS GEORGILAKIS
1c0d4616a5 hide scopes from scopes_supported in discovery endpoint 
Closes #10388

Signed-off-by: cgeorgilakis-grnet <cgeorgilakis@admin.grnet.gr>
Signed-off-by: Alexander Schwartz <alexander.schwartz@ibm.com>
Co-authored-by: Alexander Schwartz <alexander.schwartz@ibm.com>
 2025-11-03 16:26:12 +00:00
Robin Meese
27a47b2537 Add Czech translators (#43910) 
Closes: #43909

Signed-off-by: Robin Meese <39960884+robson90@users.noreply.github.com>
 2025-11-03 15:52:59 +01:00
Steven Hawkins
f7735b573c fix: removing the fast start optimization (#43686) 
* fix: removing the fast start optimization

closes: #38790 #42960

Signed-off-by: Steve Hawkins <shawkins@redhat.com>

* updating the docs based upon a review comment

Signed-off-by: Steve Hawkins <shawkins@redhat.com>

---------

Signed-off-by: Steve Hawkins <shawkins@redhat.com>
 2025-11-03 12:37:13 +01:00
Alexander Schwartz
52ba359cc3 Make client and IDP required when using federated client authentication (#43890) 
Closes #43889

Signed-off-by: Alexander Schwartz <alexander.schwartz@gmx.net>
 2025-11-03 07:21:55 +01:00
蔡秀吉
e84a1d6363 Fix typos and formatting in OIDC auth flows documentation 
Closes #43818

Signed-off-by: thc1006 <84045975+thc1006@users.noreply.github.com>
 2025-11-01 19:14:41 +00:00
Tobi
479859a7a3 Add new indices on offline_client_session 
Closes #43566

Signed-off-by: twobiers <22715034+twobiers@users.noreply.github.com>
Signed-off-by: Alexander Schwartz <alexander.schwartz@ibm.com>
Co-authored-by: Alexander Schwartz <alexander.schwartz@ibm.com>
 2025-10-31 17:49:47 +01:00
Martin Bartoš
8502cc3ae1 Including OTLP headers for tracing (#43122) 
* Including OTLP headers for tracing

Closes #41007

Signed-off-by: Martin Bartoš <mabartos@redhat.com>

* Polishing, add test for the util class, address review

Signed-off-by: Martin Bartoš <mabartos@redhat.com>

* Remove the WildcardOptionsUtil#isKcWildcardOption

Signed-off-by: Martin Bartoš <mabartos@redhat.com>

---------

Signed-off-by: Martin Bartoš <mabartos@redhat.com>
 2025-10-31 15:46:05 +01:00
Pedro Ruivo
e40c5de050 Session cache affinity 
Closes #42776

Signed-off-by: Pedro Ruivo <1492066+pruivo@users.noreply.github.com>
Signed-off-by: Alexander Schwartz <alexander.schwartz@gmx.net>
Signed-off-by: Alexander Schwartz <alexander.schwartz@ibm.com>
Co-authored-by: Pedro Ruivo <1492066+pruivo@users.noreply.github.com>
Co-authored-by: Alexander Schwartz <alexander.schwartz@gmx.net>
Co-authored-by: Steven Hawkins <shawkins@redhat.com>
Co-authored-by: Alexander Schwartz <alexander.schwartz@ibm.com>
 2025-10-30 21:01:09 +00:00
Alexander Schwartz
0f01444543 Allow only normalized paths in requests (#43765) 
Closes #43763

Signed-off-by: Martin Bartoš <mabartos@redhat.com>
Signed-off-by: Alexander Schwartz <alexander.schwartz@ibm.com>
Co-authored-by: Martin Bartoš <mabartos@redhat.com>
 2025-10-30 14:37:50 +01:00
Pedro Ruivo
6317c02a27 Refactor AuthenticationSessionManager 
Closes #43825

Signed-off-by: Pedro Ruivo <1492066+pruivo@users.noreply.github.com>
Signed-off-by: Alexander Schwartz <alexander.schwartz@ibm.com>
Co-authored-by: Pedro Ruivo <1492066+pruivo@users.noreply.github.com>
Co-authored-by: Alexander Schwartz <alexander.schwartz@ibm.com>
 2025-10-30 12:26:07 +01:00
Stian Thorgersen
be6a3814fb Add CORS support to OIDC dynamic client registration endpoints (#43625) 
Closes #8863

Signed-off-by: stianst <stianst@gmail.com>
 2025-10-30 12:12:08 +01:00
Peter Zaoral
f65adbf628 win-fix: correct hostname normalization condition for loopback addresses (#43634) 
Closes: #42794

Signed-off-by: Peter Zaoral <pzaoral@redhat.com>
Co-authored-by: Steven Hawkins <shawkins@redhat.com>
 2025-10-30 08:49:45 +01:00
Steven Hawkins
ccc7568879 fix: updating build docs (#43607) 
* fix: updating build docs

closes: #43606

Signed-off-by: Steve Hawkins <shawkins@redhat.com>

* Update docs/building.md

Co-authored-by: Martin Bartoš <mabartos@redhat.com>
Signed-off-by: Steven Hawkins <shawkins@redhat.com>

---------

Signed-off-by: Steve Hawkins <shawkins@redhat.com>
Signed-off-by: Steven Hawkins <shawkins@redhat.com>
Co-authored-by: Martin Bartoš <mabartos@redhat.com>
 2025-10-29 12:05:49 -04:00
Marek Posolda
2fc5419676 Avoid using UserCredentialManager from user storage extensions (#43695) 
closes #43694

Signed-off-by: mposolda <mposolda@gmail.com>
 2025-10-29 16:26:59 +01:00
Ryan Emerson
3ba8a68f2c Document debug log settings required to show applied Infinispan configuration 
Closes #43655

Signed-off-by: Ryan Emerson <remerson@ibm.com>
 2025-10-29 12:36:53 +01:00
Marek Posolda
5693899246 Picture of the token-exchange flow in the documentation 
closes #39881

Signed-off-by: mposolda <mposolda@gmail.com>
Signed-off-by: Alexander Schwartz <alexander.schwartz@ibm.com>
Co-authored-by: Alexander Schwartz <alexander.schwartz@ibm.com>
 2025-10-29 10:38:37 +00:00
Alexander Schwartz
aadffb94fb Fix typo in LDAP edit mode in the docs 
Closes #43720

Signed-off-by: Alexander Schwartz <alexander.schwartz@ibm.com>
 2025-10-27 08:42:44 -03:00
Pedro Igor
6527b139dc Do not lower-case username and email if users are not imported from LDAP 
Closes #43621

Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>
 2025-10-23 13:02:33 +02:00
Pedro Igor
2b785425fa Allow managing realm admin roles if the the realm-admin role is granted 
Closes #43579
Closes #43578

Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>
Co-authored-by: Vlasta Ramik <vramik@users.noreply.github.com>
 2025-10-23 08:02:05 -03:00
Stian Thorgersen
f6ac64907d SPIFFE should support OIDC JWK endpoint (#43651) 
Closes #43650

Signed-off-by: stianst <stianst@gmail.com>
 2025-10-22 15:19:56 +02:00
Stian Thorgersen
84a161d4dd Extract related methods from IdentityProvider to UserIdentityProvider (#43535) 
Closes #43534

Signed-off-by: stianst <stianst@gmail.com>
 2025-10-21 14:27:07 +00:00
Alexander Schwartz
6080f21c64 Adding this as a breaking change plus deprecation 
Closes #43022

Signed-off-by: Alexander Schwartz <alexander.schwartz@ibm.com>
 2025-10-21 09:58:33 -03:00
Steven Hawkins
4443834d06 fix: refines how defaults are shown 
closes: #43421

Signed-off-by: Steve Hawkins <shawkins@redhat.com>
 2025-10-21 14:35:55 +02:00
Martin Bartoš
419afce847 Fix anchors in the documentation 
Closes #43084

Signed-off-by: Martin Bartoš <mabartos@redhat.com>
Signed-off-by: Alexander Schwartz <alexander.schwartz@ibm.com>
Co-authored-by: Václav Muzikář <vaclav@muzikari.cz>
Co-authored-by: Alexander Schwartz <alexander.schwartz@ibm.com>
 2025-10-21 12:33:32 +00:00
Pedro Igor
c5b560e2d8 Update user profile to allow returning a brief user representation 
Closes #42225

Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>
 2025-10-21 12:52:31 +02:00
Ronaldo Paulino Jiconda
987ce19b45 Fix OIDC IDP broker basic auth encoding 
Ensures that the client_id and client_secret are URL-encoded before being Base64-encoded for the Basic Auth header, following RFC 6749. This fixes authentication failures when the client_id contains special characters.

Closes #26374
Closes #43022

Signed-off-by: rpjicond <ronaldopaulino32@hotmail.com>
Signed-off-by: Alexander Schwartz <alexander.schwartz@ibm.com>
Co-authored-by: rpjicond <ronaldopaulino32@hotmail.com>
Co-authored-by: Alexander Schwartz <alexander.schwartz@ibm.com>
Co-authored-by: cgeorgilakis-grnet <cgeorgilakis@admin.grnet.gr>
 2025-10-20 23:48:24 +02:00
Martin Bartoš
37bea126c7 [PERF] Jackson reflection-free serialization/deserialization (#42946) 
* [PERF] Jackson reflection-free serialization/deserialization

Closes #42945

Signed-off-by: Martin Bartoš <mabartos@redhat.com>

* Update docs/guides/server/configuration-production.adoc

Co-authored-by: Alexander Schwartz <alexander.schwartz@gmx.net>
Signed-off-by: Martin Bartoš <mabartos@redhat.com>

* Docs improvements

Signed-off-by: Martin Bartoš <mabartos@redhat.com>

* Update docs/guides/server/configuration-production.adoc

Co-authored-by: Václav Muzikář <vaclav@muzikari.cz>
Signed-off-by: Martin Bartoš <mabartos@redhat.com>

* Polish the features template macros

Signed-off-by: Martin Bartoš <mabartos@redhat.com>

---------

Signed-off-by: Martin Bartoš <mabartos@redhat.com>
Co-authored-by: Alexander Schwartz <alexander.schwartz@gmx.net>
Co-authored-by: Václav Muzikář <vaclav@muzikari.cz>
 2025-10-17 20:24:47 +02:00
Martin Bartoš
b807a45091 Divide logging guide to sub-guides for every log handler (#43132) 
* Divide logging guide to sub-guides for every log handler

Closes #43125

Signed-off-by: Martin Bartoš <mabartos@redhat.com>

* Ability to set level offset to guides, remove emojis

Signed-off-by: Martin Bartoš <mabartos@redhat.com>

* Add all relevant options to the logging guide

Signed-off-by: Martin Bartoš <mabartos@redhat.com>

* Update docs/guides/server/logging/file.adoc

Co-authored-by: andymunro <48995441+andymunro@users.noreply.github.com>
Signed-off-by: Martin Bartoš <mabartos@redhat.com>

* Update docs/guides/server/logging/syslog.adoc

Co-authored-by: andymunro <48995441+andymunro@users.noreply.github.com>
Signed-off-by: Martin Bartoš <mabartos@redhat.com>

* Update docs/guides/server/logging/syslog.adoc

Co-authored-by: andymunro <48995441+andymunro@users.noreply.github.com>
Signed-off-by: Martin Bartoš <mabartos@redhat.com>

* Update docs/guides/server/logging/syslog.adoc

Co-authored-by: andymunro <48995441+andymunro@users.noreply.github.com>
Signed-off-by: Martin Bartoš <mabartos@redhat.com>

* Update docs/guides/server/logging/syslog.adoc

Co-authored-by: andymunro <48995441+andymunro@users.noreply.github.com>
Signed-off-by: Martin Bartoš <mabartos@redhat.com>

* Update docs/guides/server/logging/console.adoc

Co-authored-by: andymunro <48995441+andymunro@users.noreply.github.com>
Signed-off-by: Martin Bartoš <mabartos@redhat.com>

* Update docs/guides/server/logging/console.adoc

Co-authored-by: andymunro <48995441+andymunro@users.noreply.github.com>
Signed-off-by: Martin Bartoš <mabartos@redhat.com>

* Improve link to other section

Signed-off-by: Martin Bartoš <mabartos@redhat.com>

---------

Signed-off-by: Martin Bartoš <mabartos@redhat.com>
Co-authored-by: andymunro <48995441+andymunro@users.noreply.github.com>
 2025-10-17 16:37:48 +02:00
Peter Zaoral
2300b3fc78 Handle canonical hostname checks for localhost on Windows (#42799) 
Closes: #42794

Signed-off-by: Peter Zaoral <pepo48@gmail.com>
 2025-10-17 13:40:08 +00:00
Steven Hawkins
736d4920d7 fix: noting db support level changes (#43549) 
closes: #43191

Signed-off-by: Steve Hawkins <shawkins@redhat.com>
 2025-10-17 14:01:10 +02:00
Alexander Schwartz
7b8626ead5 Make intra-document links work in downstream 
Closes #43544

Signed-off-by: Alexander Schwartz <alexander.schwartz@ibm.com>
 2025-10-17 10:52:58 +02:00
Martin Kanis
3f70da04f6 Final review and update for UPDATE_EMAIL documentation 
Closes #42991

Signed-off-by: Martin Kanis <mkanis@redhat.com>
 2025-10-16 09:57:23 -03:00
Steven Hawkins
43ee41e8a8 fix: refining activation condition error handling (#43197) 
closes: #43096

Signed-off-by: Steve Hawkins <shawkins@redhat.com>
 2025-10-15 11:44:39 +00:00
Alexander Schwartz
3b8bcd3f8a Use quoted values for boolean and number values in Operator examples 
Closes #43459

Signed-off-by: Alexander Schwartz <alexander.schwartz@ibm.com>
 2025-10-14 18:53:00 +02:00
Giuseppe Graziano
bda0e2a67c Invalidate sessions created with remember me when remember me is disabled for realm 
Closes #43328

Signed-off-by: Giuseppe Graziano <g.graziano94@gmail.com>
 2025-10-14 15:00:41 +00:00
Steven Hawkins
700b86fad8 fix: refining https-protocols documentation (#43420) 
closes: #43164

Signed-off-by: Steve Hawkins <shawkins@redhat.com>
 2025-10-14 08:01:08 -04:00
Steven Hawkins
f66359ce19 fix: updating service account docs 
closes: #17268

Signed-off-by: Steve Hawkins <shawkins@redhat.com>
Signed-off-by: Steven Hawkins <shawkins@redhat.com>
Co-authored-by: Alexander Schwartz <alexander.schwartz@gmx.net>
 2025-10-14 11:02:20 +02:00
rmartinc
248d6d1feb Upgrade xmlsec to 3.0.4 and remove KeycloakFipsSecurityProvider workaround 
Closes #43263

Signed-off-by: rmartinc <rmartinc@redhat.com>
 2025-10-13 15:38:58 +02:00
Robin Meese
ca368706cc Update translation.md docs (#43402) 
Signed-off-by: Robin Meese <39960884+robson90@users.noreply.github.com>
 2025-10-13 13:26:23 +02:00
Alexander Schwartz
934ac48a54 Rework formatting for release notes 
Closes #43320

Signed-off-by: Alexander Schwartz <alexander.schwartz@ibm.com>
 2025-10-10 07:42:53 -03:00
mposolda
c2e49c8c59 'Service accounts roles' should be 'Service account roles' 
closes #43087

Signed-off-by: mposolda <mposolda@gmail.com>
 2025-10-10 11:25:37 +02:00
Pedro Ruivo
48f1978531 Update docs to include PostgreSQL SSL certificate 
Closes #43311

Signed-off-by: Pedro Ruivo <1492066+pruivo@users.noreply.github.com>
Co-authored-by: Pedro Ruivo <1492066+pruivo@users.noreply.github.com>
 2025-10-09 15:02:53 +02:00
Alexander Schwartz
94d428d450 Adding attributes for section links so they work in upstream and downstream 
Closes #43286

Signed-off-by: Alexander Schwartz <alexander.schwartz@ibm.com>
 2025-10-08 11:37:13 -03:00
rmartinc
94a4e062f7 Add a debug statement when the KeycloakFipsSecurityProvider is created 
Closes #43015

Signed-off-by: rmartinc <rmartinc@redhat.com>
 2025-10-07 16:59:22 +02:00
Martin Kanis
a493213ad4 Hide read-only email attribute in update profile context with update … …email enabled (#43024) 
* Hide read-only email attribute in update profile context with update email enabled

Closes #42990

Signed-off-by: Martin Kanis <mkanis@redhat.com>

* Simplifying conditions when checking read/write on email attribute and more tests

Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>

---------

Signed-off-by: Martin Kanis <mkanis@redhat.com>
Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>
Co-authored-by: Pedro Igor <pigor.craveiro@gmail.com>
 2025-10-07 12:52:55 +02:00