keycloak

mirror of https://github.com/keycloak/keycloak.git synced 2026-05-07 23:50:03 -05:00

Author	SHA1	Message	Date
Awambeng	3cd2141698	Add invalid_nonce error support for OID4VCI (#41977 ) Closes #39292 Signed-off-by: Awambeng Rodrick <awambengrodrick@gmail.com>	2025-09-04 13:15:29 +02:00
forkimenjeckayang	6e767a30b8	Centralize OID4VCI Protocol Constants in Oid4VciConstants and Refactor Usages (#41481 ) Closes #40083 Signed-off-by: forkimenjeckayang <forkimenjeckayang@gmail.com>	2025-09-04 13:12:10 +02:00
dependabot[bot]	691736f3dd	Bump vite from 7.1.3 to 7.1.4 in /js Bumps [vite](https://github.com/vitejs/vite/tree/HEAD/packages/vite) from 7.1.3 to 7.1.4. - [Release notes](https://github.com/vitejs/vite/releases) - [Changelog](https://github.com/vitejs/vite/blob/main/packages/vite/CHANGELOG.md) - [Commits](https://github.com/vitejs/vite/commits/v7.1.4/packages/vite) --- updated-dependencies: - dependency-name: vite dependency-version: 7.1.4 dependency-type: direct:development update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com>	2025-09-04 07:59:09 -03:00
Martin Kanis	fc3914c439	[RLM] Provide a action to notify users by email based on a configurable time Closes #41788 Signed-off-by: Martin Kanis <mkanis@redhat.com>	2025-09-03 16:38:41 -03:00
dependabot[bot]	35e6d7512c	Bump actions/cache from 4.2.3 to 4.2.4 Bumps [actions/cache](https://github.com/actions/cache) from 4.2.3 to 4.2.4. - [Release notes](https://github.com/actions/cache/releases) - [Changelog](https://github.com/actions/cache/blob/main/RELEASES.md) - [Commits](https://github.com/actions/cache/compare/5a3ec84eff668545956fd18022155c47e93e2684...0400d5f644dc74513175e3cd8d07132dd4860809) --- updated-dependencies: - dependency-name: actions/cache dependency-version: 4.2.4 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com>	2025-09-03 16:22:35 -03:00
Alexander Schwartz	4d3589c776	Lock the database before doing migrations Closes #41801 Signed-off-by: Alexander Schwartz <aschwart@redhat.com>	2025-09-03 15:22:04 -03:00
Bagautdino	d225bce21f	feat(FGAPv2): introduce RESET_PASSWORD scope and evaluation - Add RESET_PASSWORD to AdminPermissionsSchema.USERS - Require RESET_PASSWORD in UserResource.resetPassword() - Expose canResetPassword()/requireResetPassword() - Implement FGAP v2 deny-overrides + secure-by-default + optional fallback - Include access.resetPassword for Admin Console Closes #41901 Co-authored-by: Pedro Igor <pigor.craveiro@gmail.com> Signed-off-by: Bagautdino <336373@edu.itmo.ru>	2025-09-03 15:10:56 -03:00
dependabot[bot]	28d3b2dd29	Bump actions/checkout from 4.2.2 to 5.0.0 Bumps [actions/checkout](https://github.com/actions/checkout) from 4.2.2 to 5.0.0. - [Release notes](https://github.com/actions/checkout/releases) - [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md) - [Commits](https://github.com/actions/checkout/compare/11bd71901bbe5b1630ceea73d27597364c9af683...08c6903cd8c0fde910a37f88322edcfb5dd907a8) --- updated-dependencies: - dependency-name: actions/checkout dependency-version: 5.0.0 dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com>	2025-09-03 15:06:15 -03:00
dependabot[bot]	9be42e1681	Bump snyk/actions Bumps [snyk/actions](https://github.com/snyk/actions) from 28606799782bc8e809f4076e9f8293bc4212d05e to e2221410bff24446ba09102212d8bc75a567237d. - [Release notes](https://github.com/snyk/actions/releases) - [Commits](https://github.com/snyk/actions/compare/28606799782bc8e809f4076e9f8293bc4212d05e...e2221410bff24446ba09102212d8bc75a567237d) --- updated-dependencies: - dependency-name: snyk/actions dependency-version: e2221410bff24446ba09102212d8bc75a567237d dependency-type: direct:production ... Signed-off-by: dependabot[bot] <support@github.com>	2025-09-03 15:05:40 -03:00
dependabot[bot]	2237cf3dab	Bump github/codeql-action from 3.29.4 to 3.29.11 Bumps [github/codeql-action](https://github.com/github/codeql-action) from 3.29.4 to 3.29.11. - [Release notes](https://github.com/github/codeql-action/releases) - [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md) - [Commits](https://github.com/github/codeql-action/compare/4e828ff8d448a8a6e532957b1811f387a63867e8...3c3833e0f8c1c83d449a7478aa59c036a9165498) --- updated-dependencies: - dependency-name: github/codeql-action dependency-version: 3.29.11 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com>	2025-09-03 15:05:11 -03:00
dependabot[bot]	42693395e1	Bump actions/download-artifact from 4.3.0 to 5.0.0 Bumps [actions/download-artifact](https://github.com/actions/download-artifact) from 4.3.0 to 5.0.0. - [Release notes](https://github.com/actions/download-artifact/releases) - [Commits](https://github.com/actions/download-artifact/compare/d3f86a106a0bac45b974a628896c90dbdf5c8093...634f93cb2916e3fdff6788551b99b062d0335ce0) --- updated-dependencies: - dependency-name: actions/download-artifact dependency-version: 5.0.0 dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com>	2025-09-03 15:04:02 -03:00
Takashi Norimatsu	ea63cdc97a	Compliant with RFC8414, return server metadata at /.well-known/oauth-authorization-server/realms/{realm} closes #40923 Signed-off-by: Takashi Norimatsu <takashi.norimatsu.ws@hitachi.com>	2025-09-03 19:14:37 +02:00
Ryan Emerson	4fec0a8630	Document that single-cluster deployments expect all Keycloak instances to serve traffic Closes #42305 Signed-off-by: Ryan Emerson <remerson@ibm.com> Signed-off-by: Alexander Schwartz <alexander.schwartz@gmx.net> Co-authored-by: Alexander Schwartz <alexander.schwartz@gmx.net>	2025-09-03 18:30:13 +02:00
Pedro Igor	8f0d528126	Make sure inner transactions are using their own session Closes #41942 Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>	2025-09-03 17:38:19 +02:00
forkimenjeckayang	a74076e8ab	Enforce batch_size ≥ 2 validation for batch_credential_issuance (#42003 ) Closes #41590 Signed-off-by: forkimenjeckayang <forkimenjeckayang@gmail.com>	2025-09-03 17:15:55 +02:00
Awambeng Rodrick	dc6afee14e	Update OID4VCI error handling for draft 16 specification - Replace unsupported_credential_type and unsupported_credential_format with unknown_credential_configuration - Add new unknown_credential_identifier error type as per OID4VCI draft 16 - Update error handling logic to differentiate between credential configuration and identifier errors - Add comprehensive test coverage for new error types Closes #41591 Signed-off-by: Awambeng Rodrick <awambengrodrick@gmail.com> Refactor error handling in OID4VCIssuerEndpoint Signed-off-by: Awambeng Rodrick <awambengrodrick@gmail.com> Resolve comments on PR Signed-off-by: Awambeng Rodrick <awambengrodrick@gmail.com> fix failing test Signed-off-by: Awambeng Rodrick <awambengrodrick@gmail.com>	2025-09-03 16:53:22 +02:00
forkimenjeckayang	fc73537ba7	Rename ldp_vp to di_vp and restructure proofs object for Draft 16 compliance (#41982 ) Closes #41576 Closes #41577 Closes #41581 Signed-off-by: forkimenjeckayang <forkimenjeckayang@gmail.com>	2025-09-03 16:33:43 +02:00
Peter Zaoral	fb35439479	Use an OS-specific key for writing for maven cache (#41735 ) (#41810 ) Closes: #41664 Signed-off-by: Peter Zaoral <pepo48@gmail.com>	2025-09-03 14:52:30 +02:00
dependabot[bot]	c7b787ef1a	Bump aquasecurity/trivy-action from 0.32.0 to 0.33.0 Bumps [aquasecurity/trivy-action](https://github.com/aquasecurity/trivy-action) from 0.32.0 to 0.33.0. - [Release notes](https://github.com/aquasecurity/trivy-action/releases) - [Commits](https://github.com/aquasecurity/trivy-action/compare/dc5a429b52fcf669ce959baa2c2dd26090d2a6c4...f9424c10c36e288d5fa79bd3dfd1aeb2d6eae808) --- updated-dependencies: - dependency-name: aquasecurity/trivy-action dependency-version: 0.33.0 dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com>	2025-09-03 08:54:09 -03:00
Stan Silvert	b460b76ff7	Flaky realm role test * Use test id to click button instead of text locator. Fixes #42235 Signed-off-by: Stan Silvert <ssilvert@redhat.com>	2025-09-03 08:00:42 +02:00
Alexander Schwartz	665f4140da	Adding missing docs for 26.4 release notes Closes #42252 Signed-off-by: Alexander Schwartz <alexander.schwartz@gmx.net> Signed-off-by: Alexander Schwartz <aschwart@redhat.com> Co-authored-by: Vinod Anandan <vinod@owasp.org>	2025-09-02 17:47:12 -03:00
Pedro Igor	028b72876f	Removing fallback when there is no session Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>	2025-09-02 17:45:59 -03:00
Pedro Igor	4d018406e9	Removing unused imports Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>	2025-09-02 17:45:59 -03:00
Pedro Igor	76e02388ff	Moving resetOnevent to base class Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>	2025-09-02 17:45:59 -03:00
Pedro Igor	a4f115b4cc	Moving deactivation events to base class Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>	2025-09-02 17:45:59 -03:00
Pedro Igor	b65356f3c8	Refactoring how policies are activated based on user-defined events and conditions Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>	2025-09-02 17:45:59 -03:00
Pedro Igor	cee9b6803b	Refactoring built-in policies to use conditions Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>	2025-09-02 17:45:59 -03:00
Pedro Igor	03cbc11e7e	Initial refactoring to make federated identities a condition Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>	2025-09-02 17:45:59 -03:00
Pedro Igor	17a053b2af	Add support for generic event-based policies and conditions Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>	2025-09-02 17:45:59 -03:00
Jon Koops	7990fa0300	Disable test retries for admin console (#42289 ) Closes #42288 Signed-off-by: Jon Koops <jonkoops@gmail.com>	2025-09-02 15:49:33 -04:00
vramik	4aa604ad04	Updated the screenshot to correctly show "Apply to Resource Type" enabled, which is required for typed resource permissions. Closes #42159 Signed-off-by: vramik <vramik@redhat.com>	2025-09-02 12:27:36 -03:00
Alexander Schwartz	e46c879cde	Retry duplicate exceptions to handle concurrent client sessions Closes #42278 Signed-off-by: Alexander Schwartz <aschwart@redhat.com>	2025-09-02 10:43:03 -03:00
hustrust	4441ee4444	chore: fix some typos in comment (#42279 ) Signed-off-by: hustrust <hustrust@outlook.com>	2025-09-02 13:20:17 +00:00
stianst	57242d2497	Experimental federated client authentication Closes #42228 Signed-off-by: stianst <stianst@gmail.com>	2025-09-02 10:02:51 -03:00
mposolda	624d236ced	DPoP verification support for admin/account REST API endpoints. Java admin-client DPoP support closes #33942 Signed-off-by: mposolda <mposolda@gmail.com>	2025-09-02 14:29:30 +02:00
trataka	9afe5fb8a9	Add wasm support for themes (#38898 ) Closes #38897 Signed-off-by: trataka <jonathan@trataka.net>	2025-09-02 14:22:09 +02:00
Alexander Schwartz	e13eb0df90	Show length validations in the admin UI Closes #42178 Signed-off-by: Alexander Schwartz <aschwart@redhat.com> Signed-off-by: Alexander Schwartz <alexander.schwartz@gmx.net> Co-authored-by: Jon Koops <jonkoops@gmail.com>	2025-09-02 13:30:40 +02:00
Giuseppe Graziano	0afdd00624	DPoP algorithms dynamically resolved Closes #42030 Signed-off-by: Giuseppe Graziano <g.graziano94@gmail.com>	2025-09-02 11:26:00 +02:00
Weblate (bot)	9c5fa58edf	Translations update from Hosted Weblate (#42076 ) * Updated translation for Portuguese (Brazil) Language: pt_BR Co-authored-by: Felipe Zorzo <felipe.b.zorzo@gmail.com> Co-authored-by: Hosted Weblate <hosted@weblate.org> Signed-off-by: Felipe Zorzo <felipe.b.zorzo@gmail.com> Signed-off-by: Hosted Weblate <hosted@weblate.org> * Updated translation for German Language: de Co-authored-by: Hosted Weblate <hosted@weblate.org> Co-authored-by: Robin <39960884+robson90@users.noreply.github.com> Signed-off-by: Hosted Weblate <hosted@weblate.org> Signed-off-by: Robin <39960884+robson90@users.noreply.github.com> * Updated translation for Japanese Language: ja Updated translation for Japanese Language: ja Translated using Weblate (Japanese) Translation: Keycloak/Theme base/admin Translate-URL: https://hosted.weblate.org/projects/keycloak/theme-baseadmin/ja/ Updated translation for Japanese Language: ja Updated translation for Japanese Language: ja Co-authored-by: Hosted Weblate <hosted@weblate.org> Co-authored-by: Kohei Tamura <ktamura.biz.80@gmail.com> Signed-off-by: Hosted Weblate <hosted@weblate.org> Signed-off-by: Kohei Tamura <ktamura.biz.80@gmail.com> * Translated using Weblate (Catalan) Translation: Keycloak/Theme base/admin Translate-URL: https://hosted.weblate.org/projects/keycloak/theme-baseadmin/ca/ Updated translation for Catalan Language: ca Updated translation for Catalan Language: ca Translated using Weblate (Catalan) Translation: Keycloak/Theme base/admin Translate-URL: https://hosted.weblate.org/projects/keycloak/theme-baseadmin/ca/ Updated translation for Catalan Language: ca Updated translation for Catalan Language: ca Co-authored-by: Alexander Schwartz <alexander.schwartz@gmx.net> Co-authored-by: Ecron <ecron_89@hotmail.com> Co-authored-by: Hosted Weblate <hosted@weblate.org> Signed-off-by: Alexander Schwartz <alexander.schwartz@gmx.net> Signed-off-by: Ecron <ecron_89@hotmail.com> Signed-off-by: Hosted Weblate <hosted@weblate.org> * Updated translation for Dutch Language: nl Co-authored-by: Erik Jan de Wit <edewit@redhat.com> Co-authored-by: Hosted Weblate <hosted@weblate.org> Signed-off-by: Erik Jan de Wit <edewit@redhat.com> Signed-off-by: Hosted Weblate <hosted@weblate.org> * Updated translation for French Language: fr Updated translation for French Language: fr Updated translation for French Language: fr Updated translation for French Language: fr Updated translation for French Language: fr Updated translation for French Language: fr Updated translation for French Language: fr Updated translation for French Language: fr Updated translation for French Language: fr Updated translation for French Language: fr Translated using Weblate (French) Translation: Keycloak/Theme base/admin Translate-URL: https://hosted.weblate.org/projects/keycloak/theme-baseadmin/fr/ Updated translation for French Language: fr Updated translation for French Language: fr Translated using Weblate (French) Translation: Keycloak/Theme base/admin Translate-URL: https://hosted.weblate.org/projects/keycloak/theme-baseadmin/fr/ Updated translation for French Language: fr Updated translation for French Language: fr Updated translation for French Language: fr Co-authored-by: Alexander Schwartz <alexander.schwartz@gmx.net> Co-authored-by: Hosted Weblate <hosted@weblate.org> Co-authored-by: Sylvain Pichon <service@spichon.fr> Signed-off-by: Alexander Schwartz <alexander.schwartz@gmx.net> Signed-off-by: Hosted Weblate <hosted@weblate.org> Signed-off-by: Sylvain Pichon <service@spichon.fr> * Updated translation for Georgian Language: ka Updated translation for Georgian Language: ka Updated translation for Georgian Language: ka Updated translation for Georgian Language: ka Co-authored-by: Hosted Weblate <hosted@weblate.org> Co-authored-by: Temuri Doghonadze <temuri.doghonadze@gmail.com> Signed-off-by: Hosted Weblate <hosted@weblate.org> Signed-off-by: Temuri Doghonadze <temuri.doghonadze@gmail.com> * Updated translation for Chinese (Traditional Han script) Language: zh_Hant Translated using Weblate (Chinese (Traditional Han script)) Translation: Keycloak/Theme base/admin Translate-URL: https://hosted.weblate.org/projects/keycloak/theme-baseadmin/zh_Hant/ Updated translation for Chinese (Traditional Han script) Language: zh_Hant Updated translation for Chinese (Traditional Han script) Language: zh_Hant Co-authored-by: Hosted Weblate <hosted@weblate.org> Co-authored-by: 秉虎 <s96016641@gmail.com> Signed-off-by: Hosted Weblate <hosted@weblate.org> Signed-off-by: 秉虎 <s96016641@gmail.com> --------- Signed-off-by: Felipe Zorzo <felipe.b.zorzo@gmail.com> Signed-off-by: Hosted Weblate <hosted@weblate.org> Signed-off-by: Robin <39960884+robson90@users.noreply.github.com> Signed-off-by: Kohei Tamura <ktamura.biz.80@gmail.com> Signed-off-by: Alexander Schwartz <alexander.schwartz@gmx.net> Signed-off-by: Ecron <ecron_89@hotmail.com> Signed-off-by: Erik Jan de Wit <edewit@redhat.com> Signed-off-by: Sylvain Pichon <service@spichon.fr> Signed-off-by: Temuri Doghonadze <temuri.doghonadze@gmail.com> Signed-off-by: 秉虎 <s96016641@gmail.com> Co-authored-by: Felipe Zorzo <felipe.b.zorzo@gmail.com> Co-authored-by: Robin <39960884+robson90@users.noreply.github.com> Co-authored-by: Kohei Tamura <ktamura.biz.80@gmail.com> Co-authored-by: Alexander Schwartz <alexander.schwartz@gmx.net> Co-authored-by: Ecron <ecron_89@hotmail.com> Co-authored-by: Erik Jan de Wit <edewit@redhat.com> Co-authored-by: Sylvain Pichon <service@spichon.fr> Co-authored-by: Temuri Doghonadze <temuri.doghonadze@gmail.com> Co-authored-by: 秉虎 <s96016641@gmail.com>	2025-09-01 20:44:47 +02:00
Stefan Guilhen	d855e0f06c	Add support for recurring policies Closes #42120 Signed-off-by: Stefan Guilhen <sguilhen@redhat.com>	2025-09-01 12:28:46 -03:00
Pedro Ruivo	935caa97ea	Disable peristent user session batching Closes #41662 Signed-off-by: Pedro Ruivo <1492066+pruivo@users.noreply.github.com> Signed-off-by: Alexander Schwartz <aschwart@redhat.com> Co-authored-by: Pedro Ruivo <1492066+pruivo@users.noreply.github.com> Co-authored-by: Alexander Schwartz <aschwart@redhat.com>	2025-09-01 14:33:21 +00:00
Stefan Guilhen	af96183788	Allow resource policies to be deactivated for a resource based on events - Listen for federated identity add/remove events to activate and deactivate policies based on IDP association Closes #42107 Closes #42108 Signed-off-by: Stefan Guilhen <sguilhen@redhat.com>	2025-09-01 11:02:00 -03:00
Stefan Guilhen	05fa5cb552	Add enabled config option to resource policies Closes #42104 Signed-off-by: Stefan Guilhen <sguilhen@redhat.com>	2025-09-01 10:28:01 -03:00
Tobias Genannt	ca93863d60	fix: Update to new dash standard Closes #42270 Signed-off-by: Tobias Genannt <tobias.genannt@gmail.com>	2025-09-01 12:49:02 +00:00
am97	23b9a1fa21	Add some missing 409 REST response codes Closes #42269 Signed-off-by: Andrés Maldonado <maldonado@codelutin.com>	2025-09-01 12:48:47 +00:00
Pedro Ruivo	f4ec4cff1a	Configure topology information in Infinispan Closes #41933 Signed-off-by: Pedro Ruivo <1492066+pruivo@users.noreply.github.com> Co-authored-by: Pedro Ruivo <1492066+pruivo@users.noreply.github.com>	2025-09-01 14:40:39 +02:00
Christian Ja	8566d8e74b	Add message header to e-mail validition confirmation screen fixes #41701 Signed-off-by: Christian Janker <christian.janker@gmx.at>	2025-09-01 14:39:25 +02:00
Václav Muzikář	804b2df10d	Upgrade to Quarkus 3.26.1 Closes #42243 Signed-off-by: Václav Muzikář <vmuzikar@redhat.com>	2025-09-01 14:05:08 +02:00
am97	0c91d106a2	Add build documentation for REST API and Javadoc Closes #42176 Signed-off-by: Andrés Maldonado <maldonado@codelutin.com> Signed-off-by: Alexander Schwartz <alexander.schwartz@gmx.net> Co-authored-by: Alexander Schwartz <alexander.schwartz@gmx.net>	2025-09-01 11:37:26 +00:00
dependabot[bot]	6f87b080b0	Bump rollup from 4.49.0 to 4.50.0 in /js (#42261 ) Bumps [rollup](https://github.com/rollup/rollup) from 4.49.0 to 4.50.0. - [Release notes](https://github.com/rollup/rollup/releases) - [Changelog](https://github.com/rollup/rollup/blob/master/CHANGELOG.md) - [Commits](https://github.com/rollup/rollup/compare/v4.49.0...v4.50.0) --- updated-dependencies: - dependency-name: rollup dependency-version: 4.50.0 dependency-type: direct:development update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	2025-09-01 13:00:26 +02:00

1 2 3 4 5 ...

29020 Commits