mirror/keycloak
1
0
Fork 0
mirror of https://github.com/keycloak/keycloak.git synced 2026-05-14 20:09:01 -05:00
Code Issues Packages Projects Releases Wiki Activity
25,540 Commits 34 Branches 304 Tags
3e134f714c19659fe4e80bbf27a4cea31e2da520
Commit Graph

219 Commits

Author SHA1 Message Date
mposolda 06f6173c8a Add suffix to keycloak-authz-client artifact in keycloak repository 
closes #30926

Signed-off-by: mposolda <mposolda@gmail.com>
 2024-07-17 14:59:09 +02:00
mposolda 5526976d1c Add suffix to keycloak-policy-enforcer artifacts in keycloak repository 
closes #30927

Signed-off-by: mposolda <mposolda@gmail.com>
 2024-07-17 12:03:23 +02:00
Pedro Igor cbf7f208fb Avoid iterating and updating all group policies when removing groups (#31057) 
Closes #31056

Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>
 2024-07-08 13:57:20 +02:00
Romain LABAT 6615691c63 Support for service accounts when fetch roles is enabled (#30687) 
Support for service accounts when fetch roles is enabled

Signed-off-by: Romain LABAT <contact@romainlabat.fr>
Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>
Co-authored-by: Pedro Igor <pigor.craveiro@gmail.com>
 2024-06-25 18:00:26 -03:00
Douglas Palmer 5af3001122 Check if OSGI metadata can be removed entirely 
Closes #29104

Signed-off-by: Douglas Palmer <dpalmer@redhat.com>
 2024-06-25 14:12:33 +02:00
Stefan Guilhen 52c9e440d6 Guard against NPE when fetching users associated with user policies. 
Closes #28915

Signed-off-by: Stefan Guilhen <sguilhen@redhat.com>
 2024-05-10 16:52:25 -03:00
Douglas Palmer 00bd6224fa Remove remaining Fuse adapter bits 
Closes #28787

Signed-off-by: Douglas Palmer <dpalmer@redhat.com>
 2024-05-06 09:02:26 +02:00
Steven Hawkins 9486432f3f fix: removing httpclient override (#28304) 
we need to have a dependency on commons-logging-jboss-logging

closes: #21392

Signed-off-by: Steve Hawkins <shawkins@redhat.com>
 2024-04-23 10:09:06 +02:00
Mark Banierink ad32896725 replaced and removed deprecated token methods (#27715) 
closes #19671 

Signed-off-by: Mark Banierink <mark.banierink@nedap.com>


Co-authored-by: Pedro Igor <pigor.craveiro@gmail.com>
 2024-04-23 09:23:37 +02:00
Pedro Igor 8e48bac278 Ordering the group and role ids in the policy representation 
Closes #28824

Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>
 2024-04-22 20:28:47 +02:00
Pedro Igor 4ec9fea8f7 Adding tests 
Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>
 2024-04-03 08:04:17 -03:00
EnneS 365a3feafa Remove deleted roles from policy on update 
Closes #26915

Signed-off-by: EnneS <nathan.soulier26@gmail.com>
 2024-04-03 08:04:17 -03:00
Clemens Zagler b44252fde9 authz/client: Fix getPermissions returning wrong type 
Due to an issue with runtime type erasure, getPermissions returned a
List<LinkedHashSet> instead of List<Permission>.
Fixed and added test to catch this

Closes #16520

Signed-off-by: Clemens Zagler <c.zagler@noi.bz.it>
 2024-04-02 11:09:43 -03:00
Pedro Igor d12711e858 Allow fetching roles when evaluating role licies 
Closes #20736

Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>
 2024-03-05 15:54:02 +01:00
Clemens Zagler dca50bba3f Authz-client: fix ClassCast Exception when getting resource permissions 
(#27483)

Signed-off-by: Clemens Zagler <c.zagler@noi.bz.it>
 2024-03-04 22:19:36 +09:00
Steven Hawkins 402c7d9b18 Removing version overrides and further aligning with quarkus versions (#26788) 
* elevating wildfly-elytron-http-oidc version management

Signed-off-by: Steve Hawkins <shawkins@redhat.com>

* removing testing dependency overrides

Signed-off-by: Steve Hawkins <shawkins@redhat.com>

* further version aligment with quarkus

Signed-off-by: Steve Hawkins <shawkins@redhat.com>

* adding a resteay-core-spi that can be overriden

Signed-off-by: Steve Hawkins <shawkins@redhat.com>

* removing hamcrest override

Signed-off-by: Steve Hawkins <shawkins@redhat.com>

* aligning with 3.7.1

Signed-off-by: Steve Hawkins <shawkins@redhat.com>

---------

Signed-off-by: Steve Hawkins <shawkins@redhat.com>
 2024-02-07 17:57:23 +01:00
Michal Hajas 00742a62dd Remove RealmModel from authorization services interfaces (#26708) 
Closes #26530
Signed-off-by: Michal Hajas <mhajas@redhat.com>
 2024-02-02 16:51:32 +01:00
remi b22efeec78 Add a toggle to use context attributes on the regex policy provider 
Signed-off-by: remi <remi.tuveri@gmail.com>
 2024-01-10 16:15:25 -03:00
Douglas Palmer 58d167fe59 Deleting a User or User Group might cause that all users suddenly get the permissions of the deleted user. 
Closes #24651
Signed-off-by: Douglas Palmer <dpalmer@redhat.com>
 2024-01-08 19:32:01 -03:00
Alice W cf19c06341 Add logging to the policy providers for general debugging purposes 
Signed-off-by: Alice W <105500542+alice-wondered@users.noreply.github.com>
 2024-01-05 11:56:00 -03:00
Alice 69497382d8 Group scalability upgrades (#22700) 
closes #22372 


Co-authored-by: Erik Jan de Wit <erikjan.dewit@gmail.com>
Co-authored-by: Pedro Igor <pigor.craveiro@gmail.com>
Co-authored-by: Michal Hajas <mhajas@redhat.com>
 2023-10-26 16:50:45 +02:00
Emilien Bondu 95a45f0910 Set headers before calling sendError() method 
Closes #23325
 2023-09-18 13:05:12 -03:00
Peter Zaoral 2b1c29a6f2 Use Quarkus Platform BOM 
Closes #20570
Closes #15870

Co-authored-by: Peter Zaoral <pzaoral@redhat.com>
 2023-07-06 12:45:48 -03:00
Yoshiyuki Tabata bd37875a66 allow specifying format of "permission" parameter in the UMA grant token 
endpoint (#15947)
 2023-05-29 08:56:39 -03:00
mposolda 1f5d3223ae Memory leak with PathCache.cache growing due the map was not synchronized 
closes #19096
 2023-05-24 08:16:58 -03:00
Pedro Igor 2cd82b9861 Exposing the authz client 2023-05-05 10:18:55 -03:00
Pedro Igor 79cd47a280 Built-in support for Jakarta Servlet 2023-04-28 08:26:58 +02:00
Hynek Mlnarik 0ddc71d987 Properly encode id in URL 
Closes: #19816
 2023-04-19 15:10:04 -03:00
Pedro Igor 409e1c3581 Policy Enforcer built-in support for Elytron and Jakarta 
Closes #19540
 2023-04-05 17:03:15 +02:00
Pedro Igor a30b6842a6 Decouple the policy enforcer from adapters and provide a separate library 
Closes keycloak#17353
 2023-03-17 11:40:51 +01:00
Jon Koops 972ebb9650 Use a valid SemVer format for the SNAPSHOT version (#17334) 
* Use a valid SemVer format for the SNAPSHOT version

* Update pom.xml

* Update pom.xml

---------

Co-authored-by: Stian Thorgersen <stianst@gmail.com>
Co-authored-by: Stian Thorgersen <stian@redhat.com>
 2023-03-03 11:11:44 +01:00
Pedro Igor 712656765e Authz client not updated with the way of encoding the basic header 
Closes #15086
 2022-10-24 08:45:30 +02:00
Pedro Igor a0079b516b Allow setting response mode (#14104) 
Closes #14083
 2022-09-09 14:28:47 +02:00
yaokai2 0c654fa53b Add java logging for auth server response. 
Closes #13557
 2022-08-30 10:12:26 -03:00
yaokai2 df1384f2c6 Revert "Print response from http call to keycloak server" 
This reverts commit a4cb23ac92.
 2022-08-30 10:12:26 -03:00
yaokai2 fb57d1972f Print response from http call to keycloak server 
Closes #13557
 2022-08-30 10:12:26 -03:00
Pedro Igor 2cc4b54404 Do not cache policies if they no longer exist (#12797) 
Closes #12657

Co-authored-by: Michal Hajas <mhajas@redhat.com>

Co-authored-by: Michal Hajas <mhajas@redhat.com>
 2022-08-25 13:52:30 +02:00
Pedro Igor eda33a0b21 Concurrency issue when caching JS policies 
Closes #12204
 2022-08-17 16:30:32 -03:00
Pedro Igor 3d2c3fbc6a Support JSON objects when evaluating claims in regex policy 
Closes #11514
 2022-06-23 14:04:09 -03:00
Alexander Schwartz 850af55edc Ensure that only JDK 8 APIs are used where JDK 8 is still required. 
Closes #10842
 2022-06-20 14:44:33 -03:00
Michal Hajas d3b43a9f59 Make sure there is always Realm or ResourceServer when searching for authz entities 
Closes #11817
 2022-05-11 07:20:01 -03:00
Stian Thorgersen e3f3e65ac5 Remove JDK7 support for adapters (#11607) 
Closes #11606
 2022-04-27 08:33:23 +02:00
Pedro Igor 2cb5d8d972 Removing upload scripts feature (#11117) 
Closes #9865

Co-authored-by: Michal Hajas <mhajas@redhat.com>

Co-authored-by: Michal Hajas <mhajas@redhat.com>
 2022-04-20 14:25:16 +02:00
Michal Hajas 99c06d1102 Authorization services refactoring 
Closes: #10447 

* Prepare logical layer to distinguish between ResourceServer id and client.id
* Reorder Authz methods: For entities outside of Authz we use RealmModel as first parameter for each method, to be consistent with this we move ResourceServer to the first place for each method in authz
* Prepare Logical (Models/Adapters) layer for returning other models instead of ids
* Replace resourceServerId with resourceServer model in PermissionTicketStore
* Replace resourceServerId with resourceServer model in PolicyStore
* Replace resourceServerId with resourceServer model in ScopeStore
* Replace resourceServerId with resourceServer model in ResourceStore
* Fix PermissionTicketStore bug
* Fix NPEs in caching layer
* Replace primitive int with Integer for pagination parameters
 2022-03-22 20:49:40 +01:00
keycloak-bot c71aa8b711 Set version to 999-SNAPSHOT (#10784) 2022-03-22 09:22:48 +01:00
Vlasta Ramik aa6a131b73 Change String client.id to ClientModel client in ResourceServerStore 
Closes #10442
 2022-02-24 12:46:26 +01:00
keycloak-bot d9f1a9b207 Set version to 18.0.0-SNAPSHOT (#10165) 2022-02-11 21:28:06 +01:00
keycloak-bot 9f3d4a7d42 Set version to 17.0.0-SNAPSHOT 2021-12-20 10:50:39 +01:00
stianst 9f79476520 KEYCLOAK-19403 Fix issues in IntelliJ 2021-09-28 08:11:39 +02:00
keycloak-bot 262ec3d031 Set version to 16.0.0-SNAPSHOT 2021-07-30 14:56:10 +02:00