mirror/keycloak
1
0
Fork 0
mirror of https://github.com/keycloak/keycloak.git synced 2026-05-18 06:30:33 -05:00
Code Issues Packages Projects Releases Wiki Activity
28,856 Commits 34 Branches 304 Tags
7629b7dc536ba94de982773aa1d5d5a162fb956b
Commit Graph

875 Commits

Author SHA1 Message Date
Pedro Igor 3bf46e5421 "linked-accounts" endpoint displays all Identity providers 
Closes #19732

Signed-off-by: Réda Housni Alaoui <reda-alaoui@hey.com>
Co-authored-by: Réda Housni Alaoui <reda-alaoui@hey.com>
 2025-08-14 15:21:03 +02:00
Peter Skopek 651d651c30 Add missing artifact descriptions to allow Maven Central Portal Publisher pass validation process. (#40822) 
Signed-off-by: Peter Skopek <pskopek@redhat.com>
 2025-08-12 16:50:17 +02:00
vramik a8225655cf Initial commit for the RLM feature 
Closes #40340
Closes #40341

Co-authored-by: Stefan Guilhen <sguilhen@redhat.com>
Co-authored-by: Pedro Igor <pigor.craveiro@gmail.com>

Signed-off-by: vramik <vramik@redhat.com>
 2025-08-11 17:34:41 -03:00
huyenvu2101 5436f9781c Allow setting default value for userprofile attribute 
Closes #36160

Signed-off-by: huyenvu2101 <vhuyen2101@gmail.com>
 2025-08-06 13:59:54 -03:00
Steven Hawkins 11924e6473 enhance: adding the ability to get the root config from a Scope 
closes: #36268

Signed-off-by: Steve Hawkins <shawkins@redhat.com>
 2025-08-05 18:51:33 +02:00
Pascal Knüppel f39a37d8d1 [OID4VCI] Move realm attributes to clientScope and protocol-mappers (#39768) 
fixes #39527


Signed-off-by: Pascal Knüppel <pascal.knueppel@governikus.de>
Signed-off-by: Captain-P-Goldfish <captain.p.goldfish@gmx.de>
 2025-07-10 14:46:36 +02:00
Martin Kanis 5a42390341 Make UPDATE_EMAIL a supported feature 
Closes #40227

Signed-off-by: Martin Kanis <mkanis@redhat.com>
 2025-07-09 10:15:48 -03:00
Pedro Igor 304bcdce88 Do not show update email link if the email attribute is not writable 
Closes #39669

Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>
 2025-06-28 10:19:41 +02:00
Pavuluri Sai Krishna 76ab8bd21d Implemented validation to ensure each OTP device has a unique label 
Closes #38465

Signed-off-by: Saikrishna <saikrishnap@optimeyes.ai>
Signed-off-by: Alexander Schwartz <aschwart@redhat.com>
Co-authored-by: Saikrishna <saikrishnap@optimeyes.ai>
Co-authored-by: Alexander Schwartz <aschwart@redhat.com>
 2025-06-12 12:08:05 +02:00
Alexander Schwartz 4af3d7cc9d Redirect requests from outdated theme version to the current theme version 
Closes #39723

Signed-off-by: Alexander Schwartz <aschwart@redhat.com>
 2025-06-11 11:13:55 +02:00
Rutger Lubbers c9a7a20764 Throw a ProviderConfigPropertyNameNotUniqueException in case of a duplicate ProviderConfigProperty 
Closes #40233

Signed-off-by: Rutger Lubbers <RutgerLubbers@gmail.com>
 2025-06-05 19:47:44 +02:00
Ricardo Martin 41110823c7 Integrate current auth-username-password-form authenticator with passkeys isConditionalMediationAvailable (#38781) 
Closes #29596

Signed-off-by: rmartinc <rmartinc@redhat.com>
 2025-06-05 08:53:00 +02:00
Anchels 4fc065aadc Removed unnecessary boxing/unboxing 
Closes #39987

Signed-off-by: Anchels <mishtitov@gmail.com>
 2025-05-30 13:10:39 +02:00
Giuseppe Graziano 8833c0aa5d Ignore Accept-Language header for reset email from admin api 
Closes #36986

Signed-off-by: Giuseppe Graziano <g.graziano94@gmail.com>
 2025-05-27 10:14:22 +02:00
Pedro Igor 8f9d02c305 Avoid resolving a client scope if it was requested using the dynamic scope format (#39752) 
Closes #39402

Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>
 2025-05-26 16:26:04 +02:00
Erik Jan de Wit cbd0d18f6a add description to groups 
fixes #39172

Signed-off-by: Erik Jan de Wit <erikjan.dewit@gmail.com>
Signed-off-by: Alexander Schwartz <aschwart@redhat.com>
Co-authored-by: Alexander Schwartz <aschwart@redhat.com>
 2025-05-14 06:41:01 -04:00
Pedro Igor 34ad280665 Build user representations when searching based on the user profile settings 
Closes #39595

Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>
 2025-05-14 10:42:25 +02:00
rmartinc 11b032f9cd Return user session started time when client note is missing for offline 
Closes #39021

Signed-off-by: rmartinc <rmartinc@redhat.com>
 2025-05-06 12:43:18 +02:00
Steven Hawkins 24910d9e1c addresses slow import/export performance by limiting persistence context size (#37926) 
* fix: addresses slow import/export performance with more batching

closes: #37991

Signed-off-by: Steve Hawkins <shawkins@redhat.com>

* removing flush/detach manipulation

Signed-off-by: Steve Hawkins <shawkins@redhat.com>

* refining the doc note about using multiple files for larger user counts

Signed-off-by: Steve Hawkins <shawkins@redhat.com>

* adding doc note about useExistingSession method removal

and expanding javadocs

Signed-off-by: Steve Hawkins <shawkins@redhat.com>

---------

Signed-off-by: Steve Hawkins <shawkins@redhat.com>
 2025-04-29 18:57:45 -04:00
Steven Hawkins 08b5183784 fix: relaxes the admin root redirect check (#39095) 
* fix: relaxes the admin root redirect check

also deprecates the usage of local_admin

closes: #39085

Signed-off-by: Steve Hawkins <shawkins@redhat.com>

* moving deprecation to 26.3

also changing the adminroot test to seem like it's coming from a proxy

Signed-off-by: Steve Hawkins <shawkins@redhat.com>

---------

Signed-off-by: Steve Hawkins <shawkins@redhat.com>
 2025-04-29 11:09:51 -04:00
rmartinc 887c2c2410 Improve metadata for Recovery Codes 
Closes #39243

Signed-off-by: rmartinc <rmartinc@redhat.com>
 2025-04-29 10:23:59 +02:00
mposolda 4e95bde179 Avoid using password policy for configuration of recovery codes warning threshold 
closes #39214

Signed-off-by: mposolda <mposolda@gmail.com>
 2025-04-28 10:06:01 +02:00
Marek Posolda 237d0553ae Polishing recovery codes 
closes #39213

Signed-off-by: mposolda <mposolda@gmail.com>
 2025-04-25 16:01:10 +02:00
Garth 2c06078484 Added ThemeManagerSpi and ported DefaultThemeManagerFactory to use it. 
Closes #38433.

Signed-off-by: Garth <244253+xgp@users.noreply.github.com>

Moved ThemeManagerSpi and ThemeManagerFactory to server-spi-private. Marked internal. Added to org.keycloak.provider.Spi file

Signed-off-by: Garth <244253+xgp@users.noreply.github.com>
 2025-04-25 09:35:10 +02:00
Michal Hajas 4dc4de7c12 Remove CACHE-EMBEDDED-REMOTE-STORE experimental feature 
Closes #34160

Signed-off-by: Michal Hajas <mhajas@redhat.com>
 2025-04-16 12:01:55 +00:00
Peter Tóth c6e1878087 Add organizations count endpoint 
Closes #38262

Signed-off-by: Péter Tóth <tothp@sztaki.hu>
 2025-04-14 19:44:44 +00:00
Stefan Guilhen a4ca92ab4d Validate realm name for uniqueness before creating a new realm in the DB 
Signed-off-by: Stefan Guilhen <sguilhen@redhat.com>

Closes #38426
 2025-04-07 08:49:42 -04:00
Stefan Guilhen c4c3e2eee6 Allow redirection to idp when user email matches any of the org domains 
Signed-off-by: Stefan Guilhen <sguilhen@redhat.com>
Co-authored-by: Martin Panzer <martin.panzer@active-logistics.com>

Closes #33804
 2025-04-04 11:28:04 -03:00
rtufisi 134437a5a7 Create recovery keys in user storage or local (#38446) 
closes #38445

Signed-off-by: rtufisi <rtufisi@phasetwo.io>
 2025-04-03 10:09:48 +02:00
Steven Hawkins 06e0885f46 fix: adds back reporting of non-ip client addresses (#37797) 
closes: #36843

Signed-off-by: Steve Hawkins <shawkins@redhat.com>
# Conflicts:
#	services/src/main/java/org/keycloak/protocol/oidc/tokenexchange/AbstractTokenExchangeProvider.java
#	services/src/main/java/org/keycloak/protocol/oidc/tokenexchange/StandardTokenExchangeProvider.java
 2025-03-27 19:33:20 +00:00
Sebastian Rose 4fb1c41155 Sending Mails via SMTP and XOAUTH2 authentication mechanism 
Closes #17432

Signed-off-by: Sebastian Rose <sebastian.rose@gmail.com>
 2025-03-21 10:12:18 +01:00
Pedro Igor a4000575a4 Initial support for partial evaluation 
Closes #38085

Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>
 2025-03-19 13:30:52 -03:00
Steven Hawkins d9c3511fa5 fix: adding a check if the proxy is trusted prior to using a cert header (#37465) 
closes: #35861

Signed-off-by: Steve Hawkins <shawkins@redhat.com>
Signed-off-by: Steven Hawkins <shawkins@redhat.com>
 2025-03-12 11:21:33 +01:00
Marek Posolda 92c96033f2 Session type incorrectly set in access-token context when token created with scope=offline_access (#37701) 
closes #37694

Signed-off-by: mposolda <mposolda@gmail.com>
 2025-02-27 15:53:23 +01:00
Giuseppe Graziano fd3a4a3377 Support client policies for token exchange 
Closes #37122

Signed-off-by: Giuseppe Graziano <g.graziano94@gmail.com>
 2025-02-25 14:25:55 +01:00
Pedro Igor 1cb7a4736c Slow query when checking if a realm has brokers and brokering is enabled 
Closes #37062

Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>
Co-authored-by: Alexander Schwartz <alexander.schwartz@gmx.net>
 2025-02-05 13:49:32 +00:00
Pedro Igor 602df06191 Allows querying credential from user storage providers 
Closes #35020

Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>
 2025-02-05 07:56:05 -03:00
rmartinc 25953f2fbb Add option to sign the IdP metadata for SAML 
Closes #34132

Signed-off-by: rmartinc <rmartinc@redhat.com>
 2025-01-15 11:50:26 +01:00
Michal Hajas 3839f8e3b5 Add metric for password validations (#36049) 
Closes #36048
Signed-off-by: Michal Hajas <mhajas@redhat.com>
Signed-off-by: Alexander Schwartz <aschwart@redhat.com>
Co-authored-by: Alexander Schwartz <aschwart@redhat.com>
 2025-01-07 10:05:47 +01:00
rmartinc e7e6185175 Fix expires_in in internal to external token exchange 
Closes #35704

Signed-off-by: rmartinc <rmartinc@redhat.com>
 2024-12-18 09:08:19 +01:00
Thomas Darimont 368c1f5a76 Add ProviderConfigProperty types for numeric values 
Fixes #29511

Signed-off-by: Thomas Darimont <thomas.darimont@googlemail.com>
 2024-12-16 14:53:06 +01:00
vramik 044807f162 [FGAP] Create new internal client which would hold the authorization objects for feature V2 
Closes #34565

Signed-off-by: vramik <vramik@redhat.com>
 2024-12-05 11:56:13 -03:00
Stefan Guilhen 9861acc2aa UserSessionProvider.removeUserSessions now removes all user sessions (both regular and offline) 
Closes #31359

Signed-off-by: Stefan Guilhen <sguilhen@redhat.com>
 2024-11-29 12:35:15 -03:00
Pedro Igor 45f9bcd673 Resolve scopes from bearer tokens when processing requests to the Account API 
Closes #35357

Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>
 2024-11-27 14:17:53 -03:00
Pedro Igor 5d6b9c1460 Resolve scopes from authenticated client sessions when selecting attributes 
Closes #35192

Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>
 2024-11-22 12:32:24 +01:00
vramik 440e81c8b9 Add a realm-level setting to enable FGAP to a realm 
Closes #34920

Signed-off-by: vramik <vramik@redhat.com>
 2024-11-19 09:59:34 -03:00
Giuseppe Graziano 05adf19848 Authentication session with changelog transaction 
Closes #23881
Closes #32658

Signed-off-by: Giuseppe Graziano <g.graziano94@gmail.com>
 2024-11-15 14:10:15 +01:00
Giuseppe Graziano 84f60bc121 Ignore Accept-Language header for email themes 
Closes #10233

Signed-off-by: Giuseppe Graziano <g.graziano94@gmail.com>
 2024-11-15 10:29:11 +01:00
Pedro Igor d04f7900f5 added membershipType to members list and membership type filter 
Signed-off-by: Agnieszka Gancarczyk <agagancarczyk@gmail.com>
 Co-authored-by: Pedro Igor <pigor.craveiro@gmail.com>
 Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>

Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>
 2024-11-12 09:13:18 -03:00
Pedro Igor b70303f293 Adding organization membership provider events 
Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>
 2024-11-07 17:19:43 -03:00