mirror/keycloak
1
0
Fork 0
mirror of https://github.com/keycloak/keycloak.git synced 2026-05-07 15:41:29 -05:00
Code Issues Packages Projects Releases Wiki Activity
27,972 Commits 34 Branches 304 Tags
91f3f512992f867e04b159b856ccaab5bd76d24d
Commit Graph

2600 Commits

Author SHA1 Message Date
Stefan Guilhen 91f3f51299 Add valid checksum v8 to the 2.5.0-unicode-oracle changeset 
- allows migration from earlier Keycloak versions where liquibase was using version 8 of the checksum algorithm

Signed-off-by: Stefan Guilhen <sguilhen@redhat.com>

Closes #38937

(cherry picked from commit 8b35fa58de)
 2025-04-15 12:19:38 -03:00
Alexander Schwartz 6a37638a95 Do not terminate persistent sessions worker on exceptions 
Closes #38925

Signed-off-by: Alexander Schwartz <aschwart@redhat.com>
 2025-04-15 13:11:05 +02:00
Stian Thorgersen d105aa24ed Update link to 26.1 proto.lock file (#38866) 
Signed-off-by: stianst <stianst@gmail.com>
 2025-04-11 12:47:43 +02:00
github-actions[bot] 9979376934 Committing **/proto.lock changes 
Signed-off-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
 2025-04-11 10:27:09 +00:00
Pedro Igor e68e43cbc8 Cache resource names associated to policies to improve partial evaluation 
Closes #38837

Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>
 2025-04-10 19:50:26 +02:00
Pedro Igor ae88d7921f Improvements to partial evaluation 
Closes #38732

Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>
 2025-04-09 18:15:28 +02:00
vramik 602258d935 [FGAP] Switch the feature from Experimental to Supported 
Closes #38651

Signed-off-by: vramik <vramik@redhat.com>
 2025-04-08 13:00:47 -03:00
Pedro Igor be880ae204 Do not cache partial results when FGAP is enabled 
Closes #38705

Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>
 2025-04-08 08:22:22 +02:00
Pedro Ruivo e730d8bec5 Fix repeated info logs running an import 
Fixes #37941

Signed-off-by: Pedro Ruivo <pruivo@redhat.com>
 2025-04-07 15:42:57 +02:00
Pedro Igor e5ff19b327 Adding missing fgap filtering to user count methods 
Closes #38510

Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>
 2025-04-04 14:21:57 +02:00
Alexander Schwartz 5583155802 Don't update the client session's timestamp when loading it from the database (#38608) 
Closes #38591

Signed-off-by: Alexander Schwartz <alexander.schwartz@gmx.net>
Signed-off-by: Alexander Schwartz <aschwart@redhat.com>
 2025-04-04 09:44:03 +02:00
Stefan Guilhen 33283de8ed Add schema name for update query on Oracle 
- Fixes issue with changeset 2.5.0-unicode-oracle

Signed-off-by: Stefan Guilhen <sguilhen@redhat.com>

Closes #35833
 2025-04-03 19:44:53 -03:00
Pedro Igor dbb0179a93 Aligning partial evaluation with the outcome from regular evaluations 
Closes #38626

Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>
 2025-04-03 12:07:30 -03:00
skydrinker-tox 94673a6eb0 KeyUtils was warning about invalid key for valid 22 chars short ids 
Closes #37992

Signed-off-by: skydrinker_tox <skydrinker_tox@hotmail.com>
 2025-04-03 17:05:29 +02:00
Steven Hawkins 9ce4539d22 fix: switching default client scopes to lazy loading (#38553) 
closes: #38552

Signed-off-by: Steve Hawkins <shawkins@redhat.com>
 2025-04-03 14:11:59 +02:00
Alexander Schwartz f75a62c948 Clear persistent sessions cache on cluster merge (#38569) 
Closes #38568

Signed-off-by: Alexander Schwartz <aschwart@redhat.com>
Co-authored-by: Pedro Ruivo <pruivo@users.noreply.github.com>
 2025-04-01 13:17:00 +02:00
saravanaarh 6b3e348a23 Added condition to check offlineSessionMaxLifespanEnabled on clearing 
Closes #38063

Signed-off-by: Saravana <saravanakumar.a@kobil.com>
Co-authored-by: Saravana <saravanakumar.a@kobil.com>
 2025-03-27 20:11:13 +00:00
Pedro Ruivo 6aa3f9d5a7 Load all ProtoSchemas from the classpath 
Closes #34971

Signed-off-by: Pedro Ruivo <pruivo@redhat.com>
 2025-03-27 15:41:01 +01:00
Stefan Guilhen e694065aed User UserModel.isFederated() instead of comparing federation link to null 
Signed-off-by: Stefan Guilhen <sguilhen@redhat.com>

Closes #38137
 2025-03-27 08:11:14 -03:00
Robert Hollencamp eb990bcf23 PersistenceExceptionConverter NPE 
make sure SQLException#getSQLState is not null before attempting to call methods on it. I have observed exceptions during AWS MySQL RDS failovers where sql state is null, causing this method to throw an NPE exception rather than the expected ModelException

closes #38467

Signed-off-by: Robert Hollencamp <rhollencamp@cargurus.com>
 2025-03-27 09:01:35 +00:00
Stefan Guilhen aeae754e88 Ensure JPAPolicyStore.findByName goes through the PolicyCache 
Signed-off-by: Stefan Guilhen <sguilhen@redhat.com>

Closes #38319
 2025-03-26 11:47:45 -03:00
Pedro Igor 26c90f369f Support for partial evaluation for clients 
Closes #38393

Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>
 2025-03-25 09:04:12 -03:00
Steven Hawkins c0da146873 fix: limit the scope of when a single transaction is used for import (#37990) 
closes: #34364

Signed-off-by: Steve Hawkins <shawkins@redhat.com>
 2025-03-24 14:39:07 -04:00
Pedro Igor 1c57035d41 Support partial evaluation for the group resource type 
Closes #38273

Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>
 2025-03-24 11:49:53 -03:00
Ricardo Martin 734c4af876 Add version column to credential table to avoid simultaneous recovery codes updates 
Closes #26106

Signed-off-by: rmartinc <rmartinc@redhat.com>
 2025-03-24 10:30:06 +01:00
Michal Hajas cb2dc35def Do not leak 5 seconds rotation time to other tests 
Closes #38299

Signed-off-by: Michal Hajas <mhajas@redhat.com>
 2025-03-21 11:18:09 +00:00
Alexander Schwartz afde8ece15 Avoid sending/receiving the session JSON too often (#37095) 
Closs #37093

Signed-off-by: Alexander Schwartz <aschwart@redhat.com>
 2025-03-21 10:32:05 +01:00
Sebastian Rose 4fb1c41155 Sending Mails via SMTP and XOAUTH2 authentication mechanism 
Closes #17432

Signed-off-by: Sebastian Rose <sebastian.rose@gmail.com>
 2025-03-21 10:12:18 +01:00
Pedro Igor a4000575a4 Initial support for partial evaluation 
Closes #38085

Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>
 2025-03-19 13:30:52 -03:00
Michal Hajas 2ea6b8a222 Do not use certificate's startDate as it can be changed by CertificateUtilsProvider 
Closes #38247

Signed-off-by: Michal Hajas <mhajas@redhat.com>
 2025-03-19 16:48:02 +01:00
Pedro Ruivo 46bbe073fb SPI for compatibility metadata 
Closes #36786

Signed-off-by: Pedro Ruivo <pruivo@redhat.com>
Signed-off-by: Alexander Schwartz <aschwart@redhat.com>
Co-authored-by: Alexander Schwartz <aschwart@redhat.com>
 2025-03-17 16:48:24 +00:00
Pedro Igor b200ab0792 Fix permissions for view-members and manage-members 
Closes #38013

Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>
 2025-03-17 08:27:36 -03:00
GMalliaris c9d848cd90 Fixing incorrectly cached role after update/rename 
Closes #37320

Signed-off-by: Giorgos Malliaris <georgemalliaris8@gmail.com>
Signed-off-by: Alexander Schwartz <aschwart@redhat.com>
Co-authored-by: Alexander Schwartz <aschwart@redhat.com>
 2025-03-10 12:32:37 +01:00
Pedro Ruivo 5efb7cf76e Make JGroups with TLS startup more robust 
Fixes #37887

Signed-off-by: Pedro Ruivo <pruivo@redhat.com>
 2025-03-07 08:21:53 +01:00
Olivier Boudet 55afebec15 Fix imports 
Signed-off-by: Olivier Boudet <o.boudet@gmail.com>
 2025-03-06 16:32:51 -03:00
Olivier Boudet 72b5af088c Update model/jpa/src/main/java/org/keycloak/organization/jpa/JpaOrganizationProvider.java 
Co-authored-by: Stefan Guilhen <sguilhen@redhat.com>
Signed-off-by: Olivier Boudet <o.boudet@gmail.com>
 2025-03-06 16:32:51 -03:00
Olivier Boudet 017d8e107e feat: resolve organization for federated users #36941 
Signed-off-by: Olivier Boudet <o.boudet@gmail.com>
 2025-03-06 16:32:51 -03:00
Pedro Ruivo 071e97f42f Fixed the annotation processor path for JDK 22+ (#37819) 
Fixes #37816

Signed-off-by: Pedro Ruivo <pruivo@redhat.com>
 2025-03-04 15:58:31 +01:00
Alexander Schwartz bc7ec1208e Enable the TLS based JGroups encryption by default and update the docs 
Closes #37696

Signed-off-by: Alexander Schwartz <aschwart@redhat.com>
 2025-03-03 10:50:51 -03:00
Alexander Schwartz a0de3c26d7 Allow a token to be revoked twice 
Closes #37621

Signed-off-by: Alexander Schwartz <aschwart@redhat.com>
 2025-03-03 10:49:41 -03:00
Pedro Ruivo f7e21af82e JGroups certificate rotation 
Closes #37316

Signed-off-by: Pedro Ruivo <pruivo@redhat.com>
Signed-off-by: Alexander Schwartz <aschwart@redhat.com>
Co-authored-by: Alexander Schwartz <aschwart@redhat.com>
 2025-02-27 12:56:18 +01:00
Akbar Husain 9d3cfe0672 Remove X-XSS-Protection header (#36881) 
Closes #21728

Signed-off-by: akbarhusainpatel <apatel@intermiles.com>
 2025-02-19 08:42:26 +01:00
Pedro Ruivo 70e2a28ff9 Create CA certificate for JGroups encryption 
Closes #36750

Signed-off-by: Pedro Ruivo <pruivo@redhat.com>
Signed-off-by: Pedro Ruivo <pruivo@users.noreply.github.com>
Co-authored-by: Alexander Schwartz <alexander.schwartz@gmx.net>
 2025-02-13 10:32:43 +00:00
Martin Bartoš fe40730aed Invalid migration export for empty database 
Fixes #32535

Signed-off-by: Martin Bartoš <mabartos@redhat.com>
 2025-02-11 09:24:53 +01:00
Pedro Igor 4b2d5ed472 Minor fixes, test coverage, and allow deleting local users 
Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>
 2025-02-07 10:42:45 -03:00
Christian Janker 87db882a89 Do not remove users in LDAP when queries return an empty result 
closes #34764

Signed-off-by: Christian Janker <christian.janker@gmx.at>
 2025-02-07 10:42:45 -03:00
Stefan Guilhen 0fc0dcd119 Ensure IDPs returned from infinispan provider are ordered by alias 
Closes #33243

Signed-off-by: Stefan Guilhen <sguilhen@redhat.com>
 2025-02-07 08:53:09 -03:00
Pedro Igor bf355f83d3 Review how all resource type permissions are evaluated 
Closes #37081

Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>
 2025-02-06 08:43:29 -03:00
Steven Hawkins f52cc73548 fix: narrow fix for creating single file import without a system prop (#36457) 
closes: #34270

Signed-off-by: Steve Hawkins <shawkins@redhat.com>
 2025-02-05 14:13:53 +00:00
Pedro Igor 1cb7a4736c Slow query when checking if a realm has brokers and brokering is enabled 
Closes #37062

Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>
Co-authored-by: Alexander Schwartz <alexander.schwartz@gmx.net>
 2025-02-05 13:49:32 +00:00