mirror/keycloak
1
0
Fork 0
mirror of https://github.com/keycloak/keycloak.git synced 2026-01-11 01:20:22 -06:00
Code Issues Packages Projects Releases Wiki Activity
25,338 Commits 30 Branches 288 Tags
9d5ccfb22d00a9f63eb62289c1e6dfd855ecd151
Commit Graph

25338 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Agnieszka Gancarczyk
9d5ccfb22d Backport for translation error fix (#33529) 
Signed-off-by: Agnieszka Gancarczyk <agagancarczyk@gmail.com>
 2024-10-03 14:28:35 -04:00
Stefan Guilhen
082063331c Fix various issues holding up CI (#33086) 
- Disables the remote operator tests, which will have to be fixed later.
- Fixes the action expired error which occurs when accessing regular registration page with Organizations enabled.
- Fixes a race condition in the test suite causing sporadic failures.

Closes #33064

Signed-off-by: Stefan Guilhen <sguilhen@redhat.com>
Signed-off-by: rmartinc <rmartinc@redhat.com>
Signed-off-by: Jon Koops <jonkoops@gmail.com>
Co-authored-by: rmartinc <rmartinc@redhat.com>
Co-authored-by: Jon Koops <jonkoops@gmail.com>
 2024-10-03 18:28:05 +02:00
Ricardo Martin
3760161268 Add the nonce attribute when the client session context is recreated (#33422) 
Closes #33355

Signed-off-by: rmartinc <rmartinc@redhat.com>
Co-authored-by: Tomas Kralik <tomas.kralik@pbktechnology.cz>
(cherry picked from commit 6e471a8477)
 2024-10-03 18:28:05 +02:00
Agnieszka Gancarczyk
306ca1ca07 Backport for 33471 (#33472) 
Signed-off-by: Agnieszka Gancarczyk <agagancarczyk@gmail.com>
 2024-10-02 14:26:49 +01:00
Giuseppe Graziano
d82438a611 Remove root auth session after backchannel logout 
Closes #32197

Signed-off-by: Giuseppe Graziano <g.graziano94@gmail.com>
(cherry picked from commit b46fab2308)
 2024-10-02 09:41:50 +02:00
Erik Jan de Wit
c36eb8a952 keep query parameters when changing routes (#32762) (#32856) 
Closes #32736

Signed-off-by: Erik Jan de Wit <erikjan.dewit@gmail.com>
(cherry picked from commit d26a514e8e)
 2024-09-27 14:24:23 +00:00
rmartinc
3af1fb04f1 Use note to detect the IDP verify email action is already done 
Closes #31563

Signed-off-by: rmartinc <rmartinc@redhat.com>
(cherry picked from commit 1d23c3c720)
 2024-09-27 11:48:03 +02:00
Jon Koops
5390367b06 revert part of change (#31055) (#33237) 
fixes: #31038

Signed-off-by: Erik Jan de Wit <erikjan.dewit@gmail.com>
(cherry picked from commit ffbfb7450f)

Co-authored-by: Erik Jan de Wit <erikjan.dewit@gmail.com>
 2024-09-24 12:42:37 +02:00
Václav Muzikář
9b2bf7dd58 Resolve disabled options even at fast startup (#32245) (#32977) 
Closes #30380

Signed-off-by: Václav Muzikář <vmuzikar@redhat.com>
(cherry picked from commit aee9390812)
 2024-09-24 11:37:03 +02:00
Jon Koops
6750641808 Sort the IDPs in the admin console admin and organization tables by alias (#32999) (#33070) 
- prevent issues when ordering by guiOrder due to pagination of results

Closes #32669

Signed-off-by: Stefan Guilhen <sguilhen@redhat.com>
(cherry picked from commit 6503d202ac)

Co-authored-by: Stefan Guilhen <sguilhen@redhat.com>
 2024-09-24 09:25:21 +01:00
Stan Silvert
b1526cd4a5 Client Details: show redirect URIs w/ implicit flow (#33120) (#33150) 
Fixes #33095

Signed-off-by: Stan Silvert <ssilvert@redhat.com>
(cherry picked from commit fe9c4dd7ed)
 2024-09-23 07:25:06 -04:00
Christian Ja
06a44202db Send UserRemovedEvent containing all user attributes (#33151) 
Invalidate CachedUserModel before UserRemovedEvent

closes #32194

Signed-off-by: Christian Janker <christian.janker@gmx.at>
 2024-09-21 17:33:01 +02:00
Erik Jan de Wit
cc212d58fe refresh realm after being changed 
fixes: #32834

Signed-off-by: Erik Jan de Wit <erikjan.dewit@gmail.com>
(cherry picked from commit d1f141148a)
 2024-09-20 22:37:53 +02:00
Erik Jan de Wit
d351327b0e added table wrap to avoid data off screen 
Closes #32758

Signed-off-by: Erik Jan de Wit <erikjan.dewit@gmail.com>
(cherry picked from commit aec3eb91a8)
 2024-09-20 22:33:17 +02:00
Stan Silvert
6a7729641b Avoid NPE if realm configuration contains invalid required action configuration (#32649) (#33056) 
* Avoid NPE if realm configuration contains invalid required action configuration

If users removed implementations or renamed the provider id of a required action, then the realm configuration might contain dangling references to required actions.
If we then try to find the RequiredActionFactory to determine the if the required action is configurable then NPE is thrown. This PR prevents the NPE with a guard clause.

Fixes #32624

Signed-off-by: Thomas Darimont <thomas.darimont@googlemail.com>

* Log a warning if required action with missing provider is detected.

Signed-off-by: Thomas Darimont <thomas.darimont@googlemail.com>

---------

Signed-off-by: Thomas Darimont <thomas.darimont@googlemail.com>
(cherry picked from commit d28adcb81b)

Co-authored-by: Thomas Darimont <thomas.darimont@googlemail.com>
 2024-09-20 14:02:44 -04:00
Stian Thorgersen
9f37a83c51 Improve handling for loopback redirect-uri validation (#195) 
Signed-off-by: stianst <stianst@gmail.com>
 2024-09-17 08:49:29 +02:00
Ricardo Martin
ae6a686870 Use references to obtain the signed elements in a signature (#188) 
Closes keycloak/keycloak-private#191

Signed-off-by: rmartinc <rmartinc@redhat.com>
 2024-09-17 08:49:29 +02:00
Jon Koops
f253f90610 Do not send attributes when unlocking the user (#32993) 
Closes #31165

Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>
(cherry picked from commit 0410653e71)

Co-authored-by: Pedro Igor <pigor.craveiro@gmail.com>
 2024-09-17 08:49:02 +02:00
Alexander Schwartz
9b1df077a0 Do not automatically re-import users if they already exist locally when searching by attributes (#32886) 
Closes #32870

Signed-off-by: Stefan Guilhen <sguilhen@redhat.com>
Co-authored-by: Stefan Guilhen <sguilhen@redhat.com>
 2024-09-13 12:43:08 +02:00
Steven Hawkins
966bc4640b fix: refining v2 hostname validation (#32659) (#32809) 
closes: #32643

Signed-off-by: Steve Hawkins <shawkins@redhat.com>
(cherry picked from commit 58d742bb5c)
 2024-09-11 17:55:00 +02:00
Thomas Darimont
8c813e0e3a Ensure realm attributes import happens before client import 
Fixes #32799

Signed-off-by: Thomas Darimont <thomas.darimont@googlemail.com>
(cherry picked from commit 445a7da902)
 2024-09-11 16:38:54 +02:00
Stian Thorgersen
109db4fe7d Remove @NoCache annotation in admin client interfaces (#32795) 
Closes #32731

Signed-off-by: stianst <stianst@gmail.com>
(cherry picked from commit e140e71a52)
 2024-09-11 15:15:34 +02:00
Alexander Schwartz
19e557daab Set idle time the same as for the internal cache, but extend it for refreshes 
Closes #32100

Signed-off-by: Alexander Schwartz <aschwart@redhat.com>
Signed-off-by: Michal Hajas <mhajas@redhat.com>
Co-authored-by: Michal Hajas <mhajas@redhat.com>
 2024-09-10 10:12:22 +02:00
Jon Koops
48c2b02005 Include rfc4648 in the import map for login v2 
Closes #32578

Signed-off-by: Jon Koops <jonkoops@gmail.com>
 2024-09-10 10:11:42 +02:00
Giuseppe Graziano
21362ae8e6 Removing BOM character from SAML entity descriptor 
Closes #30604

Signed-off-by: Giuseppe Graziano <g.graziano94@gmail.com>
(cherry picked from commit c2c74faec0)
 2024-09-10 10:10:48 +02:00
Agnieszka Gancarczyk
57f035b67a Backport to fix default roles (#32277) 
Signed-off-by: Agnieszka Gancarczyk <agagancarczyk@gmail.com>
 2024-09-10 10:10:11 +02:00
Ricardo Martin
2341d6ee7a Honor turnOffChangeSessionIdOnLogin in SAML adapter (#185) 
Closes keycloak/keycloak-private#183

Signed-off-by: rmartinc <rmartinc@redhat.com>
 2024-08-20 09:35:52 +02:00
Ricardo Martin
3916169930 SAML IdMapperUpdaterSessionListener should be added always and must implement HttpSessionIdListener interface (#32234) 
Closes #32084

Signed-off-by: rmartinc <rmartinc@redhat.com>
 2024-08-20 09:18:40 +02:00
Alexander Schwartz
94e213a13b Load client sessions in chunks from the database (#32208) 
Closes #32180

Signed-off-by: Alexander Schwartz <aschwart@redhat.com>
 2024-08-16 16:01:24 +00:00
Ricardo Martin
7bf8841e31 better unset check (#32062) (#32207) 
* better unset check

fixes: #32059
Signed-off-by: Erik Jan de Wit <erikjan.dewit@gmail.com>

* better explanation

Signed-off-by: Erik Jan de Wit <erikjan.dewit@gmail.com>

* fix min value

Signed-off-by: Erik Jan de Wit <erikjan.dewit@gmail.com>

* Steal some code from `react-hook-form`

Signed-off-by: Jon Koops <jonkoops@gmail.com>

---------

Signed-off-by: Erik Jan de Wit <erikjan.dewit@gmail.com>
Signed-off-by: Jon Koops <jonkoops@gmail.com>
Co-authored-by: Jon Koops <jonkoops@gmail.com>
(cherry picked from commit 862854bc29)

Co-authored-by: Erik Jan de Wit <erikjan.dewit@gmail.com>
 2024-08-16 15:23:40 +00:00
Michal Hajas
db95afd73c Set clientId if it is not set in the entity 
Closes #32195

Signed-off-by: Michal Hajas <mhajas@redhat.com>
(cherry picked from commit 6a9245546e)
 2024-08-16 15:50:22 +02:00
Stan Silvert
9bd5075caa Hide User Reg tab if you don't have permissions (#32021) 
Fixes #31920

Signed-off-by: Stan Silvert <ssilvert@redhat.com>
(cherry picked from commit 35fbcf5af8)
 2024-08-16 08:29:42 -04:00
Alexander Schwartz
31d393a12a Specify version column name in a case-sensitive manner (#32190) 
Closes #32127

Signed-off-by: Alexander Schwartz <aschwart@redhat.com>
 2024-08-16 13:27:37 +02:00
Michal Hajas
6dbe66b3a0 Remove information about online_user_session table 
Closes #32178

Signed-off-by: Michal Hajas <mhajas@redhat.com>
Co-authored-by: Alexander Schwartz <alexander.schwartz@gmx.net>
(cherry picked from commit 36ad5fb3bd)
 2024-08-16 11:32:15 +02:00
Alexander Schwartz
01ae858fe9 Handle non-existing client gracefully (#32167) 
Closes #32150

Signed-off-by: Alexander Schwartz <aschwart@redhat.com>
 2024-08-16 10:15:51 +02:00
Alexander Schwartz
5edffb4564 Caches the id-to-user mapping for the evaluation in the current session (#32138) 
Closes #31519

Signed-off-by: Alexander Schwartz <aschwart@redhat.com>
 2024-08-16 10:15:24 +02:00
himanshi1099
04a3b22603 Fix for Network error attempting to view default realm roles without permissions (#31902) 
* fix for issue #29211

Signed-off-by: Himanshi Gupta <higupta@redhat.com>

* fix for issue #29211

Signed-off-by: Himanshi Gupta <higupta@redhat.com>

---------

Signed-off-by: Himanshi Gupta <higupta@redhat.com>
(cherry picked from commit 7cf9946040)
 2024-08-13 14:55:25 -04:00
Alexander Schwartz
e0d37bd18d Cache node binary for Windows to avoid download failures (#32053) 
Closes #31835

Signed-off-by: Alexander Schwartz <aschwart@redhat.com>
 2024-08-13 09:04:21 +02:00
Stan Silvert
b072f6df07 Fix for Network error attempting to view events without permissions (#31920) (#31988) 
* Fix for #31918

Signed-off-by: kaustubh B <kbawanka@redhat.com>

* Update js/apps/admin-ui/src/realm-settings/RealmSettingsTabs.tsx

Co-authored-by: Stan Silvert <ssilvert@redhat.com>
Signed-off-by: kaustubh-rh <88367583+kaustubh-rh@users.noreply.github.com>

---------

Signed-off-by: kaustubh B <kbawanka@redhat.com>
Signed-off-by: kaustubh-rh <88367583+kaustubh-rh@users.noreply.github.com>
Co-authored-by: Stan Silvert <ssilvert@redhat.com>
(cherry picked from commit e090b0d260)

Co-authored-by: kaustubh-rh <88367583+kaustubh-rh@users.noreply.github.com>
 2024-08-09 10:58:36 +01:00
rmartinc
2a8f104f26 Adding upgrading notes for brute force changes 
Closes #31960

Signed-off-by: rmartinc <rmartinc@redhat.com>
 2024-08-09 09:49:47 +02:00
rmartinc
99f92ad5ff Remove the attempt in brute force when the off-thread finishes 
Closes #31881

Signed-off-by: rmartinc <rmartinc@redhat.com>
 2024-08-09 09:49:47 +02:00
Pedro Igor
2fb358e1a2 Support for blocking concurrent requests when brute force is enabled 
Closes #31726

Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>
Signed-off-by: Douglas Palmer <dpalmer@redhat.com>
Signed-off-by: mposolda <mposolda@gmail.com>
 2024-08-09 09:49:47 +02:00
Ryan Emerson
c70f729a67 Upgrade to Infinispan 15.0.7.Final 
Closes #31963

Signed-off-by: Ryan Emerson <remerson@redhat.com>
 2024-08-07 15:42:59 +02:00
Erik Jan de Wit
546820bc55 Use TextControl in StringComponent (#31442) (#31743) 
* Use TextControl in StringComponent

This makes that the field is required and partially fixes:

Signed-off-by: Erik Jan de Wit <erikjan.dewit@gmail.com>
#26963

* enable test-id override

Signed-off-by: Erik Jan de Wit <erikjan.dewit@gmail.com>

---------

Signed-off-by: Erik Jan de Wit <erikjan.dewit@gmail.com>
(cherry picked from commit 0b5f42f95d)
 2024-08-06 12:52:59 +01:00
Erik Jan de Wit
4c9b422357 use stringify on use meta data descriptor (#31717) (#31906) 
fixes: #31687

Signed-off-by: Erik Jan de Wit <erikjan.dewit@gmail.com>
(cherry picked from commit 3f6136c648)
 2024-08-06 12:47:36 +01:00
Erik Jan de Wit
3702df5882 disable save when all fields are readonly (#31535) (#31765) 
fixes: #31304

Signed-off-by: Erik Jan de Wit <erikjan.dewit@gmail.com>
(cherry picked from commit 814e958e11)
 2024-08-06 12:46:33 +01:00
agagancarczyk
9aef33f5be Backport to revert accidental change to logout url (#31933) 
Signed-off-by: Agnieszka Gancarczyk <agancarc@redhat.com>
 2024-08-06 12:16:04 +01:00
agagancarczyk
1f35877a10 Backport to make realm the namespace so we can change the bundle (#31666) 
* Backport to make realm the namespace so we can change the bundle

Signed-off-by: Agnieszka Gancarczyk <agancarc@redhat.com>

* fix

Signed-off-by: Agnieszka Gancarczyk <agancarc@redhat.com>

---------

Signed-off-by: Agnieszka Gancarczyk <agancarc@redhat.com>
 2024-07-31 12:50:19 +00:00
Alexander Schwartz
10aaa67d1a For persistent sessions, don't remove user session if there is no session in the remote store (#31787) 
Closes #31115

Signed-off-by: Alexander Schwartz <aschwart@redhat.com>
 2024-07-31 12:00:23 +02:00
Alexander Schwartz
213063bed1 Trigger clearing the user cache when the duplicate email allowed flag changes (#31722) 
Closes #31045

Signed-off-by: Alexander Schwartz <aschwart@redhat.com>
 2024-07-30 14:58:32 +02:00