keycloak

mirror of https://github.com/keycloak/keycloak.git synced 2025-12-30 03:19:54 -06:00

Author	SHA1	Message	Date
Martin Bartoš	a71ceee8f1	[Docs] Warn users about printing headers in HTTP access logs (#44353 ) Closes #43156 Signed-off-by: Martin Bartoš <mabartos@redhat.com>	2025-11-20 14:48:01 +01:00
ruchikajha95	dc62067cfe	Detailed how to skip test while building keycloak Closes #44338 Signed-off-by: Ruchika Jha <ruchika@li-0551ffcc-341d-11b2-a85c-a28deda416be.ibm.com> Signed-off-by: Alexander Schwartz <alexander.schwartz@gmx.net> Co-authored-by: Ruchika Jha <ruchika@li-0551ffcc-341d-11b2-a85c-a28deda416be.ibm.com> Co-authored-by: Alexander Schwartz <alexander.schwartz@gmx.net>	2025-11-20 11:29:56 +01:00
Pedro Ruivo	13ef89664c	More accurate user session expiration logic Closes #44204 Signed-off-by: Pedro Ruivo <1492066+pruivo@users.noreply.github.com> Co-authored-by: Pedro Ruivo <1492066+pruivo@users.noreply.github.com>	2025-11-19 21:06:17 +01:00
Carlos Rodríguez Hernández	2a876c143f	Add support for PostgreSQL 18 (#44288 ) Signed-off-by: Carlos Rodríguez Hernández <carlos.rodriguez-hernandez@broadcom.com>	2025-11-19 11:39:36 +01:00
Alexander Schwartz	15a9a36569	Align formatting of referenced RFCs Closes #44246 Signed-off-by: Alexander Schwartz <alexander.schwartz@gmx.net> Co-authored-by: Stian Thorgersen <stian@redhat.com>	2025-11-17 21:30:13 +01:00
Alexander Schwartz	167249dd6c	Updating the specifics around kubernetes service accounts Closes #44064 Signed-off-by: Alexander Schwartz <alexander.schwartz@ibm.com>	2025-11-17 11:23:39 +01:00
AvivGuiser	3c8af6dec5	set auto-mount service account token to false in keycloak pods (#40605 ) closes #38843 Signed-off-by: AvivGuiser <avivguiser@gmail.com> Co-authored-by: Steven Hawkins <shawkins@redhat.com>	2025-11-14 15:41:39 +00:00
Ricardo Martin	20f9bb1570	Fix recaptcha links to the new docs.cloud.google.com site Closes #44187 Signed-off-by: rmartinc <rmartinc@redhat.com>	2025-11-14 09:37:54 +01:00
Stian Thorgersen	a2c1055f8d	Proposed import order (#43432 ) * Add importOrder to Spotless Closes #43235 Signed-off-by: stianst <stianst@gmail.com> * Re-order imports with Spotless Signed-off-by: stianst <stianst@gmail.com> --------- Signed-off-by: stianst <stianst@gmail.com>	2025-11-14 09:34:49 +01:00
Chance Coleman	b2317dabdc	Add configurable HTTP retry mechanism for OCSP validation (#42535 ) Closes #42401 Signed-off-by: UnicornChance <chance@defenseunicorns.com> Signed-off-by: Chance Coleman <139784371+chance-coleman@users.noreply.github.com>	2025-11-13 13:21:13 +01:00
vramik	748b58bf64	Remove creation of default policy, resource and permission upon enabling authorization for a client Closes #43867 Signed-off-by: vramik <vramik@redhat.com>	2025-11-13 09:14:56 -03:00
Sebastian Łaskawiec	3288f83dc9	Adding an integration test with Minikube for Kubernetes Service Account Federated Authenticator Closes #42983 Signed-off-by: Sebastian Łaskawiec <sebastian.laskawiec@defenseunicorns.com> Signed-off-by: Alexander Schwartz <alexander.schwartz@ibm.com> Co-authored-by: Alexander Schwartz <alexander.schwartz@ibm.com>	2025-11-13 08:52:46 +01:00
Ricardo Martin	de49500393	Client policy to enforce only downscoping in Token Exchange (#44030 ) Closes #43931 Signed-off-by: rmartinc <rmartinc@redhat.com>	2025-11-12 08:48:42 +01:00
Steven Hawkins	ed9d6cc40a	fix: adding the built system property to the README (#43850 ) * fix: adding the built system property to the README closes: #43606 Signed-off-by: Steve Hawkins <shawkins@redhat.com> * removing the doc / note about directly launching from the jar Signed-off-by: Steve Hawkins <shawkins@redhat.com> * Update docs/building.md Co-authored-by: Václav Muzikář <vaclav@muzikari.cz> Signed-off-by: Steven Hawkins <shawkins@redhat.com> * removing one more reference to running the jar directly Signed-off-by: Steve Hawkins <shawkins@redhat.com> * Move a chapter in README Signed-off-by: Václav Muzikář <vmuzikar@redhat.com> --------- Signed-off-by: Steve Hawkins <shawkins@redhat.com> Signed-off-by: Steven Hawkins <shawkins@redhat.com> Signed-off-by: Václav Muzikář <vmuzikar@redhat.com> Co-authored-by: Václav Muzikář <vaclav@muzikari.cz> Co-authored-by: Václav Muzikář <vmuzikar@redhat.com>	2025-11-11 15:06:48 +01:00
Stian Thorgersen	36011008e8	Remove PostgreSQL 13.x support (#44103 ) Closes #42905 Signed-off-by: stianst <stianst@gmail.com>	2025-11-11 09:35:27 +01:00
Martin Kanis	39e1e40be4	Document missing artifact dependency for UserStoragePrivateUtil Closes #43212 Signed-off-by: Martin Kanis <mkanis@redhat.com>	2025-11-10 10:41:12 -03:00
Martin Bartoš	1f9694358f	Ability to enable/disable feature via single property (#43542 ) * Ability to enable/disable feature via single property Closes #43541 Signed-off-by: Martin Bartoš <mabartos@redhat.com> * Provide support for specifying profile preview Signed-off-by: Martin Bartoš <mabartos@redhat.com> * Remove duplication check, use the new WildcardOptionUtil Signed-off-by: Martin Bartoš <mabartos@redhat.com> * Create quarkus specific single profile config resolver Signed-off-by: Martin Bartoš <mabartos@redhat.com> * Remove the feature profile capability for single feature option Signed-off-by: Martin Bartoš <mabartos@redhat.com> --------- Signed-off-by: Martin Bartoš <mabartos@redhat.com>	2025-11-07 13:35:39 +01:00
Steven Hawkins	4a63fcffaf	fix: considering source ordinality with spi options (#43805 ) closes: #43793 Signed-off-by: Steve Hawkins <shawkins@redhat.com>	2025-11-06 18:01:18 +01:00
Stian Thorgersen	b278dbbb3d	Allow identity provider configuration without defaults for user authentication (#43963 ) Closes #43552 Signed-off-by: stianst <stianst@gmail.com>	2025-11-05 10:13:40 -03:00
KONSTANTINOS GEORGILAKIS	1c0d4616a5	hide scopes from scopes_supported in discovery endpoint Closes #10388 Signed-off-by: cgeorgilakis-grnet <cgeorgilakis@admin.grnet.gr> Signed-off-by: Alexander Schwartz <alexander.schwartz@ibm.com> Co-authored-by: Alexander Schwartz <alexander.schwartz@ibm.com>	2025-11-03 16:26:12 +00:00
Robin Meese	27a47b2537	Add Czech translators (#43910 ) Closes: #43909 Signed-off-by: Robin Meese <39960884+robson90@users.noreply.github.com>	2025-11-03 15:52:59 +01:00
Steven Hawkins	f7735b573c	fix: removing the fast start optimization (#43686 ) * fix: removing the fast start optimization closes: #38790 #42960 Signed-off-by: Steve Hawkins <shawkins@redhat.com> * updating the docs based upon a review comment Signed-off-by: Steve Hawkins <shawkins@redhat.com> --------- Signed-off-by: Steve Hawkins <shawkins@redhat.com>	2025-11-03 12:37:13 +01:00
Alexander Schwartz	52ba359cc3	Make client and IDP required when using federated client authentication (#43890 ) Closes #43889 Signed-off-by: Alexander Schwartz <alexander.schwartz@gmx.net>	2025-11-03 07:21:55 +01:00
蔡秀吉	e84a1d6363	Fix typos and formatting in OIDC auth flows documentation Closes #43818 Signed-off-by: thc1006 <84045975+thc1006@users.noreply.github.com>	2025-11-01 19:14:41 +00:00
Tobi	479859a7a3	Add new indices on `offline_client_session` Closes #43566 Signed-off-by: twobiers <22715034+twobiers@users.noreply.github.com> Signed-off-by: Alexander Schwartz <alexander.schwartz@ibm.com> Co-authored-by: Alexander Schwartz <alexander.schwartz@ibm.com>	2025-10-31 17:49:47 +01:00
Martin Bartoš	8502cc3ae1	Including OTLP headers for tracing (#43122 ) * Including OTLP headers for tracing Closes #41007 Signed-off-by: Martin Bartoš <mabartos@redhat.com> * Polishing, add test for the util class, address review Signed-off-by: Martin Bartoš <mabartos@redhat.com> * Remove the WildcardOptionsUtil#isKcWildcardOption Signed-off-by: Martin Bartoš <mabartos@redhat.com> --------- Signed-off-by: Martin Bartoš <mabartos@redhat.com>	2025-10-31 15:46:05 +01:00
Pedro Ruivo	e40c5de050	Session cache affinity Closes #42776 Signed-off-by: Pedro Ruivo <1492066+pruivo@users.noreply.github.com> Signed-off-by: Alexander Schwartz <alexander.schwartz@gmx.net> Signed-off-by: Alexander Schwartz <alexander.schwartz@ibm.com> Co-authored-by: Pedro Ruivo <1492066+pruivo@users.noreply.github.com> Co-authored-by: Alexander Schwartz <alexander.schwartz@gmx.net> Co-authored-by: Steven Hawkins <shawkins@redhat.com> Co-authored-by: Alexander Schwartz <alexander.schwartz@ibm.com>	2025-10-30 21:01:09 +00:00
Alexander Schwartz	0f01444543	Allow only normalized paths in requests (#43765 ) Closes #43763 Signed-off-by: Martin Bartoš <mabartos@redhat.com> Signed-off-by: Alexander Schwartz <alexander.schwartz@ibm.com> Co-authored-by: Martin Bartoš <mabartos@redhat.com>	2025-10-30 14:37:50 +01:00
Pedro Ruivo	6317c02a27	Refactor AuthenticationSessionManager Closes #43825 Signed-off-by: Pedro Ruivo <1492066+pruivo@users.noreply.github.com> Signed-off-by: Alexander Schwartz <alexander.schwartz@ibm.com> Co-authored-by: Pedro Ruivo <1492066+pruivo@users.noreply.github.com> Co-authored-by: Alexander Schwartz <alexander.schwartz@ibm.com>	2025-10-30 12:26:07 +01:00
Stian Thorgersen	be6a3814fb	Add CORS support to OIDC dynamic client registration endpoints (#43625 ) Closes #8863 Signed-off-by: stianst <stianst@gmail.com>	2025-10-30 12:12:08 +01:00
Peter Zaoral	f65adbf628	win-fix: correct hostname normalization condition for loopback addresses (#43634 ) Closes: #42794 Signed-off-by: Peter Zaoral <pzaoral@redhat.com> Co-authored-by: Steven Hawkins <shawkins@redhat.com>	2025-10-30 08:49:45 +01:00
Steven Hawkins	ccc7568879	fix: updating build docs (#43607 ) * fix: updating build docs closes: #43606 Signed-off-by: Steve Hawkins <shawkins@redhat.com> * Update docs/building.md Co-authored-by: Martin Bartoš <mabartos@redhat.com> Signed-off-by: Steven Hawkins <shawkins@redhat.com> --------- Signed-off-by: Steve Hawkins <shawkins@redhat.com> Signed-off-by: Steven Hawkins <shawkins@redhat.com> Co-authored-by: Martin Bartoš <mabartos@redhat.com>	2025-10-29 12:05:49 -04:00
Marek Posolda	2fc5419676	Avoid using UserCredentialManager from user storage extensions (#43695 ) closes #43694 Signed-off-by: mposolda <mposolda@gmail.com>	2025-10-29 16:26:59 +01:00
Ryan Emerson	3ba8a68f2c	Document debug log settings required to show applied Infinispan configuration Closes #43655 Signed-off-by: Ryan Emerson <remerson@ibm.com>	2025-10-29 12:36:53 +01:00
Marek Posolda	5693899246	Picture of the token-exchange flow in the documentation closes #39881 Signed-off-by: mposolda <mposolda@gmail.com> Signed-off-by: Alexander Schwartz <alexander.schwartz@ibm.com> Co-authored-by: Alexander Schwartz <alexander.schwartz@ibm.com>	2025-10-29 10:38:37 +00:00
Alexander Schwartz	aadffb94fb	Fix typo in LDAP edit mode in the docs Closes #43720 Signed-off-by: Alexander Schwartz <alexander.schwartz@ibm.com>	2025-10-27 08:42:44 -03:00
Pedro Igor	6527b139dc	Do not lower-case username and email if users are not imported from LDAP Closes #43621 Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>	2025-10-23 13:02:33 +02:00
Pedro Igor	2b785425fa	Allow managing realm admin roles if the the realm-admin role is granted Closes #43579 Closes #43578 Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com> Co-authored-by: Vlasta Ramik <vramik@users.noreply.github.com>	2025-10-23 08:02:05 -03:00
Stian Thorgersen	f6ac64907d	SPIFFE should support OIDC JWK endpoint (#43651 ) Closes #43650 Signed-off-by: stianst <stianst@gmail.com>	2025-10-22 15:19:56 +02:00
Stian Thorgersen	84a161d4dd	Extract related methods from IdentityProvider to UserIdentityProvider (#43535 ) Closes #43534 Signed-off-by: stianst <stianst@gmail.com>	2025-10-21 14:27:07 +00:00
Alexander Schwartz	6080f21c64	Adding this as a breaking change plus deprecation Closes #43022 Signed-off-by: Alexander Schwartz <alexander.schwartz@ibm.com>	2025-10-21 09:58:33 -03:00
Steven Hawkins	4443834d06	fix: refines how defaults are shown closes: #43421 Signed-off-by: Steve Hawkins <shawkins@redhat.com>	2025-10-21 14:35:55 +02:00
Martin Bartoš	419afce847	Fix anchors in the documentation Closes #43084 Signed-off-by: Martin Bartoš <mabartos@redhat.com> Signed-off-by: Alexander Schwartz <alexander.schwartz@ibm.com> Co-authored-by: Václav Muzikář <vaclav@muzikari.cz> Co-authored-by: Alexander Schwartz <alexander.schwartz@ibm.com>	2025-10-21 12:33:32 +00:00
Pedro Igor	c5b560e2d8	Update user profile to allow returning a brief user representation Closes #42225 Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>	2025-10-21 12:52:31 +02:00
Ronaldo Paulino Jiconda	987ce19b45	Fix OIDC IDP broker basic auth encoding Ensures that the client_id and client_secret are URL-encoded before being Base64-encoded for the Basic Auth header, following RFC 6749. This fixes authentication failures when the client_id contains special characters. Closes #26374 Closes #43022 Signed-off-by: rpjicond <ronaldopaulino32@hotmail.com> Signed-off-by: Alexander Schwartz <alexander.schwartz@ibm.com> Co-authored-by: rpjicond <ronaldopaulino32@hotmail.com> Co-authored-by: Alexander Schwartz <alexander.schwartz@ibm.com> Co-authored-by: cgeorgilakis-grnet <cgeorgilakis@admin.grnet.gr>	2025-10-20 23:48:24 +02:00
Martin Bartoš	37bea126c7	[PERF] Jackson reflection-free serialization/deserialization (#42946 ) * [PERF] Jackson reflection-free serialization/deserialization Closes #42945 Signed-off-by: Martin Bartoš <mabartos@redhat.com> * Update docs/guides/server/configuration-production.adoc Co-authored-by: Alexander Schwartz <alexander.schwartz@gmx.net> Signed-off-by: Martin Bartoš <mabartos@redhat.com> * Docs improvements Signed-off-by: Martin Bartoš <mabartos@redhat.com> * Update docs/guides/server/configuration-production.adoc Co-authored-by: Václav Muzikář <vaclav@muzikari.cz> Signed-off-by: Martin Bartoš <mabartos@redhat.com> * Polish the features template macros Signed-off-by: Martin Bartoš <mabartos@redhat.com> --------- Signed-off-by: Martin Bartoš <mabartos@redhat.com> Co-authored-by: Alexander Schwartz <alexander.schwartz@gmx.net> Co-authored-by: Václav Muzikář <vaclav@muzikari.cz>	2025-10-17 20:24:47 +02:00
Martin Bartoš	b807a45091	Divide logging guide to sub-guides for every log handler (#43132 ) * Divide logging guide to sub-guides for every log handler Closes #43125 Signed-off-by: Martin Bartoš <mabartos@redhat.com> * Ability to set level offset to guides, remove emojis Signed-off-by: Martin Bartoš <mabartos@redhat.com> * Add all relevant options to the logging guide Signed-off-by: Martin Bartoš <mabartos@redhat.com> * Update docs/guides/server/logging/file.adoc Co-authored-by: andymunro <48995441+andymunro@users.noreply.github.com> Signed-off-by: Martin Bartoš <mabartos@redhat.com> * Update docs/guides/server/logging/syslog.adoc Co-authored-by: andymunro <48995441+andymunro@users.noreply.github.com> Signed-off-by: Martin Bartoš <mabartos@redhat.com> * Update docs/guides/server/logging/syslog.adoc Co-authored-by: andymunro <48995441+andymunro@users.noreply.github.com> Signed-off-by: Martin Bartoš <mabartos@redhat.com> * Update docs/guides/server/logging/syslog.adoc Co-authored-by: andymunro <48995441+andymunro@users.noreply.github.com> Signed-off-by: Martin Bartoš <mabartos@redhat.com> * Update docs/guides/server/logging/syslog.adoc Co-authored-by: andymunro <48995441+andymunro@users.noreply.github.com> Signed-off-by: Martin Bartoš <mabartos@redhat.com> * Update docs/guides/server/logging/console.adoc Co-authored-by: andymunro <48995441+andymunro@users.noreply.github.com> Signed-off-by: Martin Bartoš <mabartos@redhat.com> * Update docs/guides/server/logging/console.adoc Co-authored-by: andymunro <48995441+andymunro@users.noreply.github.com> Signed-off-by: Martin Bartoš <mabartos@redhat.com> * Improve link to other section Signed-off-by: Martin Bartoš <mabartos@redhat.com> --------- Signed-off-by: Martin Bartoš <mabartos@redhat.com> Co-authored-by: andymunro <48995441+andymunro@users.noreply.github.com>	2025-10-17 16:37:48 +02:00
Peter Zaoral	2300b3fc78	Handle canonical hostname checks for localhost on Windows (#42799 ) Closes: #42794 Signed-off-by: Peter Zaoral <pepo48@gmail.com>	2025-10-17 13:40:08 +00:00
Steven Hawkins	736d4920d7	fix: noting db support level changes (#43549 ) closes: #43191 Signed-off-by: Steve Hawkins <shawkins@redhat.com>	2025-10-17 14:01:10 +02:00
Alexander Schwartz	7b8626ead5	Make intra-document links work in downstream Closes #43544 Signed-off-by: Alexander Schwartz <alexander.schwartz@ibm.com>	2025-10-17 10:52:58 +02:00

1 2 3 4 5 ...

1463 Commits