keycloak

mirror of https://github.com/keycloak/keycloak.git synced 2026-04-29 19:52:41 -05:00

Author	SHA1	Message	Date
rmartinc	acbbfde4ab	Adding upgrading notes for brute force changes Closes #31960 Signed-off-by: rmartinc <rmartinc@redhat.com>	2024-08-07 14:38:30 +02:00
Pascal Knüppel	f3341390f4	Issuer id must be a URL according to specification (#30961 ) fixes #30960 Signed-off-by: Pascal Knüppel <pascal.knueppel@governikus.de> Signed-off-by: Captain-P-Goldfish <captain.p.goldfish@gmx.de>	2024-08-07 14:35:58 +02:00
Martin Kanis	e750b44e9d	Flaky test: org.keycloak.testsuite.model.DBLockTest#testTwoLocksCurrently Closes #25794 Signed-off-by: Martin Kanis <mkanis@redhat.com>	2024-08-07 09:00:37 -03:00
Ryan Emerson	31d610c2fc	Upgrade to Infinispan 15.0.7.Final Closes #31963 Signed-off-by: Ryan Emerson <remerson@redhat.com>	2024-08-07 13:32:23 +02:00
Pascal Knüppel	bf951a5554	Fix certificate creation with cross-keys (#31866 ) fixes #31864 Signed-off-by: Pascal Knüppel <pascal.knueppel@governikus.de>	2024-08-07 12:41:12 +02:00
Giuseppe Graziano	35c8c09b8d	OIDC dynamic client registration with response_type=none Closes #19564 Signed-off-by: Giuseppe Graziano <g.graziano94@gmail.com>	2024-08-07 10:34:47 +02:00
Ryan Emerson	db14ab1365	Refactor HA guide to refer to generic multi-site deployments Old Active/Passive guides replaced with Active/Active architecture, but A/P vs A/A distinction hidden from users in favour of generic multi-site docs. Closes #31029 Signed-off-by: Ryan Emerson <remerson@redhat.com> Signed-off-by: Alexander Schwartz <aschwart@redhat.com> Co-authored-by: Alexander Schwartz <aschwart@redhat.com>	2024-08-07 08:22:59 +00:00
rmartinc	8a09905e5c	Remove the attempt in brute force when the off-thread finishes Closes #31881 Signed-off-by: rmartinc <rmartinc@redhat.com>	2024-08-06 15:30:49 -03:00
Michal Hajas	50c07c6e7c	Simplify configuration for MULTI_SITE Closes #31807 Signed-off-by: Michal Hajas <mhajas@redhat.com>	2024-08-06 16:14:33 +00:00
Pedro Ruivo	3fbe26d2e1	Disable SessionTimeoutsTest for old cross-site code The test is disabled for the embedded caches + remote store combination (old cross-site code) due to the async event processing. Events can be handled after the test changes the time offset, causing the test to fail. Fixes #31612 Signed-off-by: Pedro Ruivo <pruivo@redhat.com>	2024-08-06 15:33:44 +02:00
Hasan Can Erol	f4f8688a14	Turkish translations added for login (#31052 ) Signed-off-by: Hasan Can Erol <hsncan.erol@gmail.com> Co-authored-by: Hasan Can Erol <hsncan.erol@gmail.com>	2024-08-06 13:07:08 +00:00
Jon Koops	38f185dff1	Update ESLint dependencies to latest version (#31831 ) Signed-off-by: Jon Koops <jonkoops@gmail.com>	2024-08-06 08:02:18 -04:00
Michal Hajas	6847af0068	Remove InfinispanMultiSiteLoadBalancerCheckProviderFactory.java Signed-off-by: Michal Hajas <mhajas@redhat.com>	2024-08-06 07:58:12 -03:00
Alexander Schwartz	d08ff5a311	Cache node binary for Windows to avoid download failures Closes #31835 Signed-off-by: Alexander Schwartz <aschwart@redhat.com>	2024-08-06 07:27:00 -03:00
Erik Jan de Wit	368939f7de	reverted accidental change to logout url (#31907 ) fixes: #31781 Signed-off-by: Erik Jan de Wit <erikjan.dewit@gmail.com>	2024-08-06 11:07:36 +01:00
Javapark	d85fa09823	Korean translation of the login theme (#31919 ) Signed-off-by: Javapark <javapark@users.noreply.github.com>	2024-08-06 10:42:03 +02:00
kaustubh-rh	8e81626eee	Fix for #31893 (#31922 ) Signed-off-by: kaustubh B <kbawanka@redhat.com>	2024-08-06 09:59:22 +02:00
himanshi1099	7cf9946040	Fix for Network error attempting to view default realm roles without permissions (#31902 ) * fix for issue #29211 Signed-off-by: Himanshi Gupta <higupta@redhat.com> * fix for issue #29211 Signed-off-by: Himanshi Gupta <higupta@redhat.com> --------- Signed-off-by: Himanshi Gupta <higupta@redhat.com>	2024-08-05 12:38:10 -04:00
Pedro Ruivo	1e9f6bbb8c	Non clustered Keycloak with External Infinispan feature Disables JGroups (clustering) when remote-cache feature is enabled Fixes #31876 Signed-off-by: Pedro Ruivo <pruivo@redhat.com>	2024-08-05 17:04:36 +02:00
Tero Saarni	62fd969fe1	Allow requests from local IPv6 addresses If administrator selects EXTERNAL for Require SSL setting, allow clear-text HTTP requests when client is coming from IPv6 link-local or unique local address (ULA). Previously only private IPv4 addresses were allowed and private IPv6 addresses were rejected. Closes #30678 Signed-off-by: Tero Saarni <tero.saarni@est.tech>	2024-08-05 16:38:55 +02:00
Jonas-Noah Krausch	7b316afc74	Change {0} to {{name}} to comply with other languages and display correct variable (#31898 ) Signed-off-by: Jonas Krausch <jonas.krausch@check24.de> Co-authored-by: Jonas Krausch <jonas.krausch@check24.de>	2024-08-05 13:47:13 +00:00
Erik Jan de Wit	3f6136c648	use stringify on use meta data descriptor (#31717 ) fixes: #31687 Signed-off-by: Erik Jan de Wit <erikjan.dewit@gmail.com>	2024-08-05 15:37:51 +02:00
Ingrid Kamga	36a141007e	Implement advanced verification of SD-JWT in Keycloak (#30966 ) closes #30907 Signed-off-by: Ingrid Kamga <Ingrid.Kamga@adorsys.com>	2024-08-05 11:50:03 +02:00
Nikos Epping	4080ee2e84	Don't fail on null config map in AdvancedClaimToGroupMapper/AdvancedClaimToRoleMapper/AdvancedAttributeToGroupMapper/AdvancedAttributeToGroupMapper Fixes #31575 Signed-off-by: Nikos Epping <n.epping@evosec.de>	2024-08-05 10:22:22 +02:00
Stefan Wiedemann	6258256c1b	Fix access token issue OID4VC (#31763 ) closes #31712 Signed-off-by: Stefan Wiedemann <wistefan@googlemail.com>	2024-08-04 11:42:40 +02:00
Ingrid Kamga	7c69c857a1	Add a media type to error responses on OID4VC endpoints Closes #31585 Signed-off-by: Ingrid Kamga <Ingrid.Kamga@adorsys.com>	2024-08-02 12:09:09 +02:00
Pascal Knüppel	4a15e1c2b0	Support certificate creation for EC keys (#31817 ) fixes #31816 Signed-off-by: Captain-P-Goldfish <captain.p.goldfish@gmx.de>	2024-08-02 11:52:48 +02:00
Justin Tay	f537343545	Allow empty key use in JWKS from identity provider Closes #31823 Signed-off-by: Justin Tay <49700559+justin-tay@users.noreply.github.com>	2024-08-02 11:39:43 +02:00
rmartinc	773e309f75	Parse saml urls correctly if the bindings are different Closes #31780 Signed-off-by: rmartinc <rmartinc@redhat.com>	2024-08-02 11:34:06 +02:00
rmartinc	942d5d0aa3	Convert chapter planning for securing applications and services to guides Final removal of the securing_apps documentation Final checks for links, order and other minor things Closes #31328 Signed-off-by: rmartinc <rmartinc@redhat.com>	2024-08-01 16:45:56 +02:00
Pedro Ruivo	fed804160b	Enable ProtoStream encoding for External Infinispan feature The ProtoStream schema is automatically uploaded to the Infinispan server during startup. When the schema is updated, the indexes are updated and re-created. Use the delete statement to delete entities when a realm is removed. Fixes #30931 Signed-off-by: Pedro Ruivo <pruivo@redhat.com>	2024-08-01 16:16:19 +02:00
Ryan Emerson	176ac3404a	EmbeddedInfinispanSplitBrainTest fails with "IllegalState Session not bound to a realm" Closes #31828 Signed-off-by: Ryan Emerson <remerson@redhat.com>	2024-08-01 13:58:41 +02:00
dependabot[bot]	9cf650b52b	Bump cypress from 13.13.1 to 13.13.2 (#31820 ) Bumps [cypress](https://github.com/cypress-io/cypress) from 13.13.1 to 13.13.2. - [Release notes](https://github.com/cypress-io/cypress/releases) - [Changelog](https://github.com/cypress-io/cypress/blob/develop/CHANGELOG.md) - [Commits](https://github.com/cypress-io/cypress/compare/v13.13.1...v13.13.2) --- updated-dependencies: - dependency-name: cypress dependency-type: direct:development update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	2024-08-01 12:00:07 +02:00
dependabot[bot]	51310fcb71	Bump @types/node from 22.0.0 to 22.0.2 (#31822 ) Bumps [@types/node](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/node) from 22.0.0 to 22.0.2. - [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases) - [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/node) --- updated-dependencies: - dependency-name: "@types/node" dependency-type: direct:development update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	2024-08-01 11:58:50 +02:00
Alexander Schwartz	00bfc2c34f	Adding an index for the revoked tokens table to speed up the cleanup (#31790 ) Closes #31725 Signed-off-by: Alexander Schwartz <aschwart@redhat.com>	2024-08-01 11:12:53 +02:00
Alexander Schwartz	aa91f60278	Caches the id-to-user mapping for the evaluation in the current session (#31794 ) Closes #31519 Signed-off-by: Alexander Schwartz <aschwart@redhat.com>	2024-08-01 10:38:46 +02:00
dependabot[bot]	5284641b9d	Bump typescript-eslint from 7.17.0 to 7.18.0 (#31741 ) Bumps [typescript-eslint](https://github.com/typescript-eslint/typescript-eslint/tree/HEAD/packages/typescript-eslint) from 7.17.0 to 7.18.0. - [Release notes](https://github.com/typescript-eslint/typescript-eslint/releases) - [Changelog](https://github.com/typescript-eslint/typescript-eslint/blob/main/packages/typescript-eslint/CHANGELOG.md) - [Commits](https://github.com/typescript-eslint/typescript-eslint/commits/v7.18.0/packages/typescript-eslint) --- updated-dependencies: - dependency-name: typescript-eslint dependency-type: direct:development update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	2024-07-31 15:36:35 +00:00
dependabot[bot]	d5a2627bdb	Bump husky from 9.1.3 to 9.1.4 (#31740 ) Bumps [husky](https://github.com/typicode/husky) from 9.1.3 to 9.1.4. - [Release notes](https://github.com/typicode/husky/releases) - [Commits](https://github.com/typicode/husky/compare/v9.1.3...v9.1.4) --- updated-dependencies: - dependency-name: husky dependency-type: direct:development update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	2024-07-31 15:30:50 +00:00
dependabot[bot]	db2b4f452c	Bump eslint-plugin-mocha from 10.4.3 to 10.5.0 (#31742 ) Bumps [eslint-plugin-mocha](https://github.com/lo1tuma/eslint-plugin-mocha) from 10.4.3 to 10.5.0. - [Release notes](https://github.com/lo1tuma/eslint-plugin-mocha/releases) - [Changelog](https://github.com/lo1tuma/eslint-plugin-mocha/blob/10.5.0/CHANGELOG.md) - [Commits](https://github.com/lo1tuma/eslint-plugin-mocha/compare/10.4.3...10.5.0) --- updated-dependencies: - dependency-name: eslint-plugin-mocha dependency-type: direct:development update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	2024-07-31 17:24:02 +02:00
dependabot[bot]	05e9671043	Bump @types/node from 20.14.12 to 22.0.0 (#31690 ) Bumps [@types/node](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/node) from 20.14.12 to 22.0.0. - [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases) - [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/node) --- updated-dependencies: - dependency-name: "@types/node" dependency-type: direct:development update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	2024-07-31 17:08:26 +02:00
Ryan Emerson	349ff51116	Log a warning if remote-store configuration exists when the REMOTE_CACHE Feature is enabled Closes #31775 Signed-off-by: Ryan Emerson <remerson@redhat.com>	2024-07-31 16:59:05 +02:00
Ryan Emerson	8d7e18ec29	Clear local caches on split-brain heal Closes #25837 Signed-off-by: Ryan Emerson <remerson@redhat.com>	2024-07-31 13:59:06 +02:00
Pedro Ruivo	17e30e9ec1	Persist revoke tokens with remote cache feature Stores the revoked tokens into the database and preloads them during startup. Fixes #31760 Signed-off-by: Pedro Ruivo <pruivo@redhat.com>	2024-07-31 11:02:38 +02:00
Giuseppe Graziano	adb2af442a	Move token exchange documentation to guides (#31707 ) Closes #31334 Signed-off-by: Giuseppe Graziano <g.graziano94@gmail.com> Signed-off-by: Marek Posolda <mposolda@gmail.com> Co-authored-by: Marek Posolda <mposolda@gmail.com>	2024-07-30 21:04:05 +02:00
Giuseppe Graziano	a3c9944610	Move Keycloak JavaScript adapter to guides (#31751 ) Closes #31695 Signed-off-by: Giuseppe Graziano <g.graziano94@gmail.com> Signed-off-by: Marek Posolda <mposolda@gmail.com> Co-authored-by: Marek Posolda <mposolda@gmail.com>	2024-07-30 18:39:33 +02:00
Thomas Darimont	282260dc95	Ensure issued_client_type is always added to successful token-exchange response (#31548 ) - Compute issued_token_type response parameter based on requested_token_type and client configuration - `issued_token_type` is a required response parameter as per [RFC8693 2.2.1](https://datatracker.ietf.org/doc/html/rfc8693#section-2.2.1) - Added test to ClientTokenExchangeTest that requests an access-token as requested-token-type Fixes #31548 Signed-off-by: Thomas Darimont <thomas.darimont@googlemail.com>	2024-07-30 18:33:51 +02:00
rmartinc	a6c70d65ee	Do not generate secret when client rep do not specifiy public or bearer Closes #31444 Signed-off-by: rmartinc <rmartinc@redhat.com>	2024-07-30 18:32:15 +02:00
rmartinc	b07b120f2a	Convert chapter client registration CLI from securing apps into guides Closes #31333 Signed-off-by: rmartinc <rmartinc@redhat.com>	2024-07-30 18:30:46 +02:00
rmartinc	b2b27f8a4e	Convert chapter client registration service from securing apps into guides Closes #31332 Signed-off-by: rmartinc <rmartinc@redhat.com>	2024-07-30 18:30:46 +02:00
Giuseppe Graziano	e1266c2678	Move mod-auth-openidc.adoc to guides Closes #31697 Signed-off-by: Giuseppe Graziano <g.graziano94@gmail.com>	2024-07-30 18:23:40 +02:00

1 2 3 4 5 ...

25711 Commits