mirror/keycloak
1
0
Fork 0
mirror of https://github.com/keycloak/keycloak.git synced 2026-01-26 09:08:54 -06:00
Code Issues Packages Projects Releases Wiki Activity
26,004 Commits 24 Branches 291 Tags
b88ecc023716a63a7ee2bb51101d4e8ad0618e9c
Commit Graph

495 Commits

Author SHA1 Message Date
Alexander Schwartz
b88ecc0237 Removing the extra two-minute Window for persistent user sessions (#32660) 
Closes #28418

Signed-off-by: Alexander Schwartz <aschwart@redhat.com>
Signed-off-by: Michal Hajas <mhajas@redhat.com>
Co-authored-by: Michal Hajas <mhajas@redhat.com>
 2024-09-09 09:28:48 +02:00
Giuseppe Graziano
a14548a7a2 Lightweight access tokens for Admin REST API (#32347) 
* Lightweight access tokens for Admin REST API

Closes #31513


Signed-off-by: Giuseppe Graziano <g.graziano94@gmail.com>
 2024-09-04 18:04:23 +02:00
Pedro Ruivo
3274591fe1 Deprecate old remote store 
Closes #32577

Signed-off-by: Pedro Ruivo <pruivo@redhat.com>
Signed-off-by: Alexander Schwartz <aschwart@redhat.com>
Co-authored-by: Alexander Schwartz <aschwart@redhat.com>
 2024-09-04 10:25:51 +00:00
rmartinc
cce9ae94c7 Move documentation to keycloak-client 
Closes #31870

Signed-off-by: rmartinc <rmartinc@redhat.com>
 2024-09-04 10:55:46 +02:00
Theresa Henze
a1c23fef8c introduce event types to update/remove credentials 
Closes #10114

Signed-off-by: Theresa Henze <theresa.henze@bare.id>
 2024-09-03 18:27:27 +02:00
Thomas Darimont
88a5c96fff Add kc_action to redirect URI after a required action is cancelled (#31925) 
Closes #31894

Signed-off-by: Thomas Darimont <thomas.darimont@googlemail.com>
 2024-09-03 14:26:23 +00:00
Jon Koops
2d17024b14 Remove redirect_uri support from OIDC logout endpoint 
Closes #10983

Signed-off-by: Jon Koops <jonkoops@gmail.com>
Signed-off-by: Alexander Schwartz <alexander.schwartz@gmx.net>
Co-authored-by: Alexander Schwartz <alexander.schwartz@gmx.net>
 2024-08-30 12:52:49 +00:00
Michal Hajas
af53af1506 Document persistent sessions are enabled by default 
Closes #32387

Signed-off-by: Michal Hajas <mhajas@redhat.com>
Signed-off-by: Alexander Schwartz <aschwart@redhat.com>
Co-authored-by: Pedro Ruivo <pruivo@users.noreply.github.com>
Co-authored-by: Alexander Schwartz <aschwart@redhat.com>
 2024-08-30 09:20:58 +00:00
Steve Hawkins
c9779cfa24 fix: adding a first-class option for trusted proxies 
closes: #32135

Signed-off-by: Steve Hawkins <shawkins@redhat.com>
 2024-08-29 14:00:27 +02:00
Václav Muzikář
7d3dcae96e Additional datasources now require XA (#32403) 
* Additional datasources now require XA

Closes #32402

Signed-off-by: Václav Muzikář <vmuzikar@redhat.com>

* Apply suggestions from code review

Co-authored-by: Steven Hawkins <shawkins@redhat.com>
Signed-off-by: Václav Muzikář <vaclav@muzikari.cz>

* Relax validation

Signed-off-by: Václav Muzikář <vmuzikar@redhat.com>

* Added a note on recovery

Signed-off-by: Václav Muzikář <vmuzikar@redhat.com>

* Fix `CustomJpaEntityProviderDistTest`

Signed-off-by: Václav Muzikář <vmuzikar@redhat.com>

---------

Signed-off-by: Václav Muzikář <vmuzikar@redhat.com>
Signed-off-by: Václav Muzikář <vaclav@muzikari.cz>
Co-authored-by: Steven Hawkins <shawkins@redhat.com>
 2024-08-29 11:16:38 +02:00
Václav Muzikář
9bbfec5cdd Remove GELF (#32230) 
Closes #27365

Signed-off-by: Václav Muzikář <vmuzikar@redhat.com>
 2024-08-28 21:25:05 +02:00
Steven Hawkins
29eb0171de task: remove hostname v1 (#32352) 
closes: #27731

Signed-off-by: Steve Hawkins <shawkins@redhat.com>
 2024-08-28 17:48:06 +02:00
Yuvi Panda
5210b7e546 Use Google as example, not Google+ 
Google+ no longer exists

Signed-off-by: Yuvi Panda <yuvipanda@gmail.com>
 2024-08-26 10:18:52 +02:00
Jon Koops
5ac8ffa5b5 Move unrelated files out of common resources (#32285) 
Closes #24861

Signed-off-by: Jon Koops <jonkoops@gmail.com>
 2024-08-22 09:57:15 +02:00
Steven Hawkins
087647dab3 fix: adding docs around client redirect uris and hostname-strict (#32101) 
* fix: adding docs around admin client redirect uris and hostname-strict

closes: #31640

Signed-off-by: Steve Hawkins <shawkins@redhat.com>

* Update docs/documentation/upgrading/topics/changes/changes-25_0_0.adoc

Co-authored-by: Václav Muzikář <vaclav@muzikari.cz>
Signed-off-by: Steven Hawkins <shawkins@redhat.com>

* Update docs/documentation/upgrading/topics/changes/changes-25_0_0.adoc

Co-authored-by: Václav Muzikář <vaclav@muzikari.cz>
Signed-off-by: Steven Hawkins <shawkins@redhat.com>

---------

Signed-off-by: Steve Hawkins <shawkins@redhat.com>
Signed-off-by: Steven Hawkins <shawkins@redhat.com>
Co-authored-by: Václav Muzikář <vaclav@muzikari.cz>
 2024-08-21 14:19:30 +00:00
yelhouti
e8840df0e0 Fix: admin GUI not working with 1000s of realms 
Search by RealmName is done before loading all realms when filtering

Closes #31956

Signed-off-by: Youssef El Houti <youssef.elhouti@gmail.com>
Signed-off-by: Alexander Schwartz <aschwart@redhat.com>
Co-authored-by: Alexander Schwartz <aschwart@redhat.com>
 2024-08-21 14:58:36 +02:00
Pedro Igor
c1f6d5ca64 Support for selecting an organization when requesting the organization scope 
Closes #31438

Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>
 2024-08-21 13:04:58 +02:00
Pedro Ruivo
4675a4eda9 Deprecate UserSessionCrossDCManager 
Fixes #31878

Signed-off-by: Pedro Ruivo <pruivo@redhat.com>
 2024-08-21 08:52:39 +02:00
Pedro Igor
eeae50fb43 Make sure federationLink always map to the storage provider associated with federated users 
Closes #31670

Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>
 2024-08-20 11:27:22 +02:00
Stefan Guilhen
fa7c2b5da6 Address review comments 
Signed-off-by: Stefan Guilhen <sguilhen@redhat.com>
 2024-08-19 09:06:35 -03:00
Stefan Guilhen
f82159cf65 Rework logic to fetch IDPs for the login page so that IDPs are fetched from the provider and not filtered in code. 
Closes #32090

Signed-off-by: Stefan Guilhen <sguilhen@redhat.com>
 2024-08-19 09:06:35 -03:00
Václav Muzikář
cb418b0bfc Upgrade to Quarkus 3.13.2 (#31678) 
* Upgrade to Quarkus 3.13.2

Closes #31676

Signed-off-by: Václav Muzikář <vmuzikar@redhat.com>
Co-authored-by: Peter Zaoral <pzaoral@redhat.com>
Co-authored-by: Martin Bartoš <mabartos@redhat.com>
 2024-08-16 11:41:34 +02:00
Erik Jan de Wit
e85f25434f added documentation on how use npm packages (#31426) 
Signed-off-by: Erik Jan de Wit <erikjan.dewit@gmail.com>
 2024-08-16 11:09:18 +02:00
Michal Hajas
36ad5fb3bd Remove information about online_user_session table 
Closes #32178

Signed-off-by: Michal Hajas <mhajas@redhat.com>
Co-authored-by: Alexander Schwartz <alexander.schwartz@gmx.net>
 2024-08-16 09:23:14 +02:00
Stian Thorgersen
310824cc2b Remove legacy cookies 
Closes #16770

Signed-off-by: stianst <stianst@gmail.com>
Signed-off-by: Jon Koops <jonkoops@gmail.com>
Co-authored-by: Jon Koops <jonkoops@gmail.com>
 2024-08-15 15:27:38 +02:00
Yoshiyuki Tabata
cb6eb187ac Client Policy - Condition : Client - Client Attribute 
Closes https://github.com/keycloak/keycloak/issues/31766

Signed-off-by: Yoshiyuki Tabata <yoshiyuki.tabata.jy@hitachi.com>
 2024-08-14 09:56:56 +02:00
Alexander Schwartz
d4991ce56f Fix server guide cross-references for downstream docs 
Closes #31947

Signed-off-by: Alexander Schwartz <aschwart@redhat.com>
 2024-08-13 14:51:01 -03:00
Martin Bartoš
d17a48f8f8 Add docs for the OpenTelemetry tracing 
Closes #31908

Signed-off-by: Martin Bartoš <mabartos@redhat.com>
Co-authored-by: Alexander Schwartz <aschwart@redhat.com>
Co-authored-by: Steven Hawkins <shawkins@redhat.com>
Co-authored-by: Václav Muzikář <vaclav@muzikari.cz>
 2024-08-13 08:46:48 +02:00
Steven Hawkins
ea3937f37c fix: always replacing placeholders (#31871) 
closes: #31625

Signed-off-by: Steve Hawkins <shawkins@redhat.com>
 2024-08-12 16:20:47 +00:00
rmartinc
347f595913 Add ECDH-ES encyption algorithms to the java keystore key provider 
Closes #32023

Signed-off-by: rmartinc <rmartinc@redhat.com>
 2024-08-09 15:57:51 +02:00
Pedro Igor
3ab2446074 Do not return identity providers when querying the realm representation 
Closes #21072

Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>
 2024-08-07 10:06:51 -03:00
rmartinc
acbbfde4ab Adding upgrading notes for brute force changes 
Closes #31960

Signed-off-by: rmartinc <rmartinc@redhat.com>
 2024-08-07 14:38:30 +02:00
Ryan Emerson
db14ab1365 Refactor HA guide to refer to generic multi-site deployments 
Old Active/Passive guides replaced with Active/Active architecture, but
A/P vs A/A distinction hidden from users in favour of generic multi-site
docs.

Closes #31029

Signed-off-by: Ryan Emerson <remerson@redhat.com>
Signed-off-by: Alexander Schwartz <aschwart@redhat.com>
Co-authored-by: Alexander Schwartz <aschwart@redhat.com>
 2024-08-07 08:22:59 +00:00
Tero Saarni
62fd969fe1 Allow requests from local IPv6 addresses 
If administrator selects EXTERNAL for Require SSL setting, allow clear-text
HTTP requests when client is coming from IPv6 link-local or unique local
address (ULA).

Previously only private IPv4 addresses were allowed and private IPv6 addresses
were rejected.

Closes #30678

Signed-off-by: Tero Saarni <tero.saarni@est.tech>
 2024-08-05 16:38:55 +02:00
rmartinc
942d5d0aa3 Convert chapter planning for securing applications and services to guides 
Final removal of the securing_apps documentation
Final checks for links, order and other minor things
Closes #31328

Signed-off-by: rmartinc <rmartinc@redhat.com>
 2024-08-01 16:45:56 +02:00
Giuseppe Graziano
adb2af442a Move token exchange documentation to guides (#31707) 
Closes #31334


Signed-off-by: Giuseppe Graziano <g.graziano94@gmail.com>
Signed-off-by: Marek Posolda <mposolda@gmail.com>
Co-authored-by: Marek Posolda <mposolda@gmail.com>
 2024-07-30 21:04:05 +02:00
Giuseppe Graziano
a3c9944610 Move Keycloak JavaScript adapter to guides (#31751) 
Closes #31695


Signed-off-by: Giuseppe Graziano <g.graziano94@gmail.com>
Signed-off-by: Marek Posolda <mposolda@gmail.com>
Co-authored-by: Marek Posolda <mposolda@gmail.com>
 2024-07-30 18:39:33 +02:00
rmartinc
b07b120f2a Convert chapter client registration CLI from securing apps into guides 
Closes #31333

Signed-off-by: rmartinc <rmartinc@redhat.com>
 2024-07-30 18:30:46 +02:00
rmartinc
b2b27f8a4e Convert chapter client registration service from securing apps into guides 
Closes #31332

Signed-off-by: rmartinc <rmartinc@redhat.com>
 2024-07-30 18:30:46 +02:00
Giuseppe Graziano
e1266c2678 Move mod-auth-openidc.adoc to guides 
Closes #31697

Signed-off-by: Giuseppe Graziano <g.graziano94@gmail.com>
 2024-07-30 18:23:40 +02:00
Peter Zaoral
07cfdac862 Document admin bootstrapping and recovery 
Closes: #30011

Signed-off-by: Peter Zaoral <pzaoral@redhat.com>
Co-authored-by: Alexander Schwartz <aschwart@redhat.com>
Co-authored-by: Václav Muzikář <vaclav@muzikari.cz>
 2024-07-30 15:45:56 +02:00
Giuseppe Graziano
ca2b6dc754 Move Node.js adapter to guides 
Closes #31696

Signed-off-by: Giuseppe Graziano <g.graziano94@gmail.com>
 2024-07-30 11:29:51 +02:00
Marek Posolda
5b52117351 Documentation for Delete Credential action and related changes (#31719) 
closes #31718


Signed-off-by: mposolda <mposolda@gmail.com>
Signed-off-by: Marek Posolda <mposolda@gmail.com>
Co-authored-by: andymunro <48995441+andymunro@users.noreply.github.com>
 2024-07-30 10:05:14 +02:00
Giuseppe Graziano
c3019fb2d3 Move oidc documentation to guides (#31627) 
Closes #31329

Signed-off-by: Giuseppe Graziano <g.graziano94@gmail.com>
 2024-07-30 09:46:14 +02:00
Steven Hawkins
22f8e5cdf0 Added field to the RealmImport spec to replace environment variables within the realm import (#31232) 
* Added field to the RealmImport spec to replace environment variables within the realm import

Closes #26470

Signed-off-by: stustison <scott.tustison@gmail.com>

* Added field to the RealmImport spec to replace environment variables within the realm import

Closes #26470

Signed-off-by: stustison <scott.tustison@gmail.com>

* testing refinement for placeholder handling

closes: #26470

Signed-off-by: Steve Hawkins <shawkins@redhat.com>

* changing from placeholdersecret to placeholder

Signed-off-by: Steve Hawkins <shawkins@redhat.com>

* Update docs/guides/operator/realm-import.adoc

Co-authored-by: Martin Bartoš <mabartos@redhat.com>
Signed-off-by: Steven Hawkins <shawkins@redhat.com>

* Update docs/documentation/release_notes/topics/26_0_0.adoc

Co-authored-by: Martin Bartoš <mabartos@redhat.com>
Signed-off-by: Steven Hawkins <shawkins@redhat.com>

---------

Signed-off-by: stustison <scott.tustison@gmail.com>
Signed-off-by: Steve Hawkins <shawkins@redhat.com>
Signed-off-by: Steven Hawkins <shawkins@redhat.com>
Co-authored-by: stustison <scott.tustison@gmail.com>
Co-authored-by: Martin Bartoš <mabartos@redhat.com>
 2024-07-29 11:16:09 +02:00
rmartinc
e97ffe7a32 Convert chapter docker registry from securing apps into guides 
Closes #31331

Signed-off-by: rmartinc <rmartinc@redhat.com>
 2024-07-26 15:39:51 +02:00
Alexander Schwartz
227c71f7f0 Persisting revoked access tokens 
Closes #31296

Signed-off-by: Alexander Schwartz <aschwart@redhat.com>
 2024-07-26 11:46:14 +02:00
rmartinc
e30230488e Convert chapter mod_auth_mellon from securing apps into guides 
Closes #31569

Signed-off-by: rmartinc <rmartinc@redhat.com>
 2024-07-24 21:16:49 +02:00
Pedro Igor
f4b1a5ca88 Updating docs 
Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>
 2024-07-24 15:12:16 -03:00
Maciej Mierzwa
97e89e2071 feature: password age in days policy 
Closes #30210

Signed-off-by: Maciej Mierzwa <dev.maciej.mierzwa@gmail.com>
 2024-07-24 15:12:16 -03:00