mirror/keycloak
1
0
Fork 0
mirror of https://github.com/keycloak/keycloak.git synced 2025-12-30 19:39:55 -06:00
Code Issues Packages Projects Releases Wiki Activity
28,439 Commits 20 Branches 287 Tags
d2f4635ea0768c8fbeb69e168fd5da13a271d957
Commit Graph

1222 Commits

Author SHA1 Message Date
AvivGuiser
7736ca20e9 support setting periodSeconds and failureThreashold in the Keyclock CR (#40117) 
* add probe spec

Signed-off-by: AvivGuiser <avivguiser@gmail.com>

* make default for probes if not configured, add skeleton test files

Signed-off-by: AvivGuiser <avivguiser@gmail.com>

* fix tests

Signed-off-by: AvivGuiser <avivguiser@gmail.com>

* fix tests

Signed-off-by: AvivGuiser <avivguiser@gmail.com>

* add docs

Signed-off-by: AvivGuiser <avivguiser@gmail.com>

* move test to unittest and apiserver test

Signed-off-by: AvivGuiser <avivguiser@gmail.com>

* adding asserts to check new fields

Signed-off-by: AvivGuiser <avivguiser@gmail.com>

* fix test

Signed-off-by: AvivGuiser <aviv.guiser@placer.ai>

* update docs

Signed-off-by: AvivGuiser <aviv.guiser@placer.ai>

---------

Signed-off-by: AvivGuiser <avivguiser@gmail.com>
Signed-off-by: AvivGuiser <aviv.guiser@placer.ai>
 2025-06-13 17:32:20 +00:00
Steven Hawkins
76bc9fadcb fix: adding a -- separator for spi options (#40005) 
* fix: adding a -- separator for spi options

closes: #39063

Signed-off-by: Steve Hawkins <shawkins@redhat.com>

* adding a warning for ambiguous spi options

also adding a note about the change

Signed-off-by: Steve Hawkins <shawkins@redhat.com>
# Conflicts:
#	docs/documentation/upgrading/topics/changes/changes-26_3_0.adoc

* updating docs to the new format

Signed-off-by: Steve Hawkins <shawkins@redhat.com>
# Conflicts:
#	docs/guides/high-availability/examples/generated/keycloak-ispn.yaml
#	docs/guides/high-availability/examples/generated/keycloak.yaml

* internally using the new spi options

also adding a deprecation notice

Signed-off-by: Steve Hawkins <shawkins@redhat.com>

* Apply suggestions from code review

Co-authored-by: Martin Bartoš <mabartos@redhat.com>
Signed-off-by: Steven Hawkins <shawkins@redhat.com>

* correcting options output

adding + + inlining where needed

Signed-off-by: Steve Hawkins <shawkins@redhat.com>

* adding test showing the env mapping with __

Signed-off-by: Steve Hawkins <shawkins@redhat.com>

---------

Signed-off-by: Steve Hawkins <shawkins@redhat.com>
Signed-off-by: Steven Hawkins <shawkins@redhat.com>
Co-authored-by: Martin Bartoš <mabartos@redhat.com>
 2025-06-13 16:13:53 +02:00
Steven Hawkins
0e28bd3981 fix: adding a mapping directly from an env property to a wildcard (#39602) 
* fix: adding a map directly from an env property to a wildcard

closes: #38259

Signed-off-by: Steve Hawkins <shawkins@redhat.com>

* switching unit test logic to not directly manipulate env vars

Signed-off-by: Steve Hawkins <shawkins@redhat.com>

* Apply suggestions from code review

Co-authored-by: Martin Bartoš <mabartos@redhat.com>
Signed-off-by: Steven Hawkins <shawkins@redhat.com>

* modifications based upon review feedback

Signed-off-by: Steve Hawkins <shawkins@redhat.com>

---------

Signed-off-by: Steve Hawkins <shawkins@redhat.com>
Signed-off-by: Steven Hawkins <shawkins@redhat.com>
Co-authored-by: Martin Bartoš <mabartos@redhat.com>
 2025-06-13 08:26:18 +00:00
Martin Bartoš
21bd46cb18 Add templates for release notes and migration guide 
Closes #40441

Signed-off-by: Martin Bartoš <mabartos@redhat.com>
 2025-06-12 11:38:06 +02:00
Thomas Darimont
a89be114e9 Add link to OIDC discovery specification to the docs. 
Fixes #40440

Signed-off-by: Thomas Darimont <thomas.darimont@googlemail.com>
 2025-06-12 11:35:44 +02:00
Alexander Schwartz
0b3950529e Re-sort the release notes and upgrading guide (#40424) 
Closes #40422

Signed-off-by: Alexander Schwartz <aschwart@redhat.com>
Signed-off-by: Alexander Schwartz <alexander.schwartz@gmx.net>
Co-authored-by: Michal Hajas <mhajas@redhat.com>
 2025-06-12 10:25:42 +02:00
Ricardo Martin
b89f8a0225 Documentation changes for the 2FA additions 
Closes #40001

Signed-off-by: rmartinc <rmartinc@redhat.com>
 2025-06-12 09:30:27 +02:00
Niko Köbler
2e7a88f052 update links to OAuth 2.1 draft spec and change link from BCP to RFC9700 
closes #40419

Signed-off-by: Niko Köbler <niko@n-k.de>
 2025-06-11 18:48:43 +02:00
Alexander Schwartz
74027bfbfe Remove obsolete information from the Keycloak deployment 
Closes #40375

Signed-off-by: Alexander Schwartz <aschwart@redhat.com>
 2025-06-11 09:17:48 -03:00
Alexander Schwartz
4af3d7cc9d Redirect requests from outdated theme version to the current theme version 
Closes #39723

Signed-off-by: Alexander Schwartz <aschwart@redhat.com>
 2025-06-11 11:13:55 +02:00
vramik
aafb140529 Add a note to release notes about admin roles mapping 
Fixes #39956

Signed-off-by: vramik <vramik@redhat.com>
 2025-06-09 09:34:45 -03:00
Steven Hawkins
f8ba9d3429 fix: adding docs about Keycloak CR security (#40260) 
closes: #40188

Signed-off-by: Steve Hawkins <shawkins@redhat.com>
 2025-06-06 16:47:33 +02:00
Ryan Emerson
0c62bd0878 Change discovery in Kubernetes to jdbc-ping 
Closes #39544

Signed-off-by: Ryan Emerson <remerson@redhat.com>
 2025-06-05 16:48:30 +02:00
mposolda
b03b9f9e3a Improve documentation of service-accounts and make it more clear. Delete the unused file service-accounts.adoc 
closes #39748

Signed-off-by: mposolda <mposolda@gmail.com>
 2025-06-05 08:45:12 +02:00
rmartinc
abd7f88526 Make the checkbox "Sign out from other devices" unchecked by default 
Closes #39975

Signed-off-by: rmartinc <rmartinc@redhat.com>
 2025-06-04 14:11:29 +02:00
Alexander Schwartz
2b2d7bbcbe Updated documentation to handle the conf folder on upgrades (#40175) 
Closes #40046
Signed-off-by: Alexander Schwartz <aschwart@redhat.com>
 2025-06-03 16:14:11 +02:00
SoMin Park
a115a442f4 Add warning about using exec in custom entrypoint scripts 
Closes #39817

Signed-off-by: Somin Park <ps4708@naver.com>
Signed-off-by: Alexander Schwartz <aschwart@redhat.com>
Co-authored-by: Alexander Schwartz <aschwart@redhat.com>
 2025-06-02 17:49:20 +02:00
Pedro Igor
7cc055f8a6 Verify brokered user email based on the email_verified claim from the ID Token returned by the OP 
Closes #39885

Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>
 2025-05-29 10:45:18 -03:00
Pedro Igor
e6e6fa60fa Adding OAuth2-based identity broker 
Closes #35266

Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>
 2025-05-27 12:07:01 -03:00
Michal Hajas
88f660b235 Add experimental feature rolling-updates:v2 that allows rolling updat… (#39751) 
...e for patch releases
Closes #38882
Signed-off-by: Michal Hajas <mhajas@redhat.com>
 2025-05-27 11:17:42 -03:00
Pedro Ruivo
077173d24f Improve JGroups network bind address documentation (#39874) 
Closes #39872

Signed-off-by: Pedro Ruivo <pruivo@redhat.com>
 2025-05-27 08:35:01 +00:00
foliengriller
54b131e34e Update themes-react.adoc 
Fixes link formatting

Signed-off-by: foliengriller <info@simpelwebservice.de>
 2025-05-27 09:19:05 +02:00
Yoshiyuki Tabata
5a04f4a07a Update translation.md (#39978) 
Add @k-tamura as a new Japanese language maintainer.

Signed-off-by: Yoshiyuki Tabata <34849594+y-tabata@users.noreply.github.com>
 2025-05-27 08:50:20 +02:00
Pedro Igor
b22b1f298c Adding parameter to control whether the count of subgroups of subgroups should be returned 
Closes #39668

Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>
 2025-05-22 11:15:38 -03:00
Stan Silvert
b7db98383b New UI Customization Guide (#39756) 
* New UI Customization Guide

Closes #33721

Signed-off-by: Stan Silvert <ssilvert@redhat.com>

* Fix grammatical error.

Signed-off-by: Stan Silvert <ssilvert@redhat.com>

* Minor changes.

Signed-off-by: Stan Silvert <ssilvert@redhat.com>

* Fix typo.

Signed-off-by: Stan Silvert <ssilvert@redhat.com>

* Added preview warning.

Signed-off-by: Stan Silvert <ssilvert@redhat.com>

---------

Signed-off-by: Stan Silvert <ssilvert@redhat.com>
 2025-05-22 08:23:34 -04:00
rmartinc
3c511635ba Skip AIA for webauthn register if a crendential of teh correct type already exists 
Closes #39191

Signed-off-by: rmartinc <rmartinc@redhat.com>
 2025-05-20 18:09:12 +02:00
mposolda
fe2790a09d Fix documentation link to quickstarts to point to 'main' branch instead of 'latest' branch 
closes #39798

Signed-off-by: mposolda <mposolda@gmail.com>
 2025-05-19 10:32:06 +02:00
Steven Hawkins
603ecf20eb fix: adding a doc note about clean up (#39731) 
closes: #39338

Signed-off-by: Steve Hawkins <shawkins@redhat.com>
 2025-05-15 14:08:31 +02:00
Kai J. Witt
c76bb0683c Make max auth age configurable for all required actions by default 
Moved the current configuration implementation for the update password

Closes #39408

Signed-off-by: Kai Josef Witt <KWitt@vhv.de>
Signed-off-by: Marek Posolda <mposolda@gmail.com>
Co-authored-by: Kai Josef Witt <KWitt@vhv.de>
Co-authored-by: Marek Posolda <mposolda@gmail.com>
 2025-05-15 08:44:38 +02:00
Douglas Palmer
64cb66f451 Inconsistency in User enabled status in Rest query results. 
Closes #39549 #28713

Signed-off-by: Douglas Palmer <dpalmer@redhat.com>
 2025-05-14 20:10:14 +02:00
Pedro Igor
34ad280665 Build user representations when searching based on the user profile settings 
Closes #39595

Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>
 2025-05-14 10:42:25 +02:00
Pedro Igor
4171da9fbb Updating upgrading guide with the changes to theme templates 
Closes #39562

Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>
 2025-05-14 09:38:41 +02:00
yorickdevries
d5b873d705 Change screenshot from permissions view to correct resources view 
Cropped it in accordance with the other images

Closes #39697

Signed-off-by: Yorick <yorickdevries@live.com>
Signed-off-by: Alexander Schwartz <aschwart@redhat.com>
Co-authored-by: Alexander Schwartz <aschwart@redhat.com>
 2025-05-14 07:00:37 +00:00
Awambeng
ea4ef74917 Fix doc(oid4vc): Correct realm-attributes example and update HTTP method in docs (#39409) 
Closes #39264

Signed-off-by: Awambeng Rodrick <awambengrodrick@gmail.com>
 2025-05-13 10:09:14 +02:00
Steven Hawkins
a74b60199b fix: updating the examples to bind docker/podman 8080 only to localhost (#39584) 
closes: #39144

Signed-off-by: Steve Hawkins <shawkins@redhat.com>
 2025-05-13 09:40:33 +02:00
andymunro
0fc18c3a0b Make links generic 
Closes #39469

Signed-off-by: AndyMunro <amunro@redhat.com>
 2025-05-09 16:18:15 +02:00
andymunro
afe6d4d4a0 Fix callouts 
Closes #39590

Signed-off-by: AndyMunro <amunro@redhat.com>
 2025-05-09 14:10:59 +00:00
andymunro
1e2b0fdfc4 Edit Observability guide 
Close #39572

Signed-off-by: AndyMunro <amunro@redhat.com>
 2025-05-09 15:02:47 +02:00
andymunro
0b3de6ee6c Fix link to FGAP v1 
Closes #39541

Signed-off-by: AndyMunro <amunro@redhat.com>
 2025-05-08 09:00:40 +02:00
andymunro
eb51c03f90 Edit Operator Guide 
Closes #39543

Signed-off-by: AndyMunro <amunro@redhat.com>
 2025-05-08 08:45:41 +02:00
Alexander Schwartz
a17f551eb2 Log out other sessions including offline sessions on password change 
Closes #38850

Signed-off-by: Alexander Schwartz <aschwart@redhat.com>
 2025-05-06 14:04:13 +02:00
Steven Hawkins
3e05f676e5 fix: adds a warning about auto-build behavior (#38899) 
also correcting the language across the warnings

closes: #38662

Signed-off-by: Steve Hawkins <shawkins@redhat.com>
 2025-05-05 18:24:19 +02:00
andymunro
d106de4f83 Clarify podman use 
Closes #39418

Signed-off-by: AndyMunro <amunro@redhat.com>
Signed-off-by: andymunro <48995441+andymunro@users.noreply.github.com>
Co-authored-by: Alexander Schwartz <alexander.schwartz@gmx.net>
 2025-05-05 16:16:58 +02:00
Daniel Höxtermann
46ed361278 Fix footer ftl snippet in documentation 
Closes #39442

Signed-off-by: Daniel Höxtermann <daniel@hxtm.dev>
 2025-05-05 06:46:15 +00:00
Alexander Schwartz
f79408788d Document how to configure Istio to allow for JGroups mTLS 
Closes #39065

Signed-off-by: Alexander Schwartz <aschwart@redhat.com>
Signed-off-by: Alexander Schwartz <alexander.schwartz@gmx.net>
Co-authored-by: Pedro Ruivo <pruivo@users.noreply.github.com>
 2025-05-02 12:08:02 +00:00
Steven Hawkins
faa1c194f3 fix: remove ANY mode modification of truststores (#39366) 
also note that ANY should not be used in production

closes: CVE-2025-3501 #39350 #38392



Add a test for the error (#1)



Update docs/guides/server/keycloak-truststore.adoc

Signed-off-by: Steven Hawkins <shawkins@redhat.com>
Co-authored-by: Marek Posolda <mposolda@gmail.com>
 2025-04-30 15:00:12 +00:00
Steven Hawkins
24910d9e1c addresses slow import/export performance by limiting persistence context size (#37926) 
* fix: addresses slow import/export performance with more batching

closes: #37991

Signed-off-by: Steve Hawkins <shawkins@redhat.com>

* removing flush/detach manipulation

Signed-off-by: Steve Hawkins <shawkins@redhat.com>

* refining the doc note about using multiple files for larger user counts

Signed-off-by: Steve Hawkins <shawkins@redhat.com>

* adding doc note about useExistingSession method removal

and expanding javadocs

Signed-off-by: Steve Hawkins <shawkins@redhat.com>

---------

Signed-off-by: Steve Hawkins <shawkins@redhat.com>
 2025-04-29 18:57:45 -04:00
Steven Hawkins
08b5183784 fix: relaxes the admin root redirect check (#39095) 
* fix: relaxes the admin root redirect check

also deprecates the usage of local_admin

closes: #39085

Signed-off-by: Steve Hawkins <shawkins@redhat.com>

* moving deprecation to 26.3

also changing the adminroot test to seem like it's coming from a proxy

Signed-off-by: Steve Hawkins <shawkins@redhat.com>

---------

Signed-off-by: Steve Hawkins <shawkins@redhat.com>
 2025-04-29 11:09:51 -04:00
Alexander Schwartz
4c17ec26e3 SLO measurement should mention a month as a period 
Closes #39312

Signed-off-by: Alexander Schwartz <aschwart@redhat.com>
Signed-off-by: Michal Hajas <mhajas@redhat.com>
Co-authored-by: Michal Hajas <mhajas@redhat.com>
 2025-04-29 14:19:19 +02:00
rmartinc
4730dbdd8d Make recovery codes supported 
Closes #38994

Signed-off-by: rmartinc <rmartinc@redhat.com>
 2025-04-29 10:25:46 +02:00