mirror/keycloak
1
0
Fork 0
mirror of https://github.com/keycloak/keycloak.git synced 2025-12-16 20:15:46 -06:00
Code Issues Packages Projects Releases Wiki Activity
29,730 Commits 20 Branches 287 Tags
ef011ea4d223a29f3ca99989009dc2941b6959f2
Commit Graph

908 Commits

Author SHA1 Message Date
forkimenjeckayang
3099cc2294 [OID4VCI]: Add UI for OID4VCI Protocol Mapper Configuration (#44390) 
Closes: #43901


Signed-off-by: forkimenjeckayang <forkimenjeckayang@gmail.com>
 2025-12-04 14:18:37 +01:00
rmartinc
ae7e7ba084 New Identity Provider condition for client policies 
Closes #44442

Signed-off-by: rmartinc <rmartinc@redhat.com>
 2025-12-03 08:50:31 +01:00
Stefan Guilhen
be714d935d Ensure GroupMemberLeaveEvent has a reference to the user leaving the group 
Closes #44400

Signed-off-by: Stefan Guilhen <sguilhen@redhat.com>
 2025-12-01 10:46:43 -03:00
Pedro Ruivo
3ed15e740a Add new option to schedule user session expiration 
Closes #44068

Signed-off-by: Pedro Ruivo <1492066+pruivo@users.noreply.github.com>
Signed-off-by: Alexander Schwartz <alexander.schwartz@ibm.com>
Signed-off-by: Ryan Emerson <remerson@ibm.com>
Co-authored-by: Pedro Ruivo <1492066+pruivo@users.noreply.github.com>
Co-authored-by: Alexander Schwartz <alexander.schwartz@ibm.com>
Co-authored-by: Ryan Emerson <remerson@ibm.com>
 2025-11-27 23:01:32 +01:00
Alexis Rico
b0b38176f0 Manage Organization Invites 
Closes #38809

Signed-off-by: Alexis Rico <sferadev@gmail.com>
Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>
Co-authored-by: Pedro Igor <pigor.craveiro@gmail.com>
 2025-11-27 10:28:52 +01:00
rmartinc
ca205272ba Initial integration of the JWT Authorization Grant in client Policies 
Using the downscope executor for testing
Closes #44201

Signed-off-by: rmartinc <rmartinc@redhat.com>
 2025-11-24 19:37:07 +01:00
Giuseppe Graziano
3e8b2f8ab7 New JWT Authorization Grant Identity provider (#44176) 
Closes #43570

Signed-off-by: Giuseppe Graziano <g.graziano94@gmail.com>
 2025-11-19 09:18:23 +01:00
Stian Thorgersen
a2c1055f8d Proposed import order (#43432) 
* Add importOrder to Spotless

Closes #43235

Signed-off-by: stianst <stianst@gmail.com>

* Re-order imports with Spotless

Signed-off-by: stianst <stianst@gmail.com>

---------

Signed-off-by: stianst <stianst@gmail.com>
 2025-11-14 09:34:49 +01:00
Pedro Igor
ded372a57f Adding utility class for working with throwables and updating the cause check to limit the number of iterations on the stacktrace 
Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>
 2025-11-11 08:48:26 -03:00
Martin Kanis
c28cde359c Local user can't login when ldap error 
Closes #43639

Signed-off-by: Martin Kanis <mkanis@redhat.com>
 2025-11-11 08:48:26 -03:00
Stian Thorgersen
d8275fe5df Remove wildcard imports (#44060) 
Closes #44059

Signed-off-by: stianst <stianst@gmail.com>
 2025-11-10 11:46:05 +01:00
Stian Thorgersen
b278dbbb3d Allow identity provider configuration without defaults for user authentication (#43963) 
Closes #43552

Signed-off-by: stianst <stianst@gmail.com>
 2025-11-05 10:13:40 -03:00
Steven Hawkins
27252a14ae fix: adding a single method to get the base uri (#43333) 
* fix: adding a single method to get the base uri

closes: #43330

Signed-off-by: Steve Hawkins <shawkins@redhat.com>

* Update server-spi/src/main/java/org/keycloak/urls/HostnameProvider.java

Co-authored-by: Václav Muzikář <vaclav@muzikari.cz>
Signed-off-by: Steven Hawkins <shawkins@redhat.com>

---------

Signed-off-by: Steve Hawkins <shawkins@redhat.com>
Signed-off-by: Steven Hawkins <shawkins@redhat.com>
Co-authored-by: Václav Muzikář <vaclav@muzikari.cz>
 2025-11-05 12:46:09 +00:00
KONSTANTINOS GEORGILAKIS
1c0d4616a5 hide scopes from scopes_supported in discovery endpoint 
Closes #10388

Signed-off-by: cgeorgilakis-grnet <cgeorgilakis@admin.grnet.gr>
Signed-off-by: Alexander Schwartz <alexander.schwartz@ibm.com>
Co-authored-by: Alexander Schwartz <alexander.schwartz@ibm.com>
 2025-11-03 16:26:12 +00:00
Stian Thorgersen
1048c8d9c9 Filter out non-user authentication IdPs from account and login (#43798) 
Closes #43553

Signed-off-by: stianst <stianst@gmail.com>
 2025-10-31 12:40:04 +01:00
Tomáš Kyjovský
4c64b7189c Deprecate org.keycloak.common.util.Base64 
Closes #43370

Signed-off-by: Alexander Schwartz <alexander.schwartz@ibm.com>
Signed-off-by: 1867605+tkyjovsk@users.noreply.github.com
Co-authored-by: Pedro Ruivo <1492066+pruivo@users.noreply.github.com>
Co-authored-by: Alexander Schwartz <alexander.schwartz@ibm.com>
 2025-10-30 09:12:14 +01:00
Marek Posolda
2fc5419676 Avoid using UserCredentialManager from user storage extensions (#43695) 
closes #43694

Signed-off-by: mposolda <mposolda@gmail.com>
 2025-10-29 16:26:59 +01:00
Alexander Schwartz
2b51d6f4ac Avoid holding on to the realm in cached configurations 
Closes #43744

Signed-off-by: Alexander Schwartz <alexander.schwartz@ibm.com>
 2025-10-28 13:10:24 -03:00
Pedro Ruivo
468c063e27 Client session may be lost during session restart 
Fixes #43349

Signed-off-by: Pedro Ruivo <1492066+pruivo@users.noreply.github.com>
Signed-off-by: Alexander Schwartz <alexander.schwartz@ibm.com>
Co-authored-by: Pedro Ruivo <1492066+pruivo@users.noreply.github.com>
Co-authored-by: Alexander Schwartz <alexander.schwartz@ibm.com>
 2025-10-14 11:01:16 +00:00
stianst
aedd7fe5db Remove unused imports as part of #43233 
Signed-off-by: stianst <stianst@gmail.com>
 2025-10-13 13:32:01 +02:00
Pedro Igor
d6da849206 Introducing a EMAL_PENDING user attribute to set the email pending verification 
Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>
 2025-09-29 12:41:41 -03:00
Pedro Ruivo
53007546ad Deprecate AuthenticatedClientSessionModel timestamp 
Closes #42815

Signed-off-by: Pedro Ruivo <1492066+pruivo@users.noreply.github.com>
Signed-off-by: Alexander Schwartz <alexander.schwartz@ibm.com>
Co-authored-by: Pedro Ruivo <1492066+pruivo@users.noreply.github.com>
Co-authored-by: Alexander Schwartz <alexander.schwartz@ibm.com>
 2025-09-29 14:16:39 +00:00
Pedro Igor
6e851ce80e Only filter default organization related scopes based on dynamic scope format 
Closes #42877

Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>
 2025-09-26 16:28:12 -03:00
Pedro Igor
d65c17ebc7 Do not fail when querying user federation providers and log messages to indicate the problem 
Closes #42276

Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>
 2025-09-24 04:03:13 -03:00
Stian Thorgersen
f9ee040ef0 Add federated subject configuration option to federated-jwt authenticator (#42610) 
Closes #42608

Signed-off-by: stianst <stianst@gmail.com>
 2025-09-17 13:39:50 +02:00
Pedro Ruivo
f7ff7e55d8 Replace UUID with composite key for client session cache 
Closes #42547

Signed-off-by: Pedro Ruivo <1492066+pruivo@users.noreply.github.com>
Signed-off-by: Alexander Schwartz <aschwart@redhat.com>
Co-authored-by: Pedro Ruivo <1492066+pruivo@users.noreply.github.com>
Co-authored-by: Alexander Schwartz <aschwart@redhat.com>
 2025-09-17 10:25:51 +00:00
Giuseppe Graziano
fd7f5351ad Client Authenticator configurable per client 
Closes #42044

Signed-off-by: Giuseppe Graziano <g.graziano94@gmail.com>
 2025-09-16 16:54:39 +02:00
Stian Thorgersen
51465f52a3 Get client by client attribute 
Closes #42543

Signed-off-by: stianst <stianst@gmail.com>
 2025-09-11 12:07:13 +00:00
Pedro Igor
1b17a3c9a6 Add a policy condition based on user roles (#42487) 
Closes #42117

Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>
 2025-09-10 03:23:56 +02:00
Pedro Igor
17a053b2af Add support for generic event-based policies and conditions 
Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>
 2025-09-02 17:45:59 -03:00
Stefan Guilhen
70659ac183 Rework RLM core to schedule action based on events @sguilhen (#42010) 
* Rework RLM core to schedule action based on events

Closes #41803

Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>
Signed-off-by: Stefan Guilhen <sguilhen@redhat.com>
Co-authored-by: Pedro Igor <pigor.craveiro@gmail.com>
 2025-08-20 17:59:52 +00:00
Marek Posolda
dd7ad5b866 Ability to display 'authenticator provider' of the WebAuthn credential (#41615) 
closes #41613

Signed-off-by: mposolda <mposolda@gmail.com>


Co-authored-by: Jon Koops <jonkoops@gmail.com>
Signed-off-by: Marek Posolda <mposolda@gmail.com>
 2025-08-20 11:42:24 +02:00
mposolda
97625173ee KeycloakSession javadoc should not reference keycloak-server.json 
closes #41854

Signed-off-by: mposolda <mposolda@gmail.com>
 2025-08-15 17:48:22 -03:00
Pedro Igor
3bf46e5421 "linked-accounts" endpoint displays all Identity providers 
Closes #19732

Signed-off-by: Réda Housni Alaoui <reda-alaoui@hey.com>
Co-authored-by: Réda Housni Alaoui <reda-alaoui@hey.com>
 2025-08-14 15:21:03 +02:00
Peter Skopek
651d651c30 Add missing artifact descriptions to allow Maven Central Portal Publisher pass validation process. (#40822) 
Signed-off-by: Peter Skopek <pskopek@redhat.com>
 2025-08-12 16:50:17 +02:00
vramik
a8225655cf Initial commit for the RLM feature 
Closes #40340
Closes #40341

Co-authored-by: Stefan Guilhen <sguilhen@redhat.com>
Co-authored-by: Pedro Igor <pigor.craveiro@gmail.com>

Signed-off-by: vramik <vramik@redhat.com>
 2025-08-11 17:34:41 -03:00
huyenvu2101
5436f9781c Allow setting default value for userprofile attribute 
Closes #36160

Signed-off-by: huyenvu2101 <vhuyen2101@gmail.com>
 2025-08-06 13:59:54 -03:00
Steven Hawkins
11924e6473 enhance: adding the ability to get the root config from a Scope 
closes: #36268

Signed-off-by: Steve Hawkins <shawkins@redhat.com>
 2025-08-05 18:51:33 +02:00
Pascal Knüppel
f39a37d8d1 [OID4VCI] Move realm attributes to clientScope and protocol-mappers (#39768) 
fixes #39527


Signed-off-by: Pascal Knüppel <pascal.knueppel@governikus.de>
Signed-off-by: Captain-P-Goldfish <captain.p.goldfish@gmx.de>
 2025-07-10 14:46:36 +02:00
Martin Kanis
5a42390341 Make UPDATE_EMAIL a supported feature 
Closes #40227

Signed-off-by: Martin Kanis <mkanis@redhat.com>
 2025-07-09 10:15:48 -03:00
Pedro Igor
304bcdce88 Do not show update email link if the email attribute is not writable 
Closes #39669

Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>
 2025-06-28 10:19:41 +02:00
Pavuluri Sai Krishna
76ab8bd21d Implemented validation to ensure each OTP device has a unique label 
Closes #38465

Signed-off-by: Saikrishna <saikrishnap@optimeyes.ai>
Signed-off-by: Alexander Schwartz <aschwart@redhat.com>
Co-authored-by: Saikrishna <saikrishnap@optimeyes.ai>
Co-authored-by: Alexander Schwartz <aschwart@redhat.com>
 2025-06-12 12:08:05 +02:00
Alexander Schwartz
4af3d7cc9d Redirect requests from outdated theme version to the current theme version 
Closes #39723

Signed-off-by: Alexander Schwartz <aschwart@redhat.com>
 2025-06-11 11:13:55 +02:00
Rutger Lubbers
c9a7a20764 Throw a ProviderConfigPropertyNameNotUniqueException in case of a duplicate ProviderConfigProperty 
Closes #40233

Signed-off-by: Rutger Lubbers <RutgerLubbers@gmail.com>
 2025-06-05 19:47:44 +02:00
Ricardo Martin
41110823c7 Integrate current auth-username-password-form authenticator with passkeys isConditionalMediationAvailable (#38781) 
Closes #29596

Signed-off-by: rmartinc <rmartinc@redhat.com>
 2025-06-05 08:53:00 +02:00
Anchels
4fc065aadc Removed unnecessary boxing/unboxing 
Closes #39987

Signed-off-by: Anchels <mishtitov@gmail.com>
 2025-05-30 13:10:39 +02:00
Giuseppe Graziano
8833c0aa5d Ignore Accept-Language header for reset email from admin api 
Closes #36986

Signed-off-by: Giuseppe Graziano <g.graziano94@gmail.com>
 2025-05-27 10:14:22 +02:00
Pedro Igor
8f9d02c305 Avoid resolving a client scope if it was requested using the dynamic scope format (#39752) 
Closes #39402

Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>
 2025-05-26 16:26:04 +02:00
Erik Jan de Wit
cbd0d18f6a add description to groups 
fixes #39172

Signed-off-by: Erik Jan de Wit <erikjan.dewit@gmail.com>
Signed-off-by: Alexander Schwartz <aschwart@redhat.com>
Co-authored-by: Alexander Schwartz <aschwart@redhat.com>
 2025-05-14 06:41:01 -04:00
Pedro Igor
34ad280665 Build user representations when searching based on the user profile settings 
Closes #39595

Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>
 2025-05-14 10:42:25 +02:00