mirror/keycloak
1
0
Fork 0
mirror of https://github.com/keycloak/keycloak.git synced 2026-05-03 05:30:03 -05:00
Code Issues Packages Projects Releases Wiki Activity
28,009 Commits 33 Branches 304 Tags
fe678c5e63178a9be5fc883128efc90df4eece9b
Commit Graph

936 Commits

Author SHA1 Message Date
mposolda bb4837d007 Update javadoc of java admin-client for Keycloak 26.2 
closes #38398

Signed-off-by: mposolda <mposolda@gmail.com>
 2025-03-25 10:55:43 +01:00
Ricardo Martin 9cc847b5ad Logout session when closing the keycloak client 
Closes #22215

Signed-off-by: rmartinc <rmartinc@redhat.com>
 2025-03-18 08:42:18 +01:00
Steven Hawkins f69261daad fix: turning off default picocli behavior we don't want (#38070) 
closes: #38065

Signed-off-by: Steve Hawkins <shawkins@redhat.com>
 2025-03-14 10:20:26 +01:00
Stefan Guilhen 5babc6c1a3 Ensure the group being joined is not an organization group in GroupLDAPStorageMapper 
Closes #37393

Signed-off-by: Stefan Guilhen <sguilhen@redhat.com>
 2025-02-17 14:41:53 -03:00
Olivier Boudet 3777a0d976 fix javadoc 
Signed-off-by: Olivier Boudet <o.boudet@gmail.com>
 2025-02-04 08:52:35 -03:00
rmartinc 6cf92d9dc7 Add crl cache to certificate validation 
Closes #26473

Signed-off-by: rmartinc <rmartinc@redhat.com>
 2025-01-22 14:58:35 +01:00
Stian Thorgersen fc2b9018f1 Extend REST API for login and admin events to support sync scenarios (#36601) 
Closes #36600

Signed-off-by: stianst <stianst@gmail.com>
 2025-01-20 14:32:55 +01:00
mposolda fd1e82f05d Polishing of CreatedResponseUtil.getCreatedId 
closes #36557

Signed-off-by: mposolda <mposolda@gmail.com>
 2025-01-17 13:23:24 +01:00
Thomas Darimont d94e388047 CreatedResponseUtil.getCreatedId should expose server error message (#34343) 
We now expose the actual error message found in the response if present.

Fixes #34343

Signed-off-by: Thomas Darimont <thomas.darimont@googlemail.com>
 2025-01-16 14:33:50 +01:00
vramik 0a632fdefa [FGAP] Add adminPermissionClientCheck to authorization services REST endpoints 
Closes #35945

Signed-off-by: vramik <vramik@redhat.com>
 2025-01-10 08:56:48 -03:00
Marek Posolda 0d8a23b684 Incompatible method of admin-client in Keycloak 26.1 and missing javadoc (#36091) 
closes #36090

Signed-off-by: mposolda <mposolda@gmail.com>
 2024-12-20 16:35:51 +01:00
Pedro Igor 93c1740538 Support for initial CRUD operations when managing admin permissions 
Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>

Closes #35987
 2024-12-18 07:43:13 -03:00
Martin Kanis 05116f7951 getAll() organization and organization members only returns the first 10 items 
Closes #34975

Signed-off-by: Martin Kanis <mkanis@redhat.com>
 2024-11-21 17:29:37 -03:00
Jan-Hendrik Dolling 80bbb0be10 fix: PEM files distributed as part of SAML adapter configs for mod_auth_mellon export 
Changing return type of ClientResource from String to Response to support different response types. Should not be breaking as this is just a class used internally by Keycloak integration tests.

Closes #34276

Co-authored-by: ccudennec-otto
Co-authored-by: radwa-otto
Co-authored-by: IngoStrauch2020

Signed-off-by: Jan-Hendrik Dolling <jan-hendrik.dolling@otto.de>
 2024-11-15 16:15:51 +01:00
Pedro Igor cf4b356799 Adding tests and minor change to the new parameter description 
Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>
 2024-11-13 16:25:17 -03:00
Pedro Igor d04f7900f5 added membershipType to members list and membership type filter 
Signed-off-by: Agnieszka Gancarczyk <agagancarczyk@gmail.com>
 Co-authored-by: Pedro Igor <pigor.craveiro@gmail.com>
 Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>

Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>
 2024-11-12 09:13:18 -03:00
Marek Posolda 2e4a3f6f5f Keycloak-admin-client should work with the future versions of Keycloak server (#34285) 
closes #34284

Signed-off-by: mposolda <mposolda@gmail.com>
 2024-10-24 12:43:04 +02:00
Igor Petrov 8e872818c5 feat: eliminate client secret requirement 
This commit eliminates neccessity for providing client secret when
constructing client via Admin Client API. The requirement for client
secret became obsolete when Keycloak onboarded a X509 certificate
authorizer.

closes #33755

Signed-off-by: Igor Petrov <igor.petrov-ext@camunda.com>
 2024-10-18 16:35:15 +02:00
vramik b7eaa9b0cb Wildcard search not working for custom user attributes 
Closes #32451

Signed-off-by: vramik <vramik@redhat.com>
 2024-10-03 08:48:36 -03:00
mposolda 8f038f19dd Upgrade BCFIPS to 2.0 
closes #30415

Signed-off-by: mposolda <mposolda@gmail.com>
 2024-09-26 06:52:21 +02:00
keshavprashantdeshpande 4e23b450be Add status option to kcadm for validity (#32883) 
Closes #23179

Signed-off-by: Keshav Deshpande <keshavprashantdeshpande@gmail.com>
 2024-09-24 13:18:54 +02:00
rmartinc c532751ff4 Downgrade Java for client libraries to 8 
Closes #33051

Signed-off-by: rmartinc <rmartinc@redhat.com>
 2024-09-20 17:01:01 +02:00
mposolda c4c3144752 Javadoc for the admin-client methods for the endpoints and parameters introduced since Keycloak 24 
closes #32976

Signed-off-by: mposolda <mposolda@gmail.com>
 2024-09-17 11:40:38 +02:00
stianst e140e71a52 Remove @NoCache annotation in admin client interfaces 
Closes #32731

Signed-off-by: stianst <stianst@gmail.com>
 2024-09-11 09:44:41 +02:00
Stefan Guilhen 585d179fe0 Ensure identity providers returned to the org IDP selection are IDPs not associated with any orgs. 
Closes #32238

Signed-off-by: Stefan Guilhen <sguilhen@redhat.com>
 2024-08-21 07:49:01 -03:00
Pedro Igor 4d621e5dfd Fixing compilation errors due to usages of javax.ws.rs imports 
Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>
 2024-08-20 11:11:14 -03:00
Pedro Igor 4376a3c757 Add an endpoint to the organizations endpoint to return the organizations for a given user 
Closes #32158

Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>
 2024-08-20 11:11:14 -03:00
rmartinc 3a77ac6403 Remove keycloak-admin-client-jee 
Closes #32181

Signed-off-by: rmartinc <rmartinc@redhat.com>
 2024-08-20 10:53:09 +02:00
Martin Kanis 708a6898db Add a count method to the OrganizationMembersResource 
Closes #31388

Signed-off-by: Martin Kanis <mkanis@redhat.com>
 2024-08-15 09:12:57 -03:00
mposolda e7d9a717c9 Not possible to import realm with newest Java admin-client against Keycloak 24 
closes #32035

Signed-off-by: mposolda <mposolda@gmail.com>
 2024-08-12 09:44:00 +02:00
Pedro Igor 1f8280c71a Allow members joining multiple organizations 
Closes #30747

Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>
 2024-07-29 09:02:36 +02:00
vramik 649b35929e Make sure users created through a registration link are managed members 
Closes #30743

Signed-off-by: vramik <vramik@redhat.com>
 2024-07-25 04:30:13 -03:00
Steven Hawkins 96511e55c6 startup, welcome, and cli handling of bootstrap-admin user (#30054) 
* fix: adding password and service account based bootstrap and recovery

closes: #29324, #30002, #30003

Signed-off-by: Steve Hawkins <shawkins@redhat.com>

* Fix tests

Signed-off-by: Václav Muzikář <vmuzikar@redhat.com>

---------

Signed-off-by: Steve Hawkins <shawkins@redhat.com>
Signed-off-by: Václav Muzikář <vmuzikar@redhat.com>
Co-authored-by: Václav Muzikář <vmuzikar@redhat.com>
 2024-07-03 15:23:40 +02:00
Steven Hawkins d534860e2b fix: admin cli client should set the content when performing a merge (#30539) 
closes: #29878

Signed-off-by: Steve Hawkins <shawkins@redhat.com>
 2024-06-28 15:56:07 +02:00
Steven Hawkins aae1fa1417 fix: addresses cli erroneously wants a secret when env password is set (#30892) 
closes: #30866

Signed-off-by: Steve Hawkins <shawkins@redhat.com>
 2024-06-28 11:48:42 +02:00
Marek Posolda 644bdad2f1 Update integration/admin-client-jee/pom.xml 
Co-authored-by: Jon Koops <jonkoops@gmail.com>
 2024-06-27 11:00:30 +02:00
mposolda e5a4c94f75 Added suffix to keycloak-admin-client artifacts in keycloak repository 
Signed-off-by: mposolda <mposolda@gmail.com>
 2024-06-27 11:00:30 +02:00
rmartinc 592c2250fc Add briefRepresentation query parameter to getUsersInRole endpoint 
Closes #29480

Signed-off-by: rmartinc <rmartinc@redhat.com>
 2024-06-21 11:21:02 +02:00
mposolda 217a064d80 Make sure not possible to import jakarta classes in admin-client-jee 
closes #30623

Signed-off-by: mposolda <mposolda@gmail.com>
 2024-06-21 10:12:26 +02:00
mposolda d5c9fbbdd9 Cleanup dependencies of keycloak-client-registration-api to not have dependency on server 
closes #30629

Signed-off-by: mposolda <mposolda@gmail.com>
 2024-06-20 19:48:32 +02:00
Stefan Guilhen 8eda167312 Remove jakarta imports from admin-client-jee resources 
Closes #30308

Signed-off-by: Stefan Guilhen <sguilhen@redhat.com>
 2024-06-12 17:27:58 +02:00
Steven Hawkins c7e9ee2bff fix: adds handling for all kcadm prompts as env variables (#29430) 
closes: #21961

Signed-off-by: Steve Hawkins <shawkins@redhat.com>
 2024-06-06 13:08:23 +00:00
rmartinc 536534dd25 Remove the transformed output directory before executing JakartaTransformer 
Closes #30086

Signed-off-by: rmartinc <rmartinc@redhat.com>
 2024-06-03 19:03:46 +02:00
Martin Bartoš 262fc09edc OpenJDK 21 support (#28518) 
* OpenJDK 21 support

Closes #28517

Co-authored-by: Václav Muzikář <vaclav@muzikari.cz>
Signed-off-by: Martin Bartoš <mabartos@redhat.com>

* x509 SAN UPN other name is not handled in JDK 21 (#904)

closes #29968

Signed-off-by: mposolda <mposolda@gmail.com>

---------

Signed-off-by: Martin Bartoš <mabartos@redhat.com>
Signed-off-by: mposolda <mposolda@gmail.com>
Co-authored-by: Václav Muzikář <vaclav@muzikari.cz>
Co-authored-by: Marek Posolda <mposolda@gmail.com>
 2024-06-03 14:17:28 +02:00
Andrejs Mivreniks 1cf87407fe Allow setting authentication flow execution priority value via Admin API 
Closes #20747

Signed-off-by: Andrejs Mivreniks <andrejs@fastmail.com>
 2024-05-30 19:17:45 +02:00
Erik Jan de Wit f088b0009c initial ui for organizations (#29643) 
* initial screen

Signed-off-by: Erik Jan de Wit <erikjan.dewit@gmail.com>

* more screens

Signed-off-by: Erik Jan de Wit <erikjan.dewit@gmail.com>

* added members tab

Signed-off-by: Erik Jan de Wit <erikjan.dewit@gmail.com>

* added the backend

Signed-off-by: Erik Jan de Wit <erikjan.dewit@gmail.com>

* added member add / invite models

Signed-off-by: Erik Jan de Wit <erikjan.dewit@gmail.com>

* initial version of the identity provider section

Signed-off-by: Erik Jan de Wit <erikjan.dewit@gmail.com>

* add link and unlink providers

Signed-off-by: Erik Jan de Wit <erikjan.dewit@gmail.com>

* small fix

Signed-off-by: Erik Jan de Wit <erikjan.dewit@gmail.com>

* PR comments

Signed-off-by: Erik Jan de Wit <erikjan.dewit@gmail.com>

* Do not validate broker domain when the domain is an empty string

Closes #29759

Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>
Signed-off-by: Erik Jan de Wit <erikjan.dewit@gmail.com>

* added filter and value

Signed-off-by: Erik Jan de Wit <erikjan.dewit@gmail.com>

* added test

Signed-off-by: Erik Jan de Wit <erikjan.dewit@gmail.com>

* added first name last name

Signed-off-by: Erik Jan de Wit <erikjan.dewit@gmail.com>

* refresh menu when realm organization is changed

Signed-off-by: Erik Jan de Wit <erikjan.dewit@gmail.com>

* changed to record

Signed-off-by: Erik Jan de Wit <erikjan.dewit@gmail.com>

* changed to form data

Signed-off-by: Erik Jan de Wit <erikjan.dewit@gmail.com>

* fixed lint error

Signed-off-by: Erik Jan de Wit <erikjan.dewit@gmail.com>

* Changing name of invitation parameters

Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>
Signed-off-by: Erik Jan de Wit <erikjan.dewit@gmail.com>

* Chancing name of parameters on the client

Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>
Signed-off-by: Erik Jan de Wit <erikjan.dewit@gmail.com>

* Enable organization at the realm before running tests

Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>
Signed-off-by: Erik Jan de Wit <erikjan.dewit@gmail.com>

* Domain help message

Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>
Signed-off-by: Erik Jan de Wit <erikjan.dewit@gmail.com>

* Handling model validation errors when creating organizations

Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>
Signed-off-by: Erik Jan de Wit <erikjan.dewit@gmail.com>

* Message key for organizationDetails

Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>
Signed-off-by: Erik Jan de Wit <erikjan.dewit@gmail.com>

* Do not change kc.org attribute on group

Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>
Signed-off-by: Erik Jan de Wit <erikjan.dewit@gmail.com>

* add realm into the context

Signed-off-by: Erik Jan de Wit <erikjan.dewit@gmail.com>

* tests

Signed-off-by: Erik Jan de Wit <erikjan.dewit@gmail.com>

* Changing button in invitation model to use Send instead of Save

Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>
Signed-off-by: Erik Jan de Wit <erikjan.dewit@gmail.com>

* Better message when validating the organization domain

Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>
Signed-off-by: Erik Jan de Wit <erikjan.dewit@gmail.com>

* Fixing compilation error after rebase

Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>
Signed-off-by: Erik Jan de Wit <erikjan.dewit@gmail.com>

* fixed test

Signed-off-by: Erik Jan de Wit <erikjan.dewit@gmail.com>

* removed wait as it no longer required and skip flacky test

Signed-off-by: Erik Jan de Wit <erikjan.dewit@gmail.com>

* skip tests that are flaky

Signed-off-by: Erik Jan de Wit <erikjan.dewit@gmail.com>

* stabilize user create test

Signed-off-by: Erik Jan de Wit <erikjan.dewit@gmail.com>

---------

Signed-off-by: Erik Jan de Wit <erikjan.dewit@gmail.com>
Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>
Co-authored-by: Pedro Igor <pigor.craveiro@gmail.com>
 2024-05-29 14:34:02 +02:00
Thomas Darimont ab376d9101 Make required actions configurable (#28400) 
- Add tests for crud operations on configurable required actions
- Add support exposing the required action configuration via RequiredActionContext
- Make configSaveError message reusable in other contexts
- Introduced admin-ui specific endpoint for retrieving required actions with config metadata

Fixes #28400

Signed-off-by: Thomas Darimont <thomas.darimont@googlemail.com>
Co-authored-by: Erik Jan de Wit <erikjan.dewit@gmail.com>
 2024-05-23 08:38:36 +02:00
Pedro Igor b019cf6129 Support unmanaged attributes for service accounts and make sure they are only managed through the admin api 
Closes #29362

Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>
 2024-05-21 16:56:18 -03:00
Martin Kanis 97cd5f3b8d Provide an additional endpoint to allow sending both invitation and registration links depending on the email being associated with an user or not 
Closes #29482

Signed-off-by: Martin Kanis <mkanis@redhat.com>
 2024-05-21 12:29:10 -03:00
Dimitri Papadopoulos Orfanos 64a145e960 Fix user-facing typos in error messages (#29326) 
Update resource file and tests accordingly

Signed-off-by: Dimitri Papadopoulos <3234522+DimitriPapadopoulos@users.noreply.github.com>
 2024-05-16 09:55:41 +02:00