mirror/keycloak
1
0
Fork 0
mirror of https://github.com/keycloak/keycloak.git synced 2026-02-13 18:59:29 -06:00
Code Issues Packages Projects Releases Wiki Activity
28,020 Commits 23 Branches 294 Tags
ffaa7c25922dfb4dc1a65e2c457b4400a05106dd
Commit Graph

2604 Commits

Author SHA1 Message Date
Alexander Schwartz
34db5cdca9 Avoid inefficient SQL when deleting a role (#39285) 
Closes #39237

Signed-off-by: Alexander Schwartz <aschwart@redhat.com>
 2025-04-30 10:26:52 +02:00
Paul Schwabauer
8bdbb04121 Fix duplicate users on searching attributes with multiple entries 
Closes #39246

Signed-off-by: koplas <pschwabauer@intevation.de>
 2025-04-30 10:14:16 +02:00
Pedro Igor
418145e496 Querying group by name should use an equal predicate 
Closes #38982

Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>
 2025-04-17 09:07:31 +02:00
vramik
7437677863 Fix JpaUserProvider.getUsersCount(RealmModel, boolean) 
Closes #38692

(cherry picked from commit bd58b70447)

Signed-off-by: vramik <vramik@redhat.com>
 2025-04-16 16:26:09 -03:00
Stefan Guilhen
91f3f51299 Add valid checksum v8 to the 2.5.0-unicode-oracle changeset 
- allows migration from earlier Keycloak versions where liquibase was using version 8 of the checksum algorithm

Signed-off-by: Stefan Guilhen <sguilhen@redhat.com>

Closes #38937

(cherry picked from commit 8b35fa58de)
 2025-04-15 12:19:38 -03:00
Alexander Schwartz
6a37638a95 Do not terminate persistent sessions worker on exceptions 
Closes #38925

Signed-off-by: Alexander Schwartz <aschwart@redhat.com>
 2025-04-15 13:11:05 +02:00
Stian Thorgersen
d105aa24ed Update link to 26.1 proto.lock file (#38866) 
Signed-off-by: stianst <stianst@gmail.com>
 2025-04-11 12:47:43 +02:00
github-actions[bot]
9979376934 Committing **/proto.lock changes 
Signed-off-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
 2025-04-11 10:27:09 +00:00
Pedro Igor
e68e43cbc8 Cache resource names associated to policies to improve partial evaluation 
Closes #38837

Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>
 2025-04-10 19:50:26 +02:00
Pedro Igor
ae88d7921f Improvements to partial evaluation 
Closes #38732

Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>
 2025-04-09 18:15:28 +02:00
vramik
602258d935 [FGAP] Switch the feature from Experimental to Supported 
Closes #38651

Signed-off-by: vramik <vramik@redhat.com>
 2025-04-08 13:00:47 -03:00
Pedro Igor
be880ae204 Do not cache partial results when FGAP is enabled 
Closes #38705

Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>
 2025-04-08 08:22:22 +02:00
Pedro Ruivo
e730d8bec5 Fix repeated info logs running an import 
Fixes #37941

Signed-off-by: Pedro Ruivo <pruivo@redhat.com>
 2025-04-07 15:42:57 +02:00
Pedro Igor
e5ff19b327 Adding missing fgap filtering to user count methods 
Closes #38510

Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>
 2025-04-04 14:21:57 +02:00
Alexander Schwartz
5583155802 Don't update the client session's timestamp when loading it from the database (#38608) 
Closes #38591

Signed-off-by: Alexander Schwartz <alexander.schwartz@gmx.net>
Signed-off-by: Alexander Schwartz <aschwart@redhat.com>
 2025-04-04 09:44:03 +02:00
Stefan Guilhen
33283de8ed Add schema name for update query on Oracle 
- Fixes issue with changeset 2.5.0-unicode-oracle

Signed-off-by: Stefan Guilhen <sguilhen@redhat.com>

Closes #35833
 2025-04-03 19:44:53 -03:00
Pedro Igor
dbb0179a93 Aligning partial evaluation with the outcome from regular evaluations 
Closes #38626

Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>
 2025-04-03 12:07:30 -03:00
skydrinker-tox
94673a6eb0 KeyUtils was warning about invalid key for valid 22 chars short ids 
Closes #37992

Signed-off-by: skydrinker_tox <skydrinker_tox@hotmail.com>
 2025-04-03 17:05:29 +02:00
Steven Hawkins
9ce4539d22 fix: switching default client scopes to lazy loading (#38553) 
closes: #38552

Signed-off-by: Steve Hawkins <shawkins@redhat.com>
 2025-04-03 14:11:59 +02:00
Alexander Schwartz
f75a62c948 Clear persistent sessions cache on cluster merge (#38569) 
Closes #38568

Signed-off-by: Alexander Schwartz <aschwart@redhat.com>
Co-authored-by: Pedro Ruivo <pruivo@users.noreply.github.com>
 2025-04-01 13:17:00 +02:00
saravanaarh
6b3e348a23 Added condition to check offlineSessionMaxLifespanEnabled on clearing 
Closes #38063

Signed-off-by: Saravana <saravanakumar.a@kobil.com>
Co-authored-by: Saravana <saravanakumar.a@kobil.com>
 2025-03-27 20:11:13 +00:00
Pedro Ruivo
6aa3f9d5a7 Load all ProtoSchemas from the classpath 
Closes #34971

Signed-off-by: Pedro Ruivo <pruivo@redhat.com>
 2025-03-27 15:41:01 +01:00
Stefan Guilhen
e694065aed User UserModel.isFederated() instead of comparing federation link to null 
Signed-off-by: Stefan Guilhen <sguilhen@redhat.com>

Closes #38137
 2025-03-27 08:11:14 -03:00
Robert Hollencamp
eb990bcf23 PersistenceExceptionConverter NPE 
make sure SQLException#getSQLState is not null before attempting to call methods on it. I have observed exceptions during AWS MySQL RDS failovers where sql state is null, causing this method to throw an NPE exception rather than the expected ModelException

closes #38467

Signed-off-by: Robert Hollencamp <rhollencamp@cargurus.com>
 2025-03-27 09:01:35 +00:00
Stefan Guilhen
aeae754e88 Ensure JPAPolicyStore.findByName goes through the PolicyCache 
Signed-off-by: Stefan Guilhen <sguilhen@redhat.com>

Closes #38319
 2025-03-26 11:47:45 -03:00
Pedro Igor
26c90f369f Support for partial evaluation for clients 
Closes #38393

Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>
 2025-03-25 09:04:12 -03:00
Steven Hawkins
c0da146873 fix: limit the scope of when a single transaction is used for import (#37990) 
closes: #34364

Signed-off-by: Steve Hawkins <shawkins@redhat.com>
 2025-03-24 14:39:07 -04:00
Pedro Igor
1c57035d41 Support partial evaluation for the group resource type 
Closes #38273

Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>
 2025-03-24 11:49:53 -03:00
Ricardo Martin
734c4af876 Add version column to credential table to avoid simultaneous recovery codes updates 
Closes #26106

Signed-off-by: rmartinc <rmartinc@redhat.com>
 2025-03-24 10:30:06 +01:00
Michal Hajas
cb2dc35def Do not leak 5 seconds rotation time to other tests 
Closes #38299

Signed-off-by: Michal Hajas <mhajas@redhat.com>
 2025-03-21 11:18:09 +00:00
Alexander Schwartz
afde8ece15 Avoid sending/receiving the session JSON too often (#37095) 
Closs #37093

Signed-off-by: Alexander Schwartz <aschwart@redhat.com>
 2025-03-21 10:32:05 +01:00
Sebastian Rose
4fb1c41155 Sending Mails via SMTP and XOAUTH2 authentication mechanism 
Closes #17432

Signed-off-by: Sebastian Rose <sebastian.rose@gmail.com>
 2025-03-21 10:12:18 +01:00
Pedro Igor
a4000575a4 Initial support for partial evaluation 
Closes #38085

Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>
 2025-03-19 13:30:52 -03:00
Michal Hajas
2ea6b8a222 Do not use certificate's startDate as it can be changed by CertificateUtilsProvider 
Closes #38247

Signed-off-by: Michal Hajas <mhajas@redhat.com>
 2025-03-19 16:48:02 +01:00
Pedro Ruivo
46bbe073fb SPI for compatibility metadata 
Closes #36786

Signed-off-by: Pedro Ruivo <pruivo@redhat.com>
Signed-off-by: Alexander Schwartz <aschwart@redhat.com>
Co-authored-by: Alexander Schwartz <aschwart@redhat.com>
 2025-03-17 16:48:24 +00:00
Pedro Igor
b200ab0792 Fix permissions for view-members and manage-members 
Closes #38013

Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>
 2025-03-17 08:27:36 -03:00
GMalliaris
c9d848cd90 Fixing incorrectly cached role after update/rename 
Closes #37320

Signed-off-by: Giorgos Malliaris <georgemalliaris8@gmail.com>
Signed-off-by: Alexander Schwartz <aschwart@redhat.com>
Co-authored-by: Alexander Schwartz <aschwart@redhat.com>
 2025-03-10 12:32:37 +01:00
Pedro Ruivo
5efb7cf76e Make JGroups with TLS startup more robust 
Fixes #37887

Signed-off-by: Pedro Ruivo <pruivo@redhat.com>
 2025-03-07 08:21:53 +01:00
Olivier Boudet
55afebec15 Fix imports 
Signed-off-by: Olivier Boudet <o.boudet@gmail.com>
 2025-03-06 16:32:51 -03:00
Olivier Boudet
72b5af088c Update model/jpa/src/main/java/org/keycloak/organization/jpa/JpaOrganizationProvider.java 
Co-authored-by: Stefan Guilhen <sguilhen@redhat.com>
Signed-off-by: Olivier Boudet <o.boudet@gmail.com>
 2025-03-06 16:32:51 -03:00
Olivier Boudet
017d8e107e feat: resolve organization for federated users #36941 
Signed-off-by: Olivier Boudet <o.boudet@gmail.com>
 2025-03-06 16:32:51 -03:00
Pedro Ruivo
071e97f42f Fixed the annotation processor path for JDK 22+ (#37819) 
Fixes #37816

Signed-off-by: Pedro Ruivo <pruivo@redhat.com>
 2025-03-04 15:58:31 +01:00
Alexander Schwartz
bc7ec1208e Enable the TLS based JGroups encryption by default and update the docs 
Closes #37696

Signed-off-by: Alexander Schwartz <aschwart@redhat.com>
 2025-03-03 10:50:51 -03:00
Alexander Schwartz
a0de3c26d7 Allow a token to be revoked twice 
Closes #37621

Signed-off-by: Alexander Schwartz <aschwart@redhat.com>
 2025-03-03 10:49:41 -03:00
Pedro Ruivo
f7e21af82e JGroups certificate rotation 
Closes #37316

Signed-off-by: Pedro Ruivo <pruivo@redhat.com>
Signed-off-by: Alexander Schwartz <aschwart@redhat.com>
Co-authored-by: Alexander Schwartz <aschwart@redhat.com>
 2025-02-27 12:56:18 +01:00
Akbar Husain
9d3cfe0672 Remove X-XSS-Protection header (#36881) 
Closes #21728

Signed-off-by: akbarhusainpatel <apatel@intermiles.com>
 2025-02-19 08:42:26 +01:00
Pedro Ruivo
70e2a28ff9 Create CA certificate for JGroups encryption 
Closes #36750

Signed-off-by: Pedro Ruivo <pruivo@redhat.com>
Signed-off-by: Pedro Ruivo <pruivo@users.noreply.github.com>
Co-authored-by: Alexander Schwartz <alexander.schwartz@gmx.net>
 2025-02-13 10:32:43 +00:00
Martin Bartoš
fe40730aed Invalid migration export for empty database 
Fixes #32535

Signed-off-by: Martin Bartoš <mabartos@redhat.com>
 2025-02-11 09:24:53 +01:00
Pedro Igor
4b2d5ed472 Minor fixes, test coverage, and allow deleting local users 
Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>
 2025-02-07 10:42:45 -03:00
Christian Janker
87db882a89 Do not remove users in LDAP when queries return an empty result 
closes #34764

Signed-off-by: Christian Janker <christian.janker@gmx.at>
 2025-02-07 10:42:45 -03:00