mirror/keycloak
1
0
Fork 0
mirror of https://github.com/keycloak/keycloak.git synced 2026-05-14 20:09:01 -05:00
Code Issues Packages Projects Releases Wiki Activity
Files
release/26.6
keycloak/tests
T
History
Pedro Igor 03cf229edf fix: validate resource type consistency when adding resources to FGAP permissions (#48519) 
Previously, getOrCreateResource() would return any resource found by its
authz DB ID without verifying it belonged to the requested resource type.
This allowed resources of one type (e.g. Users) to be silently added to a
permission of a different type (e.g. Groups) by passing the internal authz
resource ID.

- For per-entity resources found by ID, validate the name resolves as the
  expected entity type via getResourceName(); throw ModelValidationException
  on mismatch

Closes #37243

Signed-off-by: Vinit Kumar <30852363+ThreeMangoTrees@users.noreply.github.com>
Co-authored-by: Vranan <vinitkumar.utd@gmail.com>
2026-04-28 08:53:25 +02:00
..
base
fix: validate resource type consistency when adding resources to FGAP permissions (#48519)
2026-04-28 08:53:25 +02:00
clustering
custom-providers
Migrate events package to test framework (#47403)
2026-03-25 14:35:54 +01:00
custom-scripts
docs
New Tests - updated documenation (#47231)
2026-03-19 13:51:15 +01:00
migration-util
Test migration util - Add support for legacy configuration of test realms (#47521)
2026-03-27 14:27:13 +01:00
utils
Migrate RefreshTokenTest to new testsuite (#46886)
2026-03-10 08:57:49 +01:00
utils-shared
[OID4VCI] Initial public client for credential issuance (#45855)
2026-04-01 18:48:40 +02:00
webauthn
Make acceptable AAGUID ckeck in WebAuthn stricter (26.6) (#48513)
2026-04-28 08:49:28 +02:00
pom.xml