External-Mirrors/keycloak
2
0
Fork 0
mirror of https://github.com/keycloak/keycloak.git synced 2026-01-09 23:12:06 -03:30
Code Issues Packages Projects Releases Wiki Activity
27,266 Commits 26 Branches 288 Tags
Commit Graph

2543 Commits

Author SHA1 Message Date
Pedro Igor
57d4b7cb59
Added condition to check offlineSessionMaxLifespanEnabled on clearing 
Closes #38063

Signed-off-by: Saravana <saravanakumar.a@kobil.com>
Co-authored-by: saravanaarh <127546533+saravanaarh@users.noreply.github.com>
Co-authored-by: Saravana <saravanakumar.a@kobil.com>
 2025-04-08 11:50:06 +00:00
Alexander Schwartz
c2c3032799
Fixing incorrectly cached role after update/rename 
Closes #37320

Signed-off-by: Giorgos Malliaris <georgemalliaris8@gmail.com>
Signed-off-by: Alexander Schwartz <aschwart@redhat.com>
Co-authored-by: GMalliaris <66627925+GMalliaris@users.noreply.github.com>
 2025-03-12 09:09:46 +01:00
Alexander Schwartz
3fce7ad368
Allow a token to be revoked twice 
Closes #37621

Signed-off-by: Alexander Schwartz <aschwart@redhat.com>
 2025-03-05 08:22:31 +01:00
Martin Bartoš
31c8b02ebe
Invalid migration export for empty database 
Fixes #32535

Signed-off-by: Martin Bartoš <mabartos@redhat.com>
 2025-02-11 13:24:06 +01:00
Alexander Schwartz
5ee5648724 Commit proto.lock changes (only needed in release branches) 
Closs #36919

Signed-off-by: Alexander Schwartz <aschwart@redhat.com>
 2025-02-06 08:41:57 -03:00
Alexander Schwartz
3b31548f5c Changes picking up pruivo's suggestions 
Closes #36919

Signed-off-by: Alexander Schwartz <aschwart@redhat.com>
 2025-02-06 08:41:57 -03:00
Alexander Schwartz
a447cbfebc Also cache client roles if looked up by name and not found 
Closes #36919

Signed-off-by: Alexander Schwartz <aschwart@redhat.com>
 2025-02-06 08:41:57 -03:00
Alexander Schwartz
eee2805cef Cache empty results for role-by-name lookup 
Closes #36919

Signed-off-by: Alexander Schwartz <aschwart@redhat.com>
 2025-02-06 08:41:57 -03:00
Pedro Igor
ddd6eeba40 Allow enforce that users are members of organizations when authenticating 
Closes #34275

Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>
 2025-01-22 21:48:58 +01:00
github-actions[bot]
3a8ca7d202 Committing **/proto.lock changes 
Signed-off-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
 2025-01-15 08:46:43 +00:00
Stian Thorgersen
c1c147cb17
Restrict access to environment variables when at the server runtime (#36472) 
Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>
Co-authored-by: Pedro Igor <pigor.craveiro@gmail.com>
 2025-01-15 09:36:19 +01:00
Alexander Schwartz
69d36fcd65
Connect to primary PostgreSQL instance by default (#36330) 
Closes #24493

Signed-off-by: Alexander Schwartz <aschwart@redhat.com>
 2025-01-14 10:24:52 +01:00
Alexander Schwartz
34df1edf53 Avoid too many retries when writing persistent sessions fails 
Closes #35047

Signed-off-by: Alexander Schwartz <aschwart@redhat.com>
 2025-01-13 15:15:06 -03:00
Alexander Schwartz
40f39f3f09 Avoid looking up the client if it is known during the commit phase 
Closes #36332

Signed-off-by: Alexander Schwartz <aschwart@redhat.com>
 2025-01-13 12:28:23 -03:00
Miguel C
ffa85cdd59
Add primary key to avoid issues in some mysql 8 server but still keep compatibility with others 
Closes #35827

Signed-off-by: mike-pt <mike-pt@users.noreply.github.com>
 2025-01-07 22:26:28 +01:00
Alexander Schwartz
c651323b7d
Trace validation of users to see contribution of external timing (#36060) 
Closes #36059

Signed-off-by: Alexander Schwartz <aschwart@redhat.com>
 2025-01-07 12:35:48 +01:00
Pedro Igor
761e9fb729 Make sure brokers are managed within the scope of the realm model object 
Closes #34356

Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>
 2025-01-02 20:55:53 +01:00
Rungsikorn Rungsikavanich
41696b964b
Add client ID length validation (#35725) 
Closes #35723

Signed-off-by: Rungsikorn Rungsikavarnich <rungsikorn@me.com>
 2024-12-19 11:19:59 +01:00
rmartinc
bac5ec8858 Better caching for federated users 
Closes #35637

Signed-off-by: rmartinc <rmartinc@redhat.com>
 2024-12-12 09:22:58 -03:00
Pedro Igor
ad679b8729 Exact searches should be the default when querying user by attributes 
Closes #35822

Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>
 2024-12-12 12:46:51 +01:00
Sven-Torben Janus
7531f97e54
Fix potential NPE in migration script for KC 26 (#35794) 
Closes #35793

Signed-off-by: Sven-Torben Janus <sven-torben.janus@conciso.de>
 2024-12-11 11:36:00 +01:00
Alexander Schwartz
cde8f25cc2
Group persistent session work activities in parent span or link them 
Closes #35430

Signed-off-by: Alexander Schwartz <aschwart@redhat.com>
 2024-12-10 13:55:35 +01:00
vramik
044807f162 [FGAP] Create new internal client which would hold the authorization objects for feature V2 
Closes #34565

Signed-off-by: vramik <vramik@redhat.com>
 2024-12-05 11:56:13 -03:00
Pedro Ruivo
86c475b9fc Invoking BaseUpdater.markDeleted() more than once cause the transient status to be lost 
Fixes #35570

Signed-off-by: Pedro Ruivo <pruivo@redhat.com>
 2024-12-03 18:06:07 +01:00
Pedro Igor
7a35d4970d Do not run changeset if comlumn already exists 
Closes #35290

Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>
 2024-12-03 09:32:14 +01:00
Pedro Igor
a4d70ad6d2 Avoid creating ObjectMapper but using JsonSerialization utility class when managing event details 
Closes #35457

Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>
 2024-12-02 13:54:14 +01:00
Pedro Igor
e5f1c9a6de Make sure event details are not stored if they are null 
Closes #35288

Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>
 2024-12-02 12:49:43 +01:00
Stefan Guilhen
88cfe426d8 Fix migration for MySQL database 
- MariaDB and MySQL now use the same statement
- prevents a possible illegal mix of collations

Closes #34995

Signed-off-by: Stefan Guilhen <sguilhen@redhat.com>
 2024-12-02 08:37:57 -03:00
Stefan Guilhen
9861acc2aa UserSessionProvider.removeUserSessions now removes all user sessions (both regular and offline) 
Closes #31359

Signed-off-by: Stefan Guilhen <sguilhen@redhat.com>
 2024-11-29 12:35:15 -03:00
kanwhoa
85c582bb73
Aligned call flags for addDefaultRequiredActions 
Closes #34769

Signed-off-by: kanwhoa <kano@kano.org.uk>
 2024-11-29 10:14:01 +01:00
Miguel C
195ace8cb8 Use regular CREATE TABLE instead of CREATE TEMPORARY 
Some hosted/managed environments like google CloudSQL, might not support this type of statement (i.e. when using replication and GTID)

Since we are dropping the table anyway it seems a regular CREATE statement should work fine here.

Signed-off-by: mike-pt <mike-pt@users.noreply.github.com>
 2024-11-28 10:17:04 -03:00
Pedro Ruivo
a65fd34bbf Make PermissionTicket events marshallable 
Fixes #35328

Signed-off-by: Pedro Ruivo <pruivo@redhat.com>
 2024-11-28 10:14:54 +01:00
Thomas Darimont
f61937f3d9
Prefer usage of StandardCharsets.UTF_8 over "UTF-8" charset reference 
Fixes #35080

Signed-off-by: Thomas Darimont <thomas.darimont@googlemail.com>
Signed-off-by: Alexander Schwartz <aschwart@redhat.com>
Co-authored-by: Alexander Schwartz <aschwart@redhat.com>
 2024-11-25 10:45:37 +00:00
rmartinc
9c348562b5 Drop old table USERNAME_LOGIN_FAILURE used before by UserSessionProvider 
Closes #34380

Signed-off-by: rmartinc <rmartinc@redhat.com>
 2024-11-19 17:13:16 +01:00
vramik
440e81c8b9 Add a realm-level setting to enable FGAP to a realm 
Closes #34920

Signed-off-by: vramik <vramik@redhat.com>
 2024-11-19 09:59:34 -03:00
Giuseppe Graziano
05adf19848
Authentication session with changelog transaction 
Closes #23881
Closes #32658

Signed-off-by: Giuseppe Graziano <g.graziano94@gmail.com>
 2024-11-15 14:10:15 +01:00
vramik
ebd411b93d Upgrade 24 to 25 fails because db jpa changes drop nonexisting indexes. 
Closes #34899

Signed-off-by: vramik <vramik@redhat.com>
 2024-11-14 13:18:39 +01:00
Steven Hawkins
f8c1b6e779
fix: liquibase update summary to log only (#34836) 
closes: #34818

Signed-off-by: Steve Hawkins <shawkins@redhat.com>
 2024-11-14 11:28:08 +01:00
Pedro Igor
d04f7900f5 added membershipType to members list and membership type filter 
Signed-off-by: Agnieszka Gancarczyk <agagancarczyk@gmail.com>
 Co-authored-by: Pedro Igor <pigor.craveiro@gmail.com>
 Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>

Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>
 2024-11-12 09:13:18 -03:00
Pedro Igor
d3c5082244 Better message when updating users when import is disabled 
Closes #31456

Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>
 2024-11-07 21:21:56 +01:00
Pedro Igor
b70303f293 Adding organization membership provider events 
Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>
 2024-11-07 17:19:43 -03:00
Pedro Igor
0a05ba49d1 Adding a details map to admin events to store additional contextual data when the event is fired 
Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>
 2024-11-07 17:19:43 -03:00
Stefan Guilhen
e28b88bc02 Guard against NPE by checking if caches are null in InfinispanOrganizationProvider 
- caches can be disabled and the provider has to check if they are set when using them

Closes #34603

Signed-off-by: Stefan Guilhen <sguilhen@redhat.com>
 2024-11-07 10:11:54 -03:00
Ricardo Martin
226daa41c7
Add service account mappers via client scope instead of dedicated scope (#34664) 
Closes #10417

Signed-off-by: rmartinc <rmartinc@redhat.com>


Co-authored-by: andymunro <48995441+andymunro@users.noreply.github.com>
Signed-off-by: Ricardo Martin <rmartinc@redhat.com>
 2024-11-07 08:45:11 +01:00
Thomas Darimont
3315ea718a Add ability to enable OID4VCI Verifiable Credentials per realm (#34524) 
- Added new realm property verifiableCredentialsEnabled
- Updated RealmRepresentation
- Guarded route to Oid4VCI page
- Add boolean switch to Realm settings page to control Verifiable Credentials enablement
- We now only show the Verifiable Credentials page in the nave if the "Verifiable Credentials" realm setting is enabled.

Fixes #34524

Signed-off-by: Thomas Darimont <thomas.darimont@googlemail.com>
 2024-11-04 14:58:30 +01:00
Stefan Guilhen
9c50813bf4 Add validChecksum to jpa-changelog-26.0.0.xml 
Closes #34450

Signed-off-by: Stefan Guilhen <sguilhen@redhat.com>
 2024-10-31 07:54:27 -03:00
Stefan Guilhen
ac25844731 Ensure hide_on_login has the default value set to 0 on MSSQL 
Closes #34450

Signed-off-by: Stefan Guilhen <sguilhen@redhat.com>
 2024-10-30 12:46:17 -03:00
Marek Posolda
3784fd1f67
Attempt to run snapshot Keycloak server against production DB should fail during migration 
closes #30364

Signed-off-by: mposolda <mposolda@gmail.com>
Signed-off-by: Alexander Schwartz <aschwart@redhat.com>
Co-authored-by: Alexander Schwartz <aschwart@redhat.com>
 2024-10-28 15:02:26 +00:00
Pedro Ruivo
84f4bd8af1 Client Scope updates are not replicated between Keycloak nodes 
Fixes #33731

Signed-off-by: Pedro Ruivo <pruivo@redhat.com>
 2024-10-25 11:22:15 +02:00
Martin Kanis
4f3ced9560 ConcurrentModificationException when restarting user sessions 
Closes #34093

Signed-off-by: Martin Kanis <mkanis@redhat.com>
 2024-10-24 21:26:50 +02:00