External-Mirrors/keycloak
2
0
Fork 0
mirror of https://github.com/keycloak/keycloak.git synced 2026-01-10 15:32:05 -03:30
Code Issues Packages Projects Releases Wiki Activity
29,886 Commits 26 Branches 288 Tags
Commit Graph

263 Commits

Author SHA1 Message Date
Ricardo Martin
1aa1621eaa
Use MIME decoder instead of the default one to replace deprecated Base64 class 
Closes #45226

Signed-off-by: rmartinc <rmartinc@redhat.com>
 2026-01-09 16:38:09 +01:00
Stian Thorgersen
a2c1055f8d
Proposed import order (#43432) 
* Add importOrder to Spotless

Closes #43235

Signed-off-by: stianst <stianst@gmail.com>

* Re-order imports with Spotless

Signed-off-by: stianst <stianst@gmail.com>

---------

Signed-off-by: stianst <stianst@gmail.com>
 2025-11-14 09:34:49 +01:00
Stian Thorgersen
d8275fe5df
Remove wildcard imports (#44060) 
Closes #44059

Signed-off-by: stianst <stianst@gmail.com>
 2025-11-10 11:46:05 +01:00
Tomáš Kyjovský
4c64b7189c
Deprecate org.keycloak.common.util.Base64 
Closes #43370

Signed-off-by: Alexander Schwartz <alexander.schwartz@ibm.com>
Signed-off-by: 1867605+tkyjovsk@users.noreply.github.com
Co-authored-by: Pedro Ruivo <1492066+pruivo@users.noreply.github.com>
Co-authored-by: Alexander Schwartz <alexander.schwartz@ibm.com>
 2025-10-30 09:12:14 +01:00
stianst
aedd7fe5db Remove unused imports as part of #43233 
Signed-off-by: stianst <stianst@gmail.com>
 2025-10-13 13:32:01 +02:00
Peter Griffiths
0ebb702877 Updated the WildFly subsystem module to avoid using deprecated functionality from wildfly-core that's been removed in the latest version 
Replaced instances of the deprecated class ModuleIdentifier with strings.
For now, maintain the use of the deprecated ModuleDependency constructor (while now using the module identifier strings from above in place of the ModuleIdentifier instances) in order to maximise compatibility. This ensures support for both WildFly, up to at least 37, and EAP 8.
Moved all the module identifier strings to KeycloakDependencyProcessor so they're all in one place. Removed duplicates and update references from other classes.

Closes #41669

Signed-off-by: Peter Griffiths <peter.griffiths@1spatial.com>
 2025-09-09 10:48:54 +02:00
Peter Skopek
651d651c30 Add missing artifact descriptions to allow Maven Central Portal Publisher pass validation process. (#40822) 
Signed-off-by: Peter Skopek <pskopek@redhat.com>
 2025-08-12 16:50:17 +02:00
Douglas Palmer
a981f6b6d5 Access Token IDs have less than 128 bits of entropy 
Closes #38663

Signed-off-by: Douglas Palmer <dpalmer@redhat.com>
 2025-06-26 16:48:03 +02:00
Stian Thorgersen
c1c147cb17
Restrict access to environment variables when at the server runtime (#36472) 
Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>
Co-authored-by: Pedro Igor <pigor.craveiro@gmail.com>
 2025-01-15 09:36:19 +01:00
Thomas Darimont
f61937f3d9
Prefer usage of StandardCharsets.UTF_8 over "UTF-8" charset reference 
Fixes #35080

Signed-off-by: Thomas Darimont <thomas.darimont@googlemail.com>
Signed-off-by: Alexander Schwartz <aschwart@redhat.com>
Co-authored-by: Alexander Schwartz <aschwart@redhat.com>
 2024-11-25 10:45:37 +00:00
Ricardo Martin
9c780e9190 Honor turnOffChangeSessionIdOnLogin in SAML adapter (#185) 
Closes keycloak/keycloak-private#183

Signed-off-by: rmartinc <rmartinc@redhat.com>
 2024-09-16 09:21:07 +02:00
mposolda
125124c2d9 Error when deploying SAML application with the keys in PEM format inside keycloak-saml.xml 
closes #32817

Signed-off-by: mposolda <mposolda@gmail.com>
 2024-09-11 19:03:10 +02:00
mposolda
dad4477995 Remove keycloak-core and keycloak-crypto-default from SAML galleon feature pack and upgrade them to Java 17 
closes #32586

Signed-off-by: mposolda <mposolda@gmail.com>
 2024-09-03 15:58:57 +02:00
rmartinc
a38d3b2f55 SAML IdMapperUpdaterSessionListener should be added always and must implement HttpSessionIdListener interface 
Closes #32084

Signed-off-by: rmartinc <rmartinc@redhat.com>
 2024-08-13 15:53:45 +02:00
Giuseppe Graziano
ee44f09cf3 Removed jakarta transformation modules from saml adapters 
Closes #30556

Signed-off-by: Giuseppe Graziano <g.graziano94@gmail.com>
 2024-06-24 11:03:38 +02:00
Jon Koops
df18629ffe
Use a default Java version from root POM (#29927) 
Signed-off-by: Jon Koops <jonkoops@gmail.com>
 2024-06-21 14:19:31 +02:00
rmartinc
f690947cea Remove the SAML undertow adapter 
Closes #30554

Signed-off-by: rmartinc <rmartinc@redhat.com>
 2024-06-20 09:47:14 +02:00
rmartinc
536534dd25 Remove the transformed output directory before executing JakartaTransformer 
Closes #30086

Signed-off-by: rmartinc <rmartinc@redhat.com>
 2024-06-03 19:03:46 +02:00
Martin Bartoš
262fc09edc
OpenJDK 21 support (#28518) 
* OpenJDK 21 support

Closes #28517

Co-authored-by: Václav Muzikář <vaclav@muzikari.cz>
Signed-off-by: Martin Bartoš <mabartos@redhat.com>

* x509 SAN UPN other name is not handled in JDK 21 (#904)

closes #29968

Signed-off-by: mposolda <mposolda@gmail.com>

---------

Signed-off-by: Martin Bartoš <mabartos@redhat.com>
Signed-off-by: mposolda <mposolda@gmail.com>
Co-authored-by: Václav Muzikář <vaclav@muzikari.cz>
Co-authored-by: Marek Posolda <mposolda@gmail.com>
 2024-06-03 14:17:28 +02:00
Douglas Palmer
b9c04bb8bc Refactor PolicyEnforcer tests to remove dependency on keycloak-adapter-core and remove keycloak-adapter-core 
Closes #29189
Closes #28791

Signed-off-by: Douglas Palmer <dpalmer@redhat.com>
 2024-05-27 15:00:13 -03:00
Pedro Ruivo
cbce548e71 Infinispan 15.0.3.Final 
Closes #29068

Signed-off-by: Pedro Ruivo <pruivo@redhat.com>
 2024-05-08 17:18:39 +02:00
Dimitri Papadopoulos Orfanos
cd8e0fd333
Fix user-facing typos in Javadoc (#28971) 
Signed-off-by: Dimitri Papadopoulos <3234522+DimitriPapadopoulos@users.noreply.github.com>
Co-authored-by: Erik Jan de Wit <erikjan.dewit@gmail.com>
 2024-05-06 18:57:55 +00:00
Douglas Palmer
8a0322cc13 Remove remaining servlet filter adapter bits 
Closes #29225

Signed-off-by: Douglas Palmer <dpalmer@redhat.com>
 2024-05-02 20:29:23 +02:00
Douglas Palmer
b2f09feebf Remove servlet filter saml adapters 
Closes #28786

Signed-off-by: Douglas Palmer <dpalmer@redhat.com>
 2024-04-26 09:30:35 +02:00
Douglas Palmer
c5dbab2740 Remove Jetty SAML adapter 
Closes #28782

Signed-off-by: Douglas Palmer <dpalmer@redhat.com>
 2024-04-26 09:30:35 +02:00
Douglas Palmer
98faf6e6a0 Remove Tomcat SAML adapter 
Signed-off-by: Douglas Palmer <dpalmer@redhat.com>

Closes #28783
 2024-04-26 09:30:35 +02:00
Steven Hawkins
9486432f3f
fix: removing httpclient override (#28304) 
we need to have a dependency on commons-logging-jboss-logging

closes: #21392

Signed-off-by: Steve Hawkins <shawkins@redhat.com>
 2024-04-23 10:09:06 +02:00
rmartinc
92bcd2645c Retry the login in the SAML adapter if response is authentication_expired 
Closes #28412

Signed-off-by: rmartinc <rmartinc@redhat.com>
 2024-04-12 14:55:31 +02:00
David M. Lloyd
b5535ac970
Do not rely on boot module loader for finding module dependencies 
The `Module.getBootModuleLoader()` API may be deprecated at some point, so use a safer alternative.

Closes #28448

Signed-off-by: David M. Lloyd <david.lloyd@redhat.com>
 2024-04-04 19:20:43 +02:00
Takashi Norimatsu
b99f45ed3d Supporting EdDSA 
closes #15714

Signed-off-by: Takashi Norimatsu <takashi.norimatsu.ws@hitachi.com>

Co-authored-by: Muhammad Zakwan Bin Mohd Zahid <muhammadzakwan.mohdzahid.fg@hitachi.com>
Co-authored-by: rmartinc <rmartinc@redhat.com>
 2024-01-24 12:10:41 +01:00
Alexander Schwartz
a8eca6add0
Changing to the Infinispan BOM to avoid mis-aligned Infinispan dependencies (#26137) 
Closes #22922

Signed-off-by: Alexander Schwartz <aschwart@redhat.com>
Signed-off-by: Pedro Ruivo <pruivo@redhat.com>
Co-authored-by: Pedro Ruivo <pruivo@redhat.com>
 2024-01-15 09:20:47 +01:00
Steven Hawkins
08751001db
enhance: adds truststores to the keycloak cr (#25215) 
also generally correcting the misspelling trustore

closes: #24798

Signed-off-by: Steve Hawkins <shawkins@redhat.com>
 2023-12-14 11:15:06 -03:00
Martin Bartoš
fd56666334 SAML ECP does not work on the latest WF/EAP8 
Fixes #24746

Signed-off-by: Martin Bartoš <mabartos@redhat.com>
 2023-11-16 21:17:19 +01:00
rokkiter
e1735138cb
clean util * (#24174) 
Signed-off-by: rokkiter <yongen.pan@daocloud.io>
 2023-11-01 17:14:11 +01:00
Peter Skopek
35c2d52a54 Set distinct wildfly-common versions for Quarkus and WildFly based modules 
Signed-off-by: Peter Skopek <pskopek@redhat.com>
 2023-09-07 13:32:25 +02:00
Peter Skopek
bca5fe8051 Tidy up SAML Adapter Galleon Feature Pack build 
Signed-off-by: Peter Skopek <pskopek@redhat.com>
 2023-09-07 13:32:25 +02:00
Farah Juma
ec08a7bb73 Update the Keycloak SAML adapter subsystem to no longer use the AttributeDefinition#getAttributeMarshaller method 
Closes https://github.com/keycloak/keycloak/issues/22593

Signed-off-by: Peter Skopek <pskopek@redhat.com>
 2023-09-07 13:32:25 +02:00
Peter Skopek
ef272f7668 SAML Adapter fix for EAP8 and WF29 
Signed-off-by: Peter Skopek <pskopek@redhat.com>
 2023-09-07 13:32:25 +02:00
Václav Muzikář
776bcbcbd4
Update bcpkix and bcprov dependencies (#21543) 
Closes #21360
 2023-07-20 11:57:18 +02:00
mauritsdebruin
8c7a08e580 Fix connection-pool-size 0 being ignored and being unable to disable the connection pool 2023-07-03 19:26:41 -03:00
Martin Bartoš
124591ce1a Adapters can still use Java EE 
- Provided all JavaEE dependencies for adapters
- Automatically build Undertow Jakarta EE for testsuite (missing SAML)
---
Quarkus3 branch sync no. 11 (24.3.2023)
Resolved conflicts:
keycloak/adapters/oidc/spring-security/pom.xml - Modified
---
Quarkus3 branch sync no. 7 (27.2.2023)
Resolved conflicts:
keycloak/pom.xml - Modified
---
Quarkus3 branch sync no. 5 (10.2.2023)
Resolved conflicts:
keycloak/testsuite/integration-arquillian/servers/auth-server/services/testsuite-providers/pom.xml - Modified
---
Quarkus3 branch sync no. 1 (18.1.2023)
Resolved conflicts:
keycloak/testsuite/integration-arquillian/tests/base/pom.xml - Modified
 2023-04-27 13:36:54 +02:00
Stefan Guilhen
ab6ca6e63d Enable KeycloakServer again by re-enabling undertow adapters 
---
Quarkus3 branch sync #2 (20.1.2023)
Resolved conflicts:
keycloak/testsuite/utils/pom.xml - Modified
 2023-04-27 13:36:54 +02:00
Martin Bartoš
40c38e0133 Fix dependencies in testsuite, adapters and Quarkus module 
---
Quarkus3 branch sync no. 11 (24.3.2023)
Resolved conflicts:
keycloak/adapters/oidc/spring-security/pom.xml - Modified
 2023-04-27 13:36:54 +02:00
Martin Bartoš
ceed48a45a Ignore adapters 2023-04-27 13:36:54 +02:00
Martin Bartoš
7cff857238 Migrate packages from javax.* to jakarta.* 
---
Quarkus3 branch sync no. 14 (24.4.2023)
Resolved conflicts:
keycloak/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/federation/storage/ComponentExportImportTest.java - Modified
keycloak/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/admin/DeclarativeUserTest.java - Modified
keycloak/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/federation/storage/FederatedStorageExportImportTest.java - Modified
keycloak/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/admin/authentication/FlowTest.java - Modified
keycloak/services/src/main/java/org/keycloak/services/resources/admin/UserResource.java	- Modified
---
Quarkus3 branch sync no. 13 (11.4.2023)
Resolved conflicts:
keycloak/testsuite/integration-arquillian/tests/base/src/main/java/org/keycloak/testsuite/pages/AccountTotpPage.java - Deleted
keycloak/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/federation/storage/BackwardsCompatibilityUserStorageTest.java - Modified
---
Quarkus3 branch sync no. 12 (31.3.2023)
Resolved conflicts:
keycloak/quarkus/runtime/src/main/java/org/keycloak/quarkus/runtime/services/resources/QuarkusWelcomeResource.java - Modified
keycloak/services/src/main/java/org/keycloak/protocol/saml/profile/util/Soap.java - Modified
keycloak/testsuite/integration-arquillian/tests/base/src/main/java/org/keycloak/testsuite/util/UserInfoClientUtil.java - Modified
keycloak/services/src/main/java/org/keycloak/protocol/oidc/endpoints/UserInfoEndpoint.java - Modified
keycloak/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/sessionlimits/UserSessionLimitsTest.java - Modified
---
Quarkus3 branch sync no. 10 (17.3.2023)
Resolved conflicts:
keycloak/services/src/main/java/org/keycloak/protocol/saml/SamlProtocolUtils.java -	Modified
---
Quarkus3 branch sync no. 9 (10.3.2023)
Resolved conflicts:
keycloak/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/federation/kerberos/AbstractKerberosSingleRealmTest.java - Modified
keycloak/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/forms/LoginTest.java - Modified
---
Quarkus3 branch sync no. 8 (3.3.2023)
Resolved conflicts:
keycloak/testsuite/integration-arquillian/tests/base/src/main/java/org/keycloak/testsuite/util/SamlClient.java	Modified - Modified
keycloak/services/src/main/java/org/keycloak/protocol/saml/SamlProtocol.java - Modified
keycloak/examples/providers/authenticator/src/main/java/org/keycloak/examples/authenticator/SecretQuestionAuthenticator.java - Modified
---
Quarkus3 branch sync no. 6 (17.2.2023)
Resolved conflicts:
keycloak/integration/admin-client/src/main/java/org/keycloak/admin/client/resource/ComponentsResource.java - Modified
keycloak/testsuite/utils/src/main/java/org/keycloak/testsuite/KeycloakServer.java - Modified
keycloak/services/src/main/java/org/keycloak/protocol/saml/installation/SamlSPDescriptorClientInstallation.java - Modified
---
Quarkus3 branch sync no. 5 (10.2.2023)
Resolved conflicts:
/keycloak/services/src/main/java/org/keycloak/social/google/GoogleIdentityProvider.java	Modified - Modified
keycloak/services/src/main/java/org/keycloak/social/twitter/TwitterIdentityProvider.java - Modified
---
Quarkus3 branch sync no. 4 (3.2.2023)
Resolved conflicts:
keycloak/quarkus/runtime/src/main/java/org/keycloak/quarkus/runtime/integration/jaxrs/QuarkusKeycloakApplication.java - Modified
---
Quarkus3 branch sync no. 1 (18.1.2023)
Resolved conflicts:
keycloak/testsuite/client/ClientPoliciesTest.java - Deleted
keycloak/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/client/ClientRegistrationTest.java - Modified
keycloak/model/map-jpa/src/main/java/org/keycloak/models/map/storage/jpa/JpaModelCriteriaBuilder.java - Modified
 2023-04-27 13:36:54 +02:00
Peter Skopek
5cc385d460
Add a Galleon feature pack to allow Galleon provisioning of the SAML adapter to WildFly (#19710) 
* Add a Galleon feature pack to allow Galleon provisioning of the SAML adapter to WildFly

Closes #12363

Signed-off-by: Peter Skopek <pskopek@redhat.com>

* Transition SAML adapter modules to Jakarta #12363

Signed-off-by: Peter Skopek <pskopek@redhat.com>

* Wildfly Galleon Pack version and configuration updated #12363

Signed-off-by: Peter Skopek <pskopek@redhat.com>

---------

Signed-off-by: Peter Skopek <pskopek@redhat.com>
Co-authored-by: Farah Juma <fjuma@redhat.com>
 2023-04-18 08:47:24 +02:00
rmartinc
cab7e50410 Better handling for SAML signatures in POST and REDIRECT bindings 
Closes https://github.com/keycloak/keycloak/issues/17456
 2023-03-15 09:06:59 -03:00
Jon Koops
972ebb9650
Use a valid SemVer format for the SNAPSHOT version (#17334) 
* Use a valid SemVer format for the SNAPSHOT version

* Update pom.xml

* Update pom.xml

---------

Co-authored-by: Stian Thorgersen <stianst@gmail.com>
Co-authored-by: Stian Thorgersen <stian@redhat.com>
 2023-03-03 11:11:44 +01:00
laskasn
dc8b759c3d Use encryption keys rather than sig for crypto in SAML 
Closes #13606

Co-authored-by: mhajas <mhajas@redhat.com>
Co-authored-by: hmlnarik <hmlnarik@redhat.com>
 2023-02-10 12:06:49 +01:00
Peter Skopek
8f9c3cdeab SAML adapter is missing "crypto/default" module (#15146) 
Closes #15146
 2022-10-26 11:59:56 +02:00