keycloak

mirror of https://github.com/keycloak/keycloak.git synced 2026-01-08 14:32:05 -03:30

Author	SHA1	Message	Date
mposolda	29c15d8e8a	Creating IdentityProvider with latest java admin-client may fail against Keycloak server 26.4 or older closes #45257 Signed-off-by: mposolda <mposolda@gmail.com>	2026-01-08 13:40:03 +01:00
Pascal Knüppel	dceee1c1fb	Fix NullPointer in JWSHeader with x5c header (#45161 ) fixes #45160 Signed-off-by: Pascal Knüppel <pascal.knueppel@governikus.de>	2026-01-07 08:35:22 +01:00
Pedro Igor	0d5766f3a8	Allow running scheduled workflows Closes #44865 Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>	2026-01-05 13:03:47 -03:00
Stefan Guilhen	66f3868ccf	Suppress the step's priority in the returned workflow JSON/YAML Closes #45075 Signed-off-by: Stefan Guilhen <sguilhen@redhat.com>	2025-12-29 10:26:21 -03:00
mposolda	08e96435c8	DefaultCryptoSdJwsTest.shouldValidateAgeSinceIssued_IfJwtIsTooOld() sometimes fails in CI closes #44971 Signed-off-by: mposolda <mposolda@gmail.com>	2025-12-18 10:59:34 +01:00
Marek Posolda	92314bccc6	More capabilities in SdJwtVP API when creating presentations (#44977 ) closes #44976 Signed-off-by: mposolda <mposolda@gmail.com>	2025-12-18 10:58:55 +01:00
forkimenjeckayang	ca617d9711	[OID4VCI]: Use Keycloak time utility for OID4VC related timestamps (#44871 ) Closes: #44235 Signed-off-by: forkimenjeckayang <forkimenjeckayang@gmail.com>	2025-12-17 14:58:01 +01:00
Awambeng Rodrick	a1bffa3ddc	Add spec-compliant jwt vc issuer well-known endpoint - expose /.well-known/jwt-vc-issuer/realms/{realm} and keep legacy route with deprecation headers - build consumer metadata URL per draft-ietf-oauth-sd-jwt-vc-13 and add realm-path coverage - add integration test for new path plus deprecation headers on legacy endpoint Closes #44256 Signed-off-by: Awambeng Rodrick <awambengrodrick@gmail.com> Signed-off-by: Awambeng <awambengrodrick@gmail.com>	2025-12-16 13:46:06 +01:00
Pascal Knüppel	46e5979b17	[OID4VCI] Handle key_attestation_required in metadata endpoint (#44471 ) fixes #43801 Signed-off-by: Pascal Knüppel <pascal.knueppel@governikus.de> Signed-off-by: Pascal Knüppel <captain.p.goldfish@gmx.de> Signed-off-by: Captain-P-Goldfish <captain.p.goldfish@gmx.de> Co-authored-by: Ingrid Kamga <xingridkamga@gmail.com>	2025-12-05 16:00:32 +01:00
Stefan Guilhen	b14d00e08f	Improve workflow concurrency settings - allow restarting based on events - allow cancelling based on events Closes #44645 Signed-off-by: Stefan Guilhen <sguilhen@redhat.com>	2025-12-05 11:28:18 -03:00
Steve Hawkins	25186278fc	fix: consolidating config logic closes: #42000 Signed-off-by: Steve Hawkins <shawkins@redhat.com>	2025-12-04 14:25:56 -03:00
forkimenjeckayang	4dd68c0316	[OID4VCI] Conformance Test Fixes (#44439 ) closes #44659 Signed-off-by: forkimenjeckayang <forkimenjeckayang@gmail.com>	2025-12-04 09:03:38 +01:00
Stefan Guilhen	65ab7f541d	Add API method that fetches the scheduled workflow steps for a resource Closes #43660 Signed-off-by: Stefan Guilhen <sguilhen@redhat.com>	2025-12-03 11:09:55 -03:00
Ricardo Martin	f91363d12d	Improve Public Key Management for JWTAuthorizationGrant identity provider Closes #44243 Signed-off-by: rmartinc <rmartinc@redhat.com>	2025-12-03 11:45:34 +01:00
mposolda	9c6a6276e4	Polishing of sd-jwt SDK builder related methods closes #44532 Signed-off-by: mposolda <mposolda@gmail.com>	2025-12-03 11:09:08 +01:00
Pascal Knüppel	9b870d3d8a	Fix ClassCastException on mixing AddressMapper with ClaimsMapper (#44457 ) closes #44455 Signed-off-by: Pascal Knüppel <pascal.knueppel@governikus.de> Signed-off-by: Captain-P-Goldfish <captain.p.goldfish@gmx.de>	2025-12-01 14:55:44 +01:00
Stefan Guilhen	3e312d91d8	Ensure null values are not serialized when fetching workflows in YAML format Closes #44396 Signed-off-by: Stefan Guilhen <sguilhen@redhat.com>	2025-12-01 10:45:35 -03:00
Giuseppe Graziano	2b4855ff97	Executor for checking claims in JWT assertions (#44537 ) Closes #4443 Signed-off-by: Giuseppe Graziano <g.graziano94@gmail.com>	2025-12-01 11:07:42 +01:00
Thomas Diesler	54bf9206b2	[OID4VCI] Credential Offer must be created by Issuer not Holder (#44255 ) closes #44116 Signed-off-by: Thomas Diesler <tdiesler@ibm.com>	2025-11-27 16:07:10 +01:00
mposolda	bf23259c0f	Removing SdJwtFacade closes #44525 Signed-off-by: mposolda <mposolda@gmail.com>	2025-11-27 14:19:27 +01:00
Alexis Rico	b0b38176f0	Manage Organization Invites Closes #38809 Signed-off-by: Alexis Rico <sferadev@gmail.com> Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com> Co-authored-by: Pedro Igor <pigor.craveiro@gmail.com>	2025-11-27 10:28:52 +01:00
mposolda	cbb823bc0e	Make sd-jwt key binding verification work with EdDSA keys closes #44369 Signed-off-by: mposolda <mposolda@gmail.com>	2025-11-26 14:44:29 +01:00
Pascal Knüppel	64d5e1a3d5	[OID4VCI] Redesign SDJwt API and handle keybinding JWT (#44227 ) closes #42091 Signed-off-by: Pascal Knüppel <pascal.knueppel@governikus.de> Signed-off-by: Captain-P-Goldfish <captain.p.goldfish@gmx.de> Signed-off-by: mposolda <mposolda@gmail.com> Co-authored-by: mposolda <mposolda@gmail.com>	2025-11-24 11:01:19 +01:00
Stian Thorgersen	2a78bc67d7	Refactoring around federated client authenticator to better handling lookup of IdPs and clients. Also, introducing updates to documentation. (#44325 ) Closes #44253 Closes #42987 Closes #44063 Signed-off-by: stianst <stianst@gmail.com> Co-authored-by: Alexander Schwartz <alexander.schwartz@gmx.net>	2025-11-22 12:53:22 +01:00
Marek Posolda	a4c583246d	Use the unified constants class for sd-jwt/oid4vc standard data and claims (#44153 ) closes #44152 Signed-off-by: mposolda <mposolda@gmail.com>	2025-11-18 10:41:04 +01:00
Stian Thorgersen	f6702decc0	JWK Algorithm Key Pair support (#44203 ) Closes #44141 Signed-off-by: stianst <stianst@gmail.com>	2025-11-17 07:51:08 +01:00
Stefan Guilhen	3319e8d9b5	Add optional parameter in WorkflowResource.toRepresentation to allow retrieval of the rep without the ids Closes #44183 Signed-off-by: Stefan Guilhen <sguilhen@redhat.com>	2025-11-14 12:20:40 -03:00
Stian Thorgersen	a2c1055f8d	Proposed import order (#43432 ) * Add importOrder to Spotless Closes #43235 Signed-off-by: stianst <stianst@gmail.com> * Re-order imports with Spotless Signed-off-by: stianst <stianst@gmail.com> --------- Signed-off-by: stianst <stianst@gmail.com>	2025-11-14 09:34:49 +01:00
Stefan Guilhen	da7993896d	Allow ISO-8601 compatible format for the after field in workflow steps - aligns the format with what is used in the JPA connection provider pool max lifetime for time-based configurations Closes #42913 Signed-off-by: Stefan Guilhen <sguilhen@redhat.com>	2025-11-12 18:51:49 -03:00
Stefan Guilhen	5ff2e22f18	Fix representation so that workflows can be properly disabled/enabled. - also removes empty 'with' configurations from the steps when retrieving the workflow. Closes #44163 Signed-off-by: Stefan Guilhen <sguilhen@redhat.com>	2025-11-12 18:51:36 -03:00
Ingrid Kamga	ce05241c7f	[OID4VCI] Tolerate clock skew in SD-JWT time checks (#43506 ) Closes #43456 Signed-off-by: Ingrid Kamga <Ingrid.Kamga@adorsys.com>	2025-11-11 09:02:44 +01:00
Stian Thorgersen	d8275fe5df	Remove wildcard imports (#44060 ) Closes #44059 Signed-off-by: stianst <stianst@gmail.com>	2025-11-10 11:46:05 +01:00
Pedro Igor	33f1dda2cf	Processing workflow events asynchronously - Part 1 Closes #42386 Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>	2025-11-07 10:57:05 -03:00
Stian Thorgersen	b278dbbb3d	Allow identity provider configuration without defaults for user authentication (#43963 ) Closes #43552 Signed-off-by: stianst <stianst@gmail.com>	2025-11-05 10:13:40 -03:00
Giuseppe Graziano	4b443f04ee	JWT Authorization grant idp config (#43841 ) Closes #43568 Signed-off-by: Giuseppe Graziano <g.graziano94@gmail.com>	2025-11-04 14:46:14 +01:00
vramik	4d912a9c21	Support for YAML payloads for Admin client for creation of workflows Closes #43666 Signed-off-by: vramik <vramik@redhat.com>	2025-11-03 13:09:17 -03:00
Ingrid Kamga	ea06651da5	[OID4VCI] Ensure `openid_credential` is one of `authorization_details_types_supported` on the Authorization Server metadata (#43599 ) Closes #43398 Signed-off-by: Ingrid Kamga <Ingrid.Kamga@adorsys.com>	2025-10-31 11:32:24 +01:00
Stian Thorgersen	be6a3814fb	Add CORS support to OIDC dynamic client registration endpoints (#43625 ) Closes #8863 Signed-off-by: stianst <stianst@gmail.com>	2025-10-30 12:12:08 +01:00
Tomáš Kyjovský	4c64b7189c	Deprecate `org.keycloak.common.util.Base64` Closes #43370 Signed-off-by: Alexander Schwartz <alexander.schwartz@ibm.com> Signed-off-by: 1867605+tkyjovsk@users.noreply.github.com Co-authored-by: Pedro Ruivo <1492066+pruivo@users.noreply.github.com> Co-authored-by: Alexander Schwartz <alexander.schwartz@ibm.com>	2025-10-30 09:12:14 +01:00
Stefan Guilhen	3751bc050d	Workflows enhancements - Allow specifying a parameter in events to better tie workflows to more specific events (e.g. user-role-added(name-of-role)) - Make workflows 'if' and 'on' fields use expressions by default - Fix condition evaluation inconsistencies by having a single param for each condition - Remove need to use double quotes for condition parameters - Reference groups by path instead of id in conditions Closes #43137 Closes #43536 Closes #43537 Closes #43661 Closes #43715 Signed-off-by: Stefan Guilhen <sguilhen@redhat.com>	2025-10-27 07:20:59 -03:00
Giuseppe Graziano	a25a0268de	Experimental feature for JWT Authorization Grant (#43624 ) Closes #43444 Signed-off-by: Giuseppe Graziano <g.graziano94@gmail.com>	2025-10-22 15:34:33 +02:00
Stefan Guilhen	657105bb41	Improve WorkflowRepresentation.Builder, changing concurrency(true) to concurrency().cancelIfRunning() for better clarity Signed-off-by: Stefan Guilhen <sguilhen@redhat.com>	2025-10-20 10:54:53 -03:00
vramik	4dc398354a	Restart workflow basen on `concurrency/cancel-if-running` option rather than `reset-on` option Closes #42911 Signed-off-by: vramik <vramik@redhat.com>	2025-10-17 10:06:43 -03:00
Stefan Guilhen	4985fa25c6	Add restart step provider, replacing the recurring config option Closes #42910 Signed-off-by: Stefan Guilhen <sguilhen@redhat.com>	2025-10-16 11:49:14 -03:00
stianst	aedd7fe5db	Remove unused imports as part of #43233 Signed-off-by: stianst <stianst@gmail.com>	2025-10-13 13:32:01 +02:00
Peter Zaoral	f67dd98dd4	Fix sdjwt tests: make all string-byte conversions explicit (UTF-8) (#43288 ) * this unifies behaviour prior to JDK18 on Windows platform Closes #43264 Signed-off-by: Peter Zaoral <pepo48@gmail.com>	2025-10-13 08:37:52 +02:00
rmartinc	5732946388	Add ECDSA as a valid key type that should return EC public key Closes #42588 Signed-off-by: rmartinc <rmartinc@redhat.com>	2025-10-07 19:41:27 +02:00
Stefan Guilhen	7f29c9bb88	Improve workflow logging messages - every execution gets its own id that can be used to track all activities related to that particular workflow execution Closes #42952 Signed-off-by: Stefan Guilhen <sguilhen@redhat.com>	2025-09-29 23:10:21 -03:00
Stefan Guilhen	ab7daf7fac	Add validation to workflow update so that only changes to the name and enabled flag are allowed for now Closes #42916 Signed-off-by: Stefan Guilhen <sguilhen@redhat.com>	2025-09-26 14:51:05 -03:00
vramik	80453bdbfb	Allow defining steps in a workflow that can run immediate or scheduled Closes #42888 Signed-off-by: vramik <vramik@redhat.com>	2025-09-25 14:37:22 -03:00

1 2 3 4 5 ...

1144 Commits