keycloak

mirror of https://github.com/keycloak/keycloak.git synced 2026-01-09 23:12:06 -03:30

Author	SHA1	Message	Date
Martin Bartoš	8502cc3ae1	Including OTLP headers for tracing (#43122 ) * Including OTLP headers for tracing Closes #41007 Signed-off-by: Martin Bartoš <mabartos@redhat.com> * Polishing, add test for the util class, address review Signed-off-by: Martin Bartoš <mabartos@redhat.com> * Remove the WildcardOptionsUtil#isKcWildcardOption Signed-off-by: Martin Bartoš <mabartos@redhat.com> --------- Signed-off-by: Martin Bartoš <mabartos@redhat.com>	2025-10-31 15:46:05 +01:00
Stian Thorgersen	a34b14796f	Run unit tests with JDK matrix (#43240 ) Closes #16039 Signed-off-by: stianst <stianst@gmail.com>	2025-10-31 13:21:44 +01:00
Stian Thorgersen	1048c8d9c9	Filter out non-user authentication IdPs from account and login (#43798 ) Closes #43553 Signed-off-by: stianst <stianst@gmail.com>	2025-10-31 12:40:04 +01:00
rmartinc	f92adda310	Improve JWT Assertion Validation using client validators Closes #43642 Signed-off-by: rmartinc <rmartinc@redhat.com>	2025-10-31 11:58:08 +01:00
forkimenjeckayang	f27982aeb7	[OID4VCI] Ensure authorization_details from PAR requests are properly returned in token responses (#43215 ) Closes #43214 Signed-off-by: forkimenjeckayang <forkimenjeckayang@gmail.com> Signed-off-by: Awambeng Rodrick <awambengrodrick@gmail.com> Co-authored-by: Awambeng Rodrick <awambengrodrick@gmail.com>	2025-10-31 11:39:38 +01:00
Ingrid Kamga	ea06651da5	[OID4VCI] Ensure `openid_credential` is one of `authorization_details_types_supported` on the Authorization Server metadata (#43599 ) Closes #43398 Signed-off-by: Ingrid Kamga <Ingrid.Kamga@adorsys.com>	2025-10-31 11:32:24 +01:00
Melek KNANI	8374be674e	fix(admin-ui): correct default value for backchannel logout session required Signed-off-by: Melek KNANI <melek.knani@etu.ec-lyon.fr>	2025-10-31 11:00:50 +01:00
rmartinc	3b3adcf1e4	Ensure the logout endpoint removes the authentication session Closes #43853 Signed-off-by: rmartinc <rmartinc@redhat.com>	2025-10-31 10:59:25 +01:00
Martin Bartoš	12d9ec048b	[quarkus-next] Removed exception escaped OTel attribute (#43848 ) Closes #43845 Signed-off-by: Martin Bartoš <mabartos@redhat.com>	2025-10-31 08:52:07 +01:00
Stian Thorgersen	71160384ca	Add ppc64le to Operator CSV metadata (#43831 ) Closes #43830 Signed-off-by: stianst <stianst@gmail.com>	2025-10-31 06:30:14 +01:00
Pedro Ruivo	24f67d0c04	Always validate cookie signature Closes #43851 Signed-off-by: Pedro Ruivo <1492066+pruivo@users.noreply.github.com> Co-authored-by: Pedro Ruivo <1492066+pruivo@users.noreply.github.com>	2025-10-30 22:18:13 +00:00
Pedro Ruivo	e40c5de050	Session cache affinity Closes #42776 Signed-off-by: Pedro Ruivo <1492066+pruivo@users.noreply.github.com> Signed-off-by: Alexander Schwartz <alexander.schwartz@gmx.net> Signed-off-by: Alexander Schwartz <alexander.schwartz@ibm.com> Co-authored-by: Pedro Ruivo <1492066+pruivo@users.noreply.github.com> Co-authored-by: Alexander Schwartz <alexander.schwartz@gmx.net> Co-authored-by: Steven Hawkins <shawkins@redhat.com> Co-authored-by: Alexander Schwartz <alexander.schwartz@ibm.com>	2025-10-30 21:01:09 +00:00
Andreas Blättlinger	bd2a1c7c00	Use password visibility icon from theme.properties Closes #43843 Signed-off-by: Andreas Blaettlinger <bln1imb@bosch.com>	2025-10-30 21:18:51 +01:00
Ricardo Martin	475d2c0f02	Remove the trailing slash for base url in the account and admin tests Closes #43863 Signed-off-by: rmartinc <rmartinc@redhat.com>	2025-10-30 20:48:01 +01:00
Steven Hawkins	74e5da49c7	fix: moving h2 logic out of Database so that it can be resolved (#43750 ) closes: #43687 Signed-off-by: Steve Hawkins <shawkins@redhat.com>	2025-10-30 11:08:10 -04:00
Steven Hawkins	9e98f2bf96	fix: simplify debug handling and remove the 0.0.0.0 default (#43574 ) * fix: simplify debug handling and remove the 0.0.0.0 default closes: #43160 Signed-off-by: Steve Hawkins <shawkins@redhat.com> * Update quarkus/dist/src/main/content/bin/kc.sh Co-authored-by: Václav Muzikář <vaclav@muzikari.cz> Signed-off-by: Steven Hawkins <shawkins@redhat.com> * removing the ability to specify just the ip Signed-off-by: Steve Hawkins <shawkins@redhat.com> * Apply suggestions from code review Co-authored-by: Peter Zaoral <pepo48@gmail.com> Signed-off-by: Steven Hawkins <shawkins@redhat.com> --------- Signed-off-by: Steve Hawkins <shawkins@redhat.com> Signed-off-by: Steven Hawkins <shawkins@redhat.com> Co-authored-by: Václav Muzikář <vaclav@muzikari.cz> Co-authored-by: Peter Zaoral <pepo48@gmail.com>	2025-10-30 15:57:37 +01:00
Alexander Schwartz	0f01444543	Allow only normalized paths in requests (#43765 ) Closes #43763 Signed-off-by: Martin Bartoš <mabartos@redhat.com> Signed-off-by: Alexander Schwartz <alexander.schwartz@ibm.com> Co-authored-by: Martin Bartoš <mabartos@redhat.com>	2025-10-30 14:37:50 +01:00
Pedro Ruivo	6317c02a27	Refactor AuthenticationSessionManager Closes #43825 Signed-off-by: Pedro Ruivo <1492066+pruivo@users.noreply.github.com> Signed-off-by: Alexander Schwartz <alexander.schwartz@ibm.com> Co-authored-by: Pedro Ruivo <1492066+pruivo@users.noreply.github.com> Co-authored-by: Alexander Schwartz <alexander.schwartz@ibm.com>	2025-10-30 12:26:07 +01:00
Stian Thorgersen	be6a3814fb	Add CORS support to OIDC dynamic client registration endpoints (#43625 ) Closes #8863 Signed-off-by: stianst <stianst@gmail.com>	2025-10-30 12:12:08 +01:00
Patrick Weiner	b4e5c01929	Set `autofocus` on WebAuthn authenticate button in keycloak.v2 login theme. (#43803 ) Closes #43802 Signed-off-by: Patrick Weiner <patrick.weiner@prime-sign.com>	2025-10-30 11:02:00 +01:00
Tomáš Kyjovský	4c64b7189c	Deprecate `org.keycloak.common.util.Base64` Closes #43370 Signed-off-by: Alexander Schwartz <alexander.schwartz@ibm.com> Signed-off-by: 1867605+tkyjovsk@users.noreply.github.com Co-authored-by: Pedro Ruivo <1492066+pruivo@users.noreply.github.com> Co-authored-by: Alexander Schwartz <alexander.schwartz@ibm.com>	2025-10-30 09:12:14 +01:00
Peter Zaoral	f65adbf628	win-fix: correct hostname normalization condition for loopback addresses (#43634 ) Closes: #42794 Signed-off-by: Peter Zaoral <pzaoral@redhat.com> Co-authored-by: Steven Hawkins <shawkins@redhat.com>	2025-10-30 08:49:45 +01:00
Weblate (bot)	8525792d92	Translations update from Hosted Weblate (#43739 ) * Updated translation for Turkish Language: tr Update translation files Updated by "Cleanup translation files" hook in Weblate. Updated translation for Turkish Language: tr Updated translation for Turkish Language: tr Updated translation for Turkish Language: tr Co-authored-by: Alpertunga <a_ertin@msn.com> Co-authored-by: Arif EROL <arif.erol16@gmail.com> Co-authored-by: Hosted Weblate <hosted@weblate.org> Signed-off-by: Alpertunga <a_ertin@msn.com> Signed-off-by: Arif EROL <arif.erol16@gmail.com> Signed-off-by: Hosted Weblate <hosted@weblate.org> * Update translation files Updated by "Cleanup translation files" hook in Weblate. Co-authored-by: Hosted Weblate <hosted@weblate.org> Signed-off-by: Hosted Weblate <hosted@weblate.org> * Update translation files Updated by "Cleanup translation files" hook in Weblate. Updated translation for German Language: de Co-authored-by: Hosted Weblate <hosted@weblate.org> Co-authored-by: Robin <39960884+robson90@users.noreply.github.com> Signed-off-by: Hosted Weblate <hosted@weblate.org> Signed-off-by: Robin <39960884+robson90@users.noreply.github.com> * Update translation files Updated by "Cleanup translation files" hook in Weblate. Updated translation for Russian Language: ru Co-authored-by: Anton Petrov <petrov9810@gmail.com> Co-authored-by: Hosted Weblate <hosted@weblate.org> Signed-off-by: Anton Petrov <petrov9810@gmail.com> Signed-off-by: Hosted Weblate <hosted@weblate.org> * Update translation files Updated by "Cleanup translation files" hook in Weblate. Co-authored-by: Hosted Weblate <hosted@weblate.org> Signed-off-by: Hosted Weblate <hosted@weblate.org> * Update translation files Updated by "Cleanup translation files" hook in Weblate. Co-authored-by: Hosted Weblate <hosted@weblate.org> Signed-off-by: Hosted Weblate <hosted@weblate.org> * Updated translation for French Language: fr Updated translation for French Language: fr Update translation files Updated by "Cleanup translation files" hook in Weblate. Updated translation for French Language: fr Translated using Weblate (French) Translation: Keycloak/Theme base/admin Translate-URL: https://hosted.weblate.org/projects/keycloak/theme-baseadmin/fr/ Updated translation for French Language: fr Updated translation for French Language: fr Updated translation for French Language: fr Updated translation for French Language: fr Co-authored-by: Alexander Schwartz <alexander.schwartz@gmx.net> Co-authored-by: Dodouce <marin.pau22@gmail.com> Co-authored-by: Hosted Weblate <hosted@weblate.org> Co-authored-by: Sylvain Pichon <service@spichon.fr> Signed-off-by: Alexander Schwartz <alexander.schwartz@gmx.net> Signed-off-by: Dodouce <marin.pau22@gmail.com> Signed-off-by: Hosted Weblate <hosted@weblate.org> Signed-off-by: Sylvain Pichon <service@spichon.fr> * Update translation files Updated by "Cleanup translation files" hook in Weblate. Co-authored-by: Hosted Weblate <hosted@weblate.org> Signed-off-by: Hosted Weblate <hosted@weblate.org> * Update translation files Updated by "Cleanup translation files" hook in Weblate. Co-authored-by: Hosted Weblate <hosted@weblate.org> Signed-off-by: Hosted Weblate <hosted@weblate.org> --------- Signed-off-by: Alpertunga <a_ertin@msn.com> Signed-off-by: Arif EROL <arif.erol16@gmail.com> Signed-off-by: Hosted Weblate <hosted@weblate.org> Signed-off-by: Robin <39960884+robson90@users.noreply.github.com> Signed-off-by: Anton Petrov <petrov9810@gmail.com> Signed-off-by: Alexander Schwartz <alexander.schwartz@gmx.net> Signed-off-by: Dodouce <marin.pau22@gmail.com> Signed-off-by: Sylvain Pichon <service@spichon.fr> Co-authored-by: Alpertunga <a_ertin@msn.com> Co-authored-by: Arif EROL <arif.erol16@gmail.com> Co-authored-by: Robin <39960884+robson90@users.noreply.github.com> Co-authored-by: Anton Petrov <petrov9810@gmail.com> Co-authored-by: Alexander Schwartz <alexander.schwartz@gmx.net> Co-authored-by: Dodouce <marin.pau22@gmail.com> Co-authored-by: Sylvain Pichon <service@spichon.fr>	2025-10-29 19:51:04 +01:00
Steven Hawkins	ccc7568879	fix: updating build docs (#43607 ) * fix: updating build docs closes: #43606 Signed-off-by: Steve Hawkins <shawkins@redhat.com> * Update docs/building.md Co-authored-by: Martin Bartoš <mabartos@redhat.com> Signed-off-by: Steven Hawkins <shawkins@redhat.com> --------- Signed-off-by: Steve Hawkins <shawkins@redhat.com> Signed-off-by: Steven Hawkins <shawkins@redhat.com> Co-authored-by: Martin Bartoš <mabartos@redhat.com>	2025-10-29 12:05:49 -04:00
Marek Posolda	2fc5419676	Avoid using UserCredentialManager from user storage extensions (#43695 ) closes #43694 Signed-off-by: mposolda <mposolda@gmail.com>	2025-10-29 16:26:59 +01:00
Stan Silvert	322cbcdd84	Only check required field when i18n dialog is open. Fixes #41271 Fixes #41270 Signed-off-by: Stan Silvert <ssilvert@redhat.com>	2025-10-29 11:16:45 -03:00
Bruno Oliveira da Silva	6bce46c842	Reduce Dependabot PR noise by grouping them and switching to weekly batch updates (#43704 ) This PR uses dependabot.yml groups key to controls version updates. It tells Dependabot to bundle regular package upgrades (e.g., npm or github-actions) into a single pull request based on your rules. Additional step: Enable in the repository settings grouped updates: This setting controls security updates. Enabling this tells Dependabot to bundle all available security patches (i.e., updates that fix vulnerabilities) into a single pull request, separate from our version updates. See: https://github.blog/changelog/2024-03-28-dependabot-grouped-security-updates-generally-available/ Signed-off-by: Bruno Oliveira da Silva <bruno@abstractj.com>	2025-10-29 13:30:24 +01:00
Pedro Igor	ce5dd51921	Migration step to add the reset-password scope to user resource type resources Closes #43736 Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>	2025-10-29 08:49:51 -03:00
Ryan Emerson	3ba8a68f2c	Document debug log settings required to show applied Infinispan configuration Closes #43655 Signed-off-by: Ryan Emerson <remerson@ibm.com>	2025-10-29 12:36:53 +01:00
Alexander Schwartz	4f10c10ffd	Don't keep an old session to avoid a stable objects and a memory leak Closes #43761 Signed-off-by: Alexander Schwartz <alexander.schwartz@ibm.com>	2025-10-29 08:01:55 -03:00
Marek Posolda	5693899246	Picture of the token-exchange flow in the documentation closes #39881 Signed-off-by: mposolda <mposolda@gmail.com> Signed-off-by: Alexander Schwartz <alexander.schwartz@ibm.com> Co-authored-by: Alexander Schwartz <alexander.schwartz@ibm.com>	2025-10-29 10:38:37 +00:00
Alexander Schwartz	3cf0989498	Resolve session leak in DeclarativeUserProfileProvider Closes #43785 Signed-off-by: Alexander Schwartz <alexander.schwartz@ibm.com>	2025-10-29 07:31:18 -03:00
Giuseppe Graziano	759e062131	JWT Authorization grant client configuration (#43685 ) closes #43567 Signed-off-by: Giuseppe Graziano <g.graziano94@gmail.com>	2025-10-29 08:45:51 +01:00
Alexander Schwartz	47288a9643	Role mapper should check if an update is needed for the role Closes #43698 Signed-off-by: Alexander Schwartz <alexander.schwartz@ibm.com>	2025-10-28 14:52:51 -03:00
Steven Hawkins	3cb9e0bcd8	task: testing servicemonitor patching closes: #43778 Signed-off-by: Steve Hawkins <shawkins@redhat.com>	2025-10-28 17:06:06 +00:00
Steven Hawkins	d9e3f55b69	fix: forcing the namespace for the servicemonitor check closes: #43774 Signed-off-by: Steve Hawkins <shawkins@redhat.com>	2025-10-28 17:25:53 +01:00
Alexander Schwartz	2b51d6f4ac	Avoid holding on to the realm in cached configurations Closes #43744 Signed-off-by: Alexander Schwartz <alexander.schwartz@ibm.com>	2025-10-28 13:10:24 -03:00
Ricardo Martin	e0c1f2ee0f	Check offline scope is still assigned when performing a refresh Closes #43734 Signed-off-by: rmartinc <rmartinc@redhat.com>	2025-10-28 16:42:34 +01:00
Pedro Igor	42edee22d9	Email should be set when email as username is enabled and email is read-only Closes #43718 Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>	2025-10-28 14:44:57 +01:00
Alexander Schwartz	ba0fe9bd70	Cleaning up threadlocals to prevent (small) memory leak Closes #43759 Signed-off-by: Alexander Schwartz <alexander.schwartz@ibm.com>	2025-10-28 10:36:27 -03:00
Alexander Schwartz	b537fc954a	Cleaning no-longer used message keys (#43719 ) Closes #43717 Signed-off-by: Alexander Schwartz <alexander.schwartz@ibm.com>	2025-10-28 09:25:03 -04:00
rmartinc	1bd9a3f473	Only add the none verifier when attestation conveyance preference is none Closes #43723 Signed-off-by: rmartinc <rmartinc@redhat.com>	2025-10-28 05:30:24 -03:00
Marco N.	8136b03c67	Add authorization checks for workflows Require the "manage-realm" role to perform any operation on a workflow Closes #43509 Signed-off-by: Marco Neuhaus <m.neuhaus@smf.de>	2025-10-27 17:45:48 +01:00
Pedro Igor	53142d8f92	Fixing flaky test KcOidcBrokerTest#testPostBrokerLoginFlowWithOTP Closes #42601 Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>	2025-10-27 17:28:28 +01:00
Stan Silvert	defd03c747	Manage workflowJSON state in the form. Closes #43041 Closes #43450 Signed-off-by: Stan Silvert <ssilvert@redhat.com>	2025-10-27 10:10:11 -03:00
Stan Silvert	398cf1afed	Change workflow view function to update. Also handle authorization. Implements #43041 Implements #43450 Signed-off-by: Stan Silvert <ssilvert@redhat.com>	2025-10-27 10:10:11 -03:00
Stan Silvert	b287543f6c	Clean up based on review. Closes #43041 Signed-off-by: Stan Silvert <ssilvert@redhat.com>	2025-10-27 10:10:11 -03:00
Stan Silvert	23f21c8232	Implement workflow view/copy/enable/disable. Closes #43041 Signed-off-by: Stan Silvert <ssilvert@redhat.com>	2025-10-27 10:10:11 -03:00
Alexander Schwartz	aadffb94fb	Fix typo in LDAP edit mode in the docs Closes #43720 Signed-off-by: Alexander Schwartz <alexander.schwartz@ibm.com>	2025-10-27 08:42:44 -03:00
Stefan Guilhen	3751bc050d	Workflows enhancements - Allow specifying a parameter in events to better tie workflows to more specific events (e.g. user-role-added(name-of-role)) - Make workflows 'if' and 'on' fields use expressions by default - Fix condition evaluation inconsistencies by having a single param for each condition - Remove need to use double quotes for condition parameters - Reference groups by path instead of id in conditions Closes #43137 Closes #43536 Closes #43537 Closes #43661 Closes #43715 Signed-off-by: Stefan Guilhen <sguilhen@redhat.com>	2025-10-27 07:20:59 -03:00

... 7 8 9 10 11 ...

29886 Commits