keycloak

mirror of https://github.com/keycloak/keycloak.git synced 2026-01-10 15:32:05 -03:30

Author	SHA1	Message	Date
Sylvere Richard	173471a1c9	Fix #40995 avoid ModelException: At least one condition should be provided to OR query Closes #40995 Signed-off-by: Sylvere Richard <sylvere.richard@gmail.com>	2025-07-10 15:34:02 -03:00
Stian Thorgersen	efd1ffd244	Increase timeout when publishing to Maven Central (#41051 ) Signed-off-by: stianst <stianst@gmail.com>	2025-07-10 20:30:04 +02:00
Pascal Knüppel	f39a37d8d1	[OID4VCI] Move realm attributes to clientScope and protocol-mappers (#39768 ) fixes #39527 Signed-off-by: Pascal Knüppel <pascal.knueppel@governikus.de> Signed-off-by: Captain-P-Goldfish <captain.p.goldfish@gmx.de>	2025-07-10 14:46:36 +02:00
Steven Hawkins	66ffce6661	fix: restricting lookup of existing resources to current owner (#40985 ) closes: #40932 Signed-off-by: Steve Hawkins <shawkins@redhat.com>	2025-07-10 11:04:04 +00:00
Pedro Ruivo	21eda2ae7a	Improve logging for client sessions load Closes #41034 Signed-off-by: Pedro Ruivo <1492066+pruivo@users.noreply.github.com> Signed-off-by: Alexander Schwartz <alexander.schwartz@gmx.net> Co-authored-by: Pedro Ruivo <1492066+pruivo@users.noreply.github.com> Co-authored-by: Alexander Schwartz <alexander.schwartz@gmx.net> Co-authored-by: Marek Posolda <mposolda@gmail.com>	2025-07-10 10:08:27 +00:00
rmartinc	e631ef4f92	Remove /etc/system-fips file before executing fips-mode-setup Closes #41038 Signed-off-by: rmartinc <rmartinc@redhat.com>	2025-07-10 09:02:37 +02:00
Martin Kanis	5a42390341	Make UPDATE_EMAIL a supported feature Closes #40227 Signed-off-by: Martin Kanis <mkanis@redhat.com>	2025-07-09 10:15:48 -03:00
michael.cordingley	20a4dc283b	Generate a UUID to be the JTI instead of reusing the nonce. Signed-off-by: michael.cordingley <michael.cordingley@upstart.com>	2025-07-09 13:15:17 +02:00
forkimenjeckayang	beb4be6b32	[OID4VCI] : Update Credential Issuer Metadata Model for OID4VCI Draft-15 (#40749 ) Closes #39290 Signed-off-by: forkimenjeckayang <forkimenjeckayang@gmail.com>	2025-07-09 11:41:17 +02:00
Håvar Nøvik	9d41092944	BUGFIX: session limit exceeded for both client & realm This commit fixes a bug the wrong user session is removed if the user session limit for realm and client is exceeded at the same time. Closes #38016 Signed-off-by: Håvar Nøvik <havar@novik.email>	2025-07-09 11:37:55 +02:00
rmartinc	900d8c7400	Changing default passwordless webauthn policy to follow recommended values in the documentation Closes #40792 Signed-off-by: rmartinc <rmartinc@redhat.com>	2025-07-09 11:34:28 +02:00
rmartinc	6b050776bc	Set client in the session context for logout token encode Closes #40984 Signed-off-by: rmartinc <rmartinc@redhat.com>	2025-07-09 10:50:05 +02:00
rmartinc	d62114e50e	Do not add steps if feature disabled in default flows Allow login if a step is disabled even the authenticator is not enabled by profile Closes #40954 Signed-off-by: rmartinc <rmartinc@redhat.com>	2025-07-09 10:44:36 +02:00
dependabot[bot]	966aab5585	Bump @types/node from 24.0.10 to 24.0.12 in /js (#41016 ) Bumps [@types/node](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/node) from 24.0.10 to 24.0.12. - [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases) - [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/node) --- updated-dependencies: - dependency-name: "@types/node" dependency-version: 24.0.12 dependency-type: direct:development update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	2025-07-09 08:00:32 +00:00
vramik	332c9b6e4a	Fix NPE when accessing group concurrently Closes #40368 Signed-off-by: vramik <vramik@redhat.com>	2025-07-08 16:13:54 -03:00
Ogen Bertrand	e92b825a14	[OID4VCI]: Add a unique notification_id generation to OID4VCIssuerEndpoint used in CredentialResponse. (#40229 ) closes #39284 Signed-off-by: Ogenbertrand <ogenbertrand@gmail.com>	2025-07-08 19:57:31 +02:00
Alexander Schwartz	2e613dea27	Rework floating promises to avoid concurrency side effects Closes #40739 Signed-off-by: Alexander Schwartz <aschwart@redhat.com> Signed-off-by: Alexander Schwartz <alexander.schwartz@gmx.net> Co-authored-by: Jon Koops <jonkoops@gmail.com>	2025-07-08 19:43:15 +02:00
dependabot[bot]	70f4acdf43	Bump vite from 7.0.0 to 7.0.2 in /js (#40953 ) Bumps [vite](https://github.com/vitejs/vite/tree/HEAD/packages/vite) from 7.0.0 to 7.0.2. - [Release notes](https://github.com/vitejs/vite/releases) - [Changelog](https://github.com/vitejs/vite/blob/main/packages/vite/CHANGELOG.md) - [Commits](https://github.com/vitejs/vite/commits/v7.0.2/packages/vite) --- updated-dependencies: - dependency-name: vite dependency-version: 7.0.2 dependency-type: direct:development update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	2025-07-08 15:44:22 +00:00
dependabot[bot]	d3e4c88836	Bump i18next from 25.3.0 to 25.3.1 in /js (#40950 ) Bumps [i18next](https://github.com/i18next/i18next) from 25.3.0 to 25.3.1. - [Release notes](https://github.com/i18next/i18next/releases) - [Changelog](https://github.com/i18next/i18next/blob/master/CHANGELOG.md) - [Commits](https://github.com/i18next/i18next/compare/v25.3.0...v25.3.1) --- updated-dependencies: - dependency-name: i18next dependency-version: 25.3.1 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	2025-07-08 15:38:16 +00:00
dependabot[bot]	905e526c2d	Bump rollup from 4.44.1 to 4.44.2 in /js (#40951 ) Bumps [rollup](https://github.com/rollup/rollup) from 4.44.1 to 4.44.2. - [Release notes](https://github.com/rollup/rollup/releases) - [Changelog](https://github.com/rollup/rollup/blob/master/CHANGELOG.md) - [Commits](https://github.com/rollup/rollup/compare/v4.44.1...v4.44.2) --- updated-dependencies: - dependency-name: rollup dependency-version: 4.44.2 dependency-type: direct:development update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	2025-07-08 16:46:54 +02:00
dependabot[bot]	1df6a60f46	Bump react-hook-form from 7.59.0 to 7.60.0 in /js (#40952 ) Bumps [react-hook-form](https://github.com/react-hook-form/react-hook-form) from 7.59.0 to 7.60.0. - [Release notes](https://github.com/react-hook-form/react-hook-form/releases) - [Changelog](https://github.com/react-hook-form/react-hook-form/blob/master/CHANGELOG.md) - [Commits](https://github.com/react-hook-form/react-hook-form/compare/v7.59.0...v7.60.0) --- updated-dependencies: - dependency-name: react-hook-form dependency-version: 7.60.0 dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	2025-07-08 16:46:29 +02:00
dependabot[bot]	93501839f6	Bump typescript-eslint from 8.35.1 to 8.36.0 in /js (#40986 ) Bumps [typescript-eslint](https://github.com/typescript-eslint/typescript-eslint/tree/HEAD/packages/typescript-eslint) from 8.35.1 to 8.36.0. - [Release notes](https://github.com/typescript-eslint/typescript-eslint/releases) - [Changelog](https://github.com/typescript-eslint/typescript-eslint/blob/main/packages/typescript-eslint/CHANGELOG.md) - [Commits](https://github.com/typescript-eslint/typescript-eslint/commits/v8.36.0/packages/typescript-eslint) --- updated-dependencies: - dependency-name: typescript-eslint dependency-version: 8.36.0 dependency-type: direct:development update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	2025-07-08 16:40:08 +02:00
dependabot[bot]	f974ead889	Bump vite-plugin-checker from 0.9.3 to 0.10.0 in /js (#40987 ) Bumps [vite-plugin-checker](https://github.com/fi3ework/vite-plugin-checker) from 0.9.3 to 0.10.0. - [Release notes](https://github.com/fi3ework/vite-plugin-checker/releases) - [Changelog](https://github.com/fi3ework/vite-plugin-checker/blob/main/CHANGELOG.md) - [Commits](https://github.com/fi3ework/vite-plugin-checker/compare/vite-plugin-checker@0.9.3...vite-plugin-checker@0.10.0) --- updated-dependencies: - dependency-name: vite-plugin-checker dependency-version: 0.10.0 dependency-type: direct:development update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	2025-07-08 16:39:30 +02:00
rmartinc	70f0731b21	Make passkeys feature dependent on web_authn Closes #40975 Signed-off-by: rmartinc <rmartinc@redhat.com>	2025-07-08 13:59:43 +02:00
Michal Hajas	aafcb60da8	Update MAINTAINERS.md (#40800 ) Signed-off-by: Michal Hajas <mhajas@redhat.com>	2025-07-08 13:46:58 +02:00
Weblate (bot)	0e52770387	Translations update from Hosted Weblate (#40979 ) * Updated translation for Portuguese (Brazil) Language: pt_BR Updated translation for Portuguese (Brazil) Language: pt_BR Updated translation for Portuguese (Brazil) Language: pt_BR Updated translation for Portuguese (Brazil) Language: pt_BR Updated translation for Portuguese (Brazil) Language: pt_BR Co-authored-by: Felipe Zorzo <felipe.b.zorzo@gmail.com> Co-authored-by: Hosted Weblate <hosted@weblate.org> Signed-off-by: Felipe Zorzo <felipe.b.zorzo@gmail.com> Signed-off-by: Hosted Weblate <hosted@weblate.org> * Updated translation for Russian Language: ru Co-authored-by: Anton Petrov <petrov9810@gmail.com> Co-authored-by: Hosted Weblate <hosted@weblate.org> Signed-off-by: Anton Petrov <petrov9810@gmail.com> Signed-off-by: Hosted Weblate <hosted@weblate.org> * Updated translation for Romanian Language: ro Co-authored-by: Hosted Weblate <hosted@weblate.org> Co-authored-by: Liviu Roman <contact@liviuroman.com> Signed-off-by: Hosted Weblate <hosted@weblate.org> Signed-off-by: Liviu Roman <contact@liviuroman.com> * Updated translation for Japanese Language: ja Updated translation for Japanese Language: ja Updated translation for Japanese Language: ja Translated using Weblate (Japanese) Translation: Keycloak/Theme base/admin Translate-URL: https://hosted.weblate.org/projects/keycloak/theme-baseadmin/ja/ Updated translation for Japanese Language: ja Updated translation for Japanese Language: ja Updated translation for Japanese Language: ja Updated translation for Japanese Language: ja Updated translation for Japanese Language: ja Updated translation for Japanese Language: ja Updated translation for Japanese Language: ja Updated translation for Japanese Language: ja Updated translation for Japanese Language: ja Co-authored-by: Hosted Weblate <hosted@weblate.org> Co-authored-by: Kohei Tamura <ktamura.biz.80@gmail.com> Co-authored-by: Yoshiyuki Tabata <yoshiyuki.tabata.jy@hitachi.com> Signed-off-by: Hosted Weblate <hosted@weblate.org> Signed-off-by: Kohei Tamura <ktamura.biz.80@gmail.com> Signed-off-by: Yoshiyuki Tabata <yoshiyuki.tabata.jy@hitachi.com> * Updated translation for Dutch Language: nl Co-authored-by: Erik Jan de Wit <edewit@redhat.com> Co-authored-by: Hosted Weblate <hosted@weblate.org> Signed-off-by: Erik Jan de Wit <edewit@redhat.com> Signed-off-by: Hosted Weblate <hosted@weblate.org> * Updated translation for Spanish Language: es Co-authored-by: Hernan Lopez <hernan.lopez@gmail.com> Co-authored-by: Hosted Weblate <hosted@weblate.org> Signed-off-by: Hernan Lopez <hernan.lopez@gmail.com> Signed-off-by: Hosted Weblate <hosted@weblate.org> * Updated translation for French Language: fr Co-authored-by: Hosted Weblate <hosted@weblate.org> Co-authored-by: Sylvain Pichon <service@spichon.fr> Signed-off-by: Hosted Weblate <hosted@weblate.org> Signed-off-by: Sylvain Pichon <service@spichon.fr> * Update translation files Updated by "Remove blank strings" hook in Weblate. Updated translation for Georgian Language: ka Updated translation for Georgian Language: ka Updated translation for Georgian Language: ka Updated translation for Georgian Language: ka Co-authored-by: Hosted Weblate <hosted@weblate.org> Co-authored-by: Temuri Doghonadze <temuri.doghonadze@gmail.com> Signed-off-by: Hosted Weblate <hosted@weblate.org> Signed-off-by: Temuri Doghonadze <temuri.doghonadze@gmail.com> --------- Signed-off-by: Felipe Zorzo <felipe.b.zorzo@gmail.com> Signed-off-by: Hosted Weblate <hosted@weblate.org> Signed-off-by: Anton Petrov <petrov9810@gmail.com> Signed-off-by: Liviu Roman <contact@liviuroman.com> Signed-off-by: Kohei Tamura <ktamura.biz.80@gmail.com> Signed-off-by: Yoshiyuki Tabata <yoshiyuki.tabata.jy@hitachi.com> Signed-off-by: Erik Jan de Wit <edewit@redhat.com> Signed-off-by: Hernan Lopez <hernan.lopez@gmail.com> Signed-off-by: Sylvain Pichon <service@spichon.fr> Signed-off-by: Temuri Doghonadze <temuri.doghonadze@gmail.com> Co-authored-by: Felipe Zorzo <felipe.b.zorzo@gmail.com> Co-authored-by: Anton Petrov <petrov9810@gmail.com> Co-authored-by: Liviu Roman <contact@liviuroman.com> Co-authored-by: Kohei Tamura <ktamura.biz.80@gmail.com> Co-authored-by: Yoshiyuki Tabata <yoshiyuki.tabata.jy@hitachi.com> Co-authored-by: Erik Jan de Wit <edewit@redhat.com> Co-authored-by: Hernan Lopez <hernan.lopez@gmail.com> Co-authored-by: Sylvain Pichon <service@spichon.fr> Co-authored-by: Temuri Doghonadze <temuri.doghonadze@gmail.com>	2025-07-08 09:58:52 +02:00
Ryan Emerson	f0c623598e	Run clustering compatibility tests on release/x.y branches Closes #39966 Signed-off-by: Ryan Emerson <remerson@redhat.com>	2025-07-07 21:08:11 +02:00
Pedro Ruivo	9322d71d61	UserSession Offline removed from DB if not in cache Fixes #40754 Signed-off-by: Pedro Ruivo <pruivo@redhat.com> Signed-off-by: Alexander Schwartz <alexander.schwartz@gmx.net> Co-authored-by: Alexander Schwartz <alexander.schwartz@gmx.net>	2025-07-07 20:52:06 +02:00
Alexis Rico	c834e7473c	Fix typo in consent scope) * Deprecate `displayTest` Closes #40786 Signed-off-by: Alexis Rico <sferadev@gmail.com> Signed-off-by: Alexander Schwartz <aschwart@redhat.com> Co-authored-by: Alexander Schwartz <aschwart@redhat.com>	2025-07-07 16:38:47 +00:00
Steven Hawkins	d74e71e5ed	fix: streamlining the client scope update (#40808 ) closes: #40805 Signed-off-by: Steve Hawkins <shawkins@redhat.com>	2025-07-07 17:57:39 +02:00
Alexander Schwartz	0077b27c1f	Update documentation when no rolling update is performed Closes #40962 Signed-off-by: Alexander Schwartz <aschwart@redhat.com>	2025-07-07 17:50:02 +02:00
Steven Hawkins	193ab471c1	fix: correcting to use the X-Forwarded-Proto header (#40905 ) close: #40903 Signed-off-by: Steve Hawkins <shawkins@redhat.com>	2025-07-07 17:07:47 +02:00
vramik	114afee7f1	Use MgmtPermissionsV2 by default Closes #40192 Signed-off-by: vramik <vramik@redhat.com>	2025-07-07 11:07:21 -03:00
Steven Hawkins	eba4934950	fix: correcting spi-theme options closes: #40930 Signed-off-by: Steve Hawkins <shawkins@redhat.com>	2025-07-07 13:18:24 +00:00
forkimenjeckayang	2aca97bd19	Remove interval property from Credential Offer (#40412 ) Closes #39294 Signed-off-by: forkimenjeckayang <forkimenjeckayang@gmail.com>	2025-07-07 13:55:39 +02:00
forkimenjeckayang	178b893492	Always Return Array of Credentilas for Credential Responses (#40409 ) Closes #39283 Signed-off-by: forkimenjeckayang <forkimenjeckayang@gmail.com> Co-authored-by: Francis Pouatcha <francis.pouatcha@adorsys.com>	2025-07-07 13:53:28 +02:00
Ryan Emerson	eb7ce6ae15	Provide CLI Parameters for jgroups.* options Closes #40481 Signed-off-by: Ryan Emerson <remerson@redhat.com>	2025-07-07 13:07:45 +02:00
mkrueger92	b70342dda7	Fix NPE when client is not set in context during token encoding This commit fixes an issue throwing an NPE when trying to encode a token without having a client set in the session context. In other places in this class (like getSignatureAlgorithm(String)) this is checked. But in the type(TokenCategory) it was forgotten to check.	2025-07-07 13:01:25 +02:00
Alexander Schwartz	05d0c34681	Automatically connect to a writer instance of PostgreSQL (#40384 ) Closes #40383 Signed-off-by: Alexander Schwartz <alexander.schwartz@gmx.net> Co-authored-by: Václav Muzikář <vaclav@muzikari.cz> Co-authored-by: Martin Bartoš <mabartos@redhat.com>	2025-07-04 16:46:49 +02:00
mposolda	47ca339656	More secure call of Facebook debug token closes #40926 Signed-off-by: mposolda <mposolda@gmail.com>	2025-07-04 14:44:56 +02:00
Ryan Emerson	f8f561a435	Check cluster is correctly formed in ClusteredKeycloakServer Closes #40858 Signed-off-by: Ryan Emerson <remerson@redhat.com> Co-authored-by: Pedro Ruivo <pruivo@users.noreply.github.com>	2025-07-04 09:12:51 +00:00
Steven Hawkins	919838089f	fix: detecting when we can set the serviceName (#40894 ) closes: #40890 Signed-off-by: Steve Hawkins <shawkins@redhat.com>	2025-07-04 09:03:42 +02:00
Barathwaja S	81a7f38a76	Added emailVerified filtering for users endpoint; updated user count endpoint with logic to support enabled, emailVerified, idpAlias, idpUserId, and exact field query parameters Closes #38556 Closes #29295 Signed-off-by: Barathwaja S <sbarathwaj4@gmail.com>	2025-07-03 17:05:36 -03:00
Jon Koops	89af7fe56d	Remove myself from the Dutch language maintainers (#40893 ) Signed-off-by: Jon Koops <jonkoops@gmail.com>	2025-07-03 21:24:33 +02:00
Michael-AT-Corporation	ff9e7c2371	Added new searchByAttributes function to UsersResource with the exact parameter Closes #39609 Signed-off-by: Michael-AT-Corporation <michael-hu@ooutlook.de>	2025-07-03 13:51:46 -03:00
Mircea Talu	c315762883	Allow host:port syntax for --debug in kc.sh (#39924 ) * Allow host:port syntax for --debug in kc.sh Loosen the --debug argument parsing in kc.sh to accept full host:port addresses (e.g. 0.0.0.0:8787 or :8787) in addition to plain port numbers. This enables JDWP to bind to all container interfaces when running Keycloak in Docker, without requiring manual JAVA_OPTS overrides or script edits. Closes #38924 Signed-off-by: mircea.talu <talumircea13@gmail.com> Handle IPv6 address in --debug parameter in kc.sh Signed-off-by: mircea.talu <talumircea13@gmail.com> * Handle both bare and bracketed IPv6 addresses in kc.sh --debug parameter Signed-off-by: mircea.talu <talumircea13@gmail.com> * Handle corner cases in kc.sh --debug parameter IPv6 address handling Signed-off-by: mircea.talu <talumircea13@gmail.com> * Simplify kc.sh --debug parameter parsing, assume bracketed IPv6 addresses Signed-off-by: mircea.talu <talumircea13@gmail.com> * Remove final else case to avoid consuming following parameters Signed-off-by: mircea.talu <talumircea13@gmail.com> * Standardize indentation in kc.bat script Signed-off-by: mircea.talu <talumircea13@gmail.com> * Allow host:port syntax for --debug in kc.bat Signed-off-by: mircea.talu <talumircea13@gmail.com> * Add documentation for host:port usage in --debug parameter Signed-off-by: mircea.talu <talumircea13@gmail.com> --------- Signed-off-by: mircea.talu <talumircea13@gmail.com> Co-authored-by: Martin Bartoš <mabartos@redhat.com>	2025-07-03 12:34:17 -04:00
mposolda	c52edc853d	Verification of external OIDC token by introspection-endpoint. Adding ExternalInternalTokenExchangeV2Test closes #40167 closes #40198 Signed-off-by: mposolda <mposolda@gmail.com>	2025-07-03 16:23:13 +02:00
Weblate (bot)	7fd37690c4	Updated translation for Japanese (#40801 ) Language: ja Updated translation for Japanese Language: ja Updated translation for Japanese Language: ja Updated translation for Japanese Language: ja Signed-off-by: Hosted Weblate <hosted@weblate.org> Signed-off-by: Kohei Tamura <ktamura.biz.80@gmail.com> Co-authored-by: Kohei Tamura <ktamura.biz.80@gmail.com>	2025-07-02 21:15:27 +02:00
Ryan Emerson	7eef7697e6	Upgrade to Infinispan 15.0.16.Final Closes #40851 Signed-off-by: Ryan Emerson <remerson@redhat.com>	2025-07-02 17:53:10 +02:00
rmartinc	6535ae687e	Only include new fields for key generation if not useFile Closes #40860 Signed-off-by: rmartinc <rmartinc@redhat.com>	2025-07-02 15:37:44 +02:00

1 2 3 4 5 ...

28619 Commits