External-Mirrors/keycloak
2
0
Fork 0
mirror of https://github.com/keycloak/keycloak.git synced 2026-01-10 15:32:05 -03:30
Code Issues Packages Projects Releases Wiki Activity
29,533 Commits 26 Branches 288 Tags
Commit Graph

1332 Commits

Author SHA1 Message Date
Pedro Ruivo
18eeef7b26
Create user session expired event 
Closes #43942

Signed-off-by: Pedro Ruivo <1492066+pruivo@users.noreply.github.com>
Signed-off-by: Alexander Schwartz <alexander.schwartz@ibm.com>
Co-authored-by: Pedro Ruivo <1492066+pruivo@users.noreply.github.com>
Co-authored-by: Alexander Schwartz <alexander.schwartz@ibm.com>
 2025-11-07 22:36:47 +00:00
Pedro Ruivo
80895d7fb4
AUTH_SESSION_ID cookie has the incorrect route 
Fixes #43933

Signed-off-by: Pedro Ruivo <1492066+pruivo@users.noreply.github.com>
Co-authored-by: Pedro Ruivo <1492066+pruivo@users.noreply.github.com>
 2025-11-07 21:32:45 +00:00
Pedro Igor
33f1dda2cf Processing workflow events asynchronously - Part 1 
Closes #42386

Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>
 2025-11-07 10:57:05 -03:00
mposolda
b8a8be33aa Audience validation according to latest specs proposal 
closes #43984

Signed-off-by: mposolda <mposolda@gmail.com>
 2025-11-06 10:21:35 +01:00
Stian Thorgersen
b278dbbb3d
Allow identity provider configuration without defaults for user authentication (#43963) 
Closes #43552

Signed-off-by: stianst <stianst@gmail.com>
 2025-11-05 10:13:40 -03:00
Giuseppe Graziano
4b443f04ee
JWT Authorization grant idp config (#43841) 
Closes #43568

Signed-off-by: Giuseppe Graziano <g.graziano94@gmail.com>
 2025-11-04 14:46:14 +01:00
Thomas Diesler
131e2357a9 Cannot issue vc of type oid4vc_natural_person 
Signed-off-by: Thomas Diesler <tdiesler@ibm.com>
 2025-11-04 10:46:44 +01:00
KONSTANTINOS GEORGILAKIS
1c0d4616a5
hide scopes from scopes_supported in discovery endpoint 
Closes #10388

Signed-off-by: cgeorgilakis-grnet <cgeorgilakis@admin.grnet.gr>
Signed-off-by: Alexander Schwartz <alexander.schwartz@ibm.com>
Co-authored-by: Alexander Schwartz <alexander.schwartz@ibm.com>
 2025-11-03 16:26:12 +00:00
sander boer
d805a28ea4
Adds group description during import 
Adds the group description during group import from a
representation. This ensures that the description is properly
populated when groups are created from external sources.

Closes #42851

Signed-off-by: Sander <mail@sanderboer.nl>
 2025-11-03 16:08:49 +00:00
Stian Thorgersen
d0a7225b3d
Allow CORS Access-Control-Allow-Headers customization (#43767) 
Closes #12682

Signed-off-by: stianst <stianst@gmail.com>
 2025-11-03 06:39:44 +00:00
Stian Thorgersen
1048c8d9c9
Filter out non-user authentication IdPs from account and login (#43798) 
Closes #43553

Signed-off-by: stianst <stianst@gmail.com>
 2025-10-31 12:40:04 +01:00
rmartinc
f92adda310 Improve JWT Assertion Validation using client validators 
Closes #43642

Signed-off-by: rmartinc <rmartinc@redhat.com>
 2025-10-31 11:58:08 +01:00
forkimenjeckayang
f27982aeb7
[OID4VCI] Ensure authorization_details from PAR requests are properly returned in token responses (#43215) 
Closes #43214


Signed-off-by: forkimenjeckayang <forkimenjeckayang@gmail.com>
Signed-off-by: Awambeng Rodrick <awambengrodrick@gmail.com>
Co-authored-by: Awambeng Rodrick <awambengrodrick@gmail.com>
 2025-10-31 11:39:38 +01:00
Ingrid Kamga
ea06651da5
[OID4VCI] Ensure openid_credential is one of authorization_details_types_supported on the Authorization Server metadata (#43599) 
Closes #43398

Signed-off-by: Ingrid Kamga <Ingrid.Kamga@adorsys.com>
 2025-10-31 11:32:24 +01:00
Stian Thorgersen
be6a3814fb
Add CORS support to OIDC dynamic client registration endpoints (#43625) 
Closes #8863

Signed-off-by: stianst <stianst@gmail.com>
 2025-10-30 12:12:08 +01:00
Tomáš Kyjovský
4c64b7189c
Deprecate org.keycloak.common.util.Base64 
Closes #43370

Signed-off-by: Alexander Schwartz <alexander.schwartz@ibm.com>
Signed-off-by: 1867605+tkyjovsk@users.noreply.github.com
Co-authored-by: Pedro Ruivo <1492066+pruivo@users.noreply.github.com>
Co-authored-by: Alexander Schwartz <alexander.schwartz@ibm.com>
 2025-10-30 09:12:14 +01:00
Giuseppe Graziano
759e062131
JWT Authorization grant client configuration (#43685) 
closes #43567

Signed-off-by: Giuseppe Graziano <g.graziano94@gmail.com>
 2025-10-29 08:45:51 +01:00
Pedro Igor
42edee22d9
Email should be set when email as username is enabled and email is read-only 
Closes #43718

Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>
 2025-10-28 14:44:57 +01:00
Stefan Guilhen
3751bc050d Workflows enhancements 
- Allow specifying a parameter in events to better tie workflows to more specific events (e.g. user-role-added(name-of-role))
 - Make workflows 'if' and 'on' fields use expressions by default
 - Fix condition evaluation inconsistencies by having a single param for each condition
 - Remove need to use double quotes for condition parameters
 - Reference groups by path instead of id in conditions

Closes #43137
Closes #43536
Closes #43537
Closes #43661
Closes #43715

Signed-off-by: Stefan Guilhen <sguilhen@redhat.com>
 2025-10-27 07:20:59 -03:00
vramik
b1c0c15ad5 Add validation for Workflwow, Condition and Steps fields 
Closes #43559

Signed-off-by: vramik <vramik@redhat.com>
 2025-10-23 09:33:35 -03:00
Giuseppe Graziano
a25a0268de
Experimental feature for JWT Authorization Grant (#43624) 
Closes #43444

Signed-off-by: Giuseppe Graziano <g.graziano94@gmail.com>
 2025-10-22 15:34:33 +02:00
Stian Thorgersen
84a161d4dd
Extract related methods from IdentityProvider to UserIdentityProvider (#43535) 
Closes #43534

Signed-off-by: stianst <stianst@gmail.com>
 2025-10-21 14:27:07 +00:00
Pedro Igor
c5b560e2d8
Update user profile to allow returning a brief user representation 
Closes #42225

Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>
 2025-10-21 12:52:31 +02:00
vramik
4dc398354a Restart workflow basen on concurrency/cancel-if-running option rather than reset-on option 
Closes #42911

Signed-off-by: vramik <vramik@redhat.com>
 2025-10-17 10:06:43 -03:00
Stefan Guilhen
4985fa25c6 Add restart step provider, replacing the recurring config option 
Closes #42910

Signed-off-by: Stefan Guilhen <sguilhen@redhat.com>
 2025-10-16 11:49:14 -03:00
Pedro Igor
fa581c8148 Allow passing a context to steps 
Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>
 2025-10-13 09:53:30 -03:00
Pedro Igor
5b5a83b800 Moving WorkflowsManager and WorkflowStateSpi to server-spi-private module 
Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>
 2025-10-13 09:53:30 -03:00
stianst
aedd7fe5db Remove unused imports as part of #43233 
Signed-off-by: stianst <stianst@gmail.com>
 2025-10-13 13:32:01 +02:00
sashyo
8dd7437e90
feat(timer-provider): expose scheduled tasks and start time (#43107) 
update to return task name and taskcontext and using keycloak time over instant



fix naming

Signed-off-by: Sasha Le <iamsasha.le@gmail.com>
 2025-10-07 07:56:38 +00:00
vramik
03052e79b9 Fix scope interference 
Closes #40965

Signed-off-by: vramik <vramik@redhat.com>
 2025-09-30 09:20:22 -03:00
Stefan Guilhen
7f29c9bb88 Improve workflow logging messages 
- every execution gets its own id that can be used to track all activities related to that particular workflow execution

Closes #42952

Signed-off-by: Stefan Guilhen <sguilhen@redhat.com>
 2025-09-29 23:10:21 -03:00
Pedro Igor
d6da849206 Introducing a EMAL_PENDING user attribute to set the email pending verification 
Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>
 2025-09-29 12:41:41 -03:00
Stian Thorgersen
dbd516f8e6
Refactor SimpleHttp to make it injectable and usable outside server (#42936) 
Closes #42902

Signed-off-by: stianst <stianst@gmail.com>
 2025-09-29 08:37:05 +02:00
Pedro Igor
6e851ce80e Only filter default organization related scopes based on dynamic scope format 
Closes #42877

Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>
 2025-09-26 16:28:12 -03:00
Stefan Guilhen
7e28d13e76 Add workflow condition that uses boolean expressions to combine and negate conditions 
Closes #42583

Signed-off-by: Stefan Guilhen <sguilhen@redhat.com>
 2025-09-26 07:52:12 -03:00
vramik
80453bdbfb Allow defining steps in a workflow that can run immediate or scheduled 
Closes #42888

Signed-off-by: vramik <vramik@redhat.com>
 2025-09-25 14:37:22 -03:00
forkimenjeckayang
29bee21683
[OID4VCI] Fix authorization_details generation and credential identifier mapping for conformance tests (#42819) 
Closes: #42818

Signed-off-by: forkimenjeckayang <forkimenjeckayang@gmail.com>
 2025-09-25 13:56:30 +02:00
rmartinc
1d28c0cd35 Expose system-info information in the serverinfo endpoint only for users in the admin realm 
Closes #42828

Signed-off-by: rmartinc <rmartinc@redhat.com>
 2025-09-24 17:21:57 +02:00
Pedro Igor
41b64c91aa Do not update email if there is no email from the IdP 
Closes #42390

Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>
 2025-09-24 04:05:05 -03:00
Pedro Igor
fe8fce859d Improve the Workflow JSON schema 
Closes #42697

Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>
 2025-09-24 04:04:44 -03:00
Pedro Igor
54d2451b35 Make user read-only and a proper error message when the user federation provider is not available 
Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>
 2025-09-24 04:03:13 -03:00
Vlasta Ramik
44b4235b50
Validation for immediate workflows 
Closes #42382

Signed-off-by: vramik <vramik@redhat.com>
 2025-09-18 14:51:04 +02:00
Pedro Igor
c1fdbb0be4
Better names for workflow events 
Closes #42389

Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>
 2025-09-18 14:50:45 +02:00
Stian Thorgersen
f9ee040ef0
Add federated subject configuration option to federated-jwt authenticator (#42610) 
Closes #42608

Signed-off-by: stianst <stianst@gmail.com>
 2025-09-17 13:39:50 +02:00
Giuseppe Graziano
fd7f5351ad Client Authenticator configurable per client 
Closes #42044

Signed-off-by: Giuseppe Graziano <g.graziano94@gmail.com>
 2025-09-16 16:54:39 +02:00
vramik
d0e83cc05e Rename RLM to Workflows 
Closes #42512

Signed-off-by: vramik <vramik@redhat.com>
 2025-09-16 08:52:50 -03:00
forkimenjeckayang
64e0b450aa
[OID4VCI]: Add support for parsing and understanding authorization_details at the Token Endpoint (#40751) 
Closes #39278
Closes #39279


Signed-off-by: forkimenjeckayang <forkimenjeckayang@gmail.com>
Signed-off-by: mposolda <mposolda@gmail.com>
Co-authored-by: mposolda <mposolda@gmail.com>
 2025-09-15 14:02:45 +02:00
forkimenjeckayang
66677da8f7
[OID4VC]: Update the issuer metadata for signed metadata (#42428) 
Closes #41588

Signed-off-by: forkimenjeckayang <forkimenjeckayang@gmail.com>
 2025-09-12 08:51:56 +02:00
Pedro Igor
0d5dfc3eae
Add support for ad-hoc policies (#42508) 
Closes #42126

Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>
 2025-09-10 15:40:17 +00:00
Stefan Guilhen
371e4289c3
Add action that sets a required action for a user (#42509) 
Closes #42506

Signed-off-by: Stefan Guilhen <sguilhen@redhat.com>
 2025-09-10 14:40:20 +00:00