External-Mirrors/keycloak
2
0
Fork 0
mirror of https://github.com/keycloak/keycloak.git synced 2026-01-09 23:12:06 -03:30
Code Issues Packages Projects Releases Wiki Activity
29,658 Commits 26 Branches 288 Tags
Commit Graph

29658 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Ryan Emerson
3ba8a68f2c
Document debug log settings required to show applied Infinispan configuration 
Closes #43655

Signed-off-by: Ryan Emerson <remerson@ibm.com>
 2025-10-29 12:36:53 +01:00
Alexander Schwartz
4f10c10ffd
Don't keep an old session to avoid a stable objects and a memory leak 
Closes #43761

Signed-off-by: Alexander Schwartz <alexander.schwartz@ibm.com>
 2025-10-29 08:01:55 -03:00
Marek Posolda
5693899246
Picture of the token-exchange flow in the documentation 
closes #39881

Signed-off-by: mposolda <mposolda@gmail.com>
Signed-off-by: Alexander Schwartz <alexander.schwartz@ibm.com>
Co-authored-by: Alexander Schwartz <alexander.schwartz@ibm.com>
 2025-10-29 10:38:37 +00:00
Alexander Schwartz
3cf0989498
Resolve session leak in DeclarativeUserProfileProvider 
Closes #43785

Signed-off-by: Alexander Schwartz <alexander.schwartz@ibm.com>
 2025-10-29 07:31:18 -03:00
Giuseppe Graziano
759e062131
JWT Authorization grant client configuration (#43685) 
closes #43567

Signed-off-by: Giuseppe Graziano <g.graziano94@gmail.com>
 2025-10-29 08:45:51 +01:00
Alexander Schwartz
47288a9643
Role mapper should check if an update is needed for the role 
Closes #43698

Signed-off-by: Alexander Schwartz <alexander.schwartz@ibm.com>
 2025-10-28 14:52:51 -03:00
Steven Hawkins
3cb9e0bcd8
task: testing servicemonitor patching 
closes: #43778

Signed-off-by: Steve Hawkins <shawkins@redhat.com>
 2025-10-28 17:06:06 +00:00
Steven Hawkins
d9e3f55b69
fix: forcing the namespace for the servicemonitor check 
closes: #43774

Signed-off-by: Steve Hawkins <shawkins@redhat.com>
 2025-10-28 17:25:53 +01:00
Alexander Schwartz
2b51d6f4ac
Avoid holding on to the realm in cached configurations 
Closes #43744

Signed-off-by: Alexander Schwartz <alexander.schwartz@ibm.com>
 2025-10-28 13:10:24 -03:00
Ricardo Martin
e0c1f2ee0f
Check offline scope is still assigned when performing a refresh 
Closes #43734

Signed-off-by: rmartinc <rmartinc@redhat.com>
 2025-10-28 16:42:34 +01:00
Pedro Igor
42edee22d9
Email should be set when email as username is enabled and email is read-only 
Closes #43718

Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>
 2025-10-28 14:44:57 +01:00
Alexander Schwartz
ba0fe9bd70
Cleaning up threadlocals to prevent (small) memory leak 
Closes #43759

Signed-off-by: Alexander Schwartz <alexander.schwartz@ibm.com>
 2025-10-28 10:36:27 -03:00
Alexander Schwartz
b537fc954a
Cleaning no-longer used message keys (#43719) 
Closes #43717

Signed-off-by: Alexander Schwartz <alexander.schwartz@ibm.com>
 2025-10-28 09:25:03 -04:00
rmartinc
1bd9a3f473 Only add the none verifier when attestation conveyance preference is none 
Closes #43723

Signed-off-by: rmartinc <rmartinc@redhat.com>
 2025-10-28 05:30:24 -03:00
Marco N.
8136b03c67
Add authorization checks for workflows 
Require the "manage-realm" role to perform any operation on a workflow

Closes #43509

Signed-off-by: Marco Neuhaus <m.neuhaus@smf.de>
 2025-10-27 17:45:48 +01:00
Pedro Igor
53142d8f92
Fixing flaky test KcOidcBrokerTest#testPostBrokerLoginFlowWithOTP 
Closes #42601

Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>
 2025-10-27 17:28:28 +01:00
Stan Silvert
defd03c747 Manage workflowJSON state in the form. 
Closes #43041
Closes #43450

Signed-off-by: Stan Silvert <ssilvert@redhat.com>
 2025-10-27 10:10:11 -03:00
Stan Silvert
398cf1afed Change workflow view function to update. Also handle authorization. 
Implements #43041
Implements #43450

Signed-off-by: Stan Silvert <ssilvert@redhat.com>
 2025-10-27 10:10:11 -03:00
Stan Silvert
b287543f6c Clean up based on review. 
Closes #43041

Signed-off-by: Stan Silvert <ssilvert@redhat.com>
 2025-10-27 10:10:11 -03:00
Stan Silvert
23f21c8232 Implement workflow view/copy/enable/disable. 
Closes #43041

Signed-off-by: Stan Silvert <ssilvert@redhat.com>
 2025-10-27 10:10:11 -03:00
Alexander Schwartz
aadffb94fb Fix typo in LDAP edit mode in the docs 
Closes #43720

Signed-off-by: Alexander Schwartz <alexander.schwartz@ibm.com>
 2025-10-27 08:42:44 -03:00
Stefan Guilhen
3751bc050d Workflows enhancements 
- Allow specifying a parameter in events to better tie workflows to more specific events (e.g. user-role-added(name-of-role))
 - Make workflows 'if' and 'on' fields use expressions by default
 - Fix condition evaluation inconsistencies by having a single param for each condition
 - Remove need to use double quotes for condition parameters
 - Reference groups by path instead of id in conditions

Closes #43137
Closes #43536
Closes #43537
Closes #43661
Closes #43715

Signed-off-by: Stefan Guilhen <sguilhen@redhat.com>
 2025-10-27 07:20:59 -03:00
Weblate (bot)
3b20ca2496
Translations update from Hosted Weblate (#43598) 
* Updated translation for Turkish

Language: tr

Updated translation for Turkish

Language: tr

Updated translation for Turkish

Language: tr

Updated translation for Turkish

Language: tr

Updated translation for Turkish

Language: tr

Updated translation for Turkish

Language: tr

Updated translation for Turkish

Language: tr

Updated translation for Turkish

Language: tr

Update translation files

Updated by "Cleanup translation files" hook in Weblate.

Co-authored-by: Alexander Schwartz <alexander.schwartz@gmx.net>
Co-authored-by: Arif EROL <arif.erol16@gmail.com>
Co-authored-by: Hosted Weblate <hosted@weblate.org>
Signed-off-by: Alexander Schwartz <alexander.schwartz@gmx.net>
Signed-off-by: Arif EROL <arif.erol16@gmail.com>
Signed-off-by: Hosted Weblate <hosted@weblate.org>

* Updated translation for Portuguese (Brazil)

Language: pt_BR

Co-authored-by: Felipe Zorzo <felipe.b.zorzo@gmail.com>
Co-authored-by: Hosted Weblate <hosted@weblate.org>
Signed-off-by: Felipe Zorzo <felipe.b.zorzo@gmail.com>
Signed-off-by: Hosted Weblate <hosted@weblate.org>

* Updated translation for German

Language: de

Updated translation for German

Language: de

Co-authored-by: Alexander Schwartz <alexander.schwartz@gmx.net>
Co-authored-by: Hosted Weblate <hosted@weblate.org>
Co-authored-by: Robin <39960884+robson90@users.noreply.github.com>
Signed-off-by: Alexander Schwartz <alexander.schwartz@gmx.net>
Signed-off-by: Hosted Weblate <hosted@weblate.org>
Signed-off-by: Robin <39960884+robson90@users.noreply.github.com>

* Updated translation for Greek

Language: el

Co-authored-by: Hosted Weblate <hosted@weblate.org>
Co-authored-by: infl00pLabs <infl00p@gmail.com>
Signed-off-by: Hosted Weblate <hosted@weblate.org>
Signed-off-by: infl00pLabs <infl00p@gmail.com>

* Update translation files

Updated by "Cleanup translation files" hook in Weblate.

Co-authored-by: Hosted Weblate <hosted@weblate.org>
Signed-off-by: Hosted Weblate <hosted@weblate.org>

* Updated translation for Catalan

Language: ca

Updated translation for Catalan

Language: ca

Co-authored-by: Alexander Schwartz <alexander.schwartz@gmx.net>
Co-authored-by: Ecron <ecron_89@hotmail.com>
Co-authored-by: Hosted Weblate <hosted@weblate.org>
Signed-off-by: Alexander Schwartz <alexander.schwartz@gmx.net>
Signed-off-by: Ecron <ecron_89@hotmail.com>
Signed-off-by: Hosted Weblate <hosted@weblate.org>

* Updated translation for French

Language: fr

Updated translation for French

Language: fr

Updated translation for French

Language: fr

Translated using Weblate (French)

Translation: Keycloak/Theme base/admin
Translate-URL: https://hosted.weblate.org/projects/keycloak/theme-baseadmin/fr/

Updated translation for French

Language: fr

Updated translation for French

Language: fr

Updated translation for French

Language: fr

Updated translation for French

Language: fr

Translated using Weblate (French)

Translation: Keycloak/Theme base/admin
Translate-URL: https://hosted.weblate.org/projects/keycloak/theme-baseadmin/fr/

Updated translation for French

Language: fr

Updated translation for French

Language: fr

Updated translation for French

Language: fr

Updated translation for French

Language: fr

Updated translation for French

Language: fr

Updated translation for French

Language: fr

Updated translation for French

Language: fr

Updated translation for French

Language: fr

Updated translation for French

Language: fr

Update translation files

Updated by "Cleanup translation files" hook in Weblate.

Co-authored-by: Alexander Schwartz <alexander.schwartz@gmx.net>
Co-authored-by: Hosted Weblate <hosted@weblate.org>
Co-authored-by: Sylvain Pichon <service@spichon.fr>
Signed-off-by: Alexander Schwartz <alexander.schwartz@gmx.net>
Signed-off-by: Hosted Weblate <hosted@weblate.org>
Signed-off-by: Sylvain Pichon <service@spichon.fr>

* Updated translation for Chinese (Traditional Han script)

Language: zh_Hant

Updated translation for Chinese (Traditional Han script)

Language: zh_Hant

Updated translation for Chinese (Traditional Han script)

Language: zh_Hant

Updated translation for Chinese (Traditional Han script)

Language: zh_Hant

Update translation files

Updated by "Cleanup translation files" hook in Weblate.

Co-authored-by: Hosted Weblate <hosted@weblate.org>
Co-authored-by: 秉虎 <s96016641@gmail.com>
Signed-off-by: Hosted Weblate <hosted@weblate.org>
Signed-off-by: 秉虎 <s96016641@gmail.com>

---------

Signed-off-by: Alexander Schwartz <alexander.schwartz@gmx.net>
Signed-off-by: Arif EROL <arif.erol16@gmail.com>
Signed-off-by: Hosted Weblate <hosted@weblate.org>
Signed-off-by: Felipe Zorzo <felipe.b.zorzo@gmail.com>
Signed-off-by: Robin <39960884+robson90@users.noreply.github.com>
Signed-off-by: infl00pLabs <infl00p@gmail.com>
Signed-off-by: Ecron <ecron_89@hotmail.com>
Signed-off-by: Sylvain Pichon <service@spichon.fr>
Signed-off-by: 秉虎 <s96016641@gmail.com>
Co-authored-by: Alexander Schwartz <alexander.schwartz@gmx.net>
Co-authored-by: Arif EROL <arif.erol16@gmail.com>
Co-authored-by: Felipe Zorzo <felipe.b.zorzo@gmail.com>
Co-authored-by: Robin <39960884+robson90@users.noreply.github.com>
Co-authored-by: infl00pLabs <infl00p@gmail.com>
Co-authored-by: Ecron <ecron_89@hotmail.com>
Co-authored-by: Sylvain Pichon <service@spichon.fr>
Co-authored-by: 秉虎 <s96016641@gmail.com>
 2025-10-26 19:30:06 +01:00
Jon Koops
ee29c72ed6
Parallelize client scope tests for the admin console (#43675) 
Closes #43379

Signed-off-by: Jon Koops <jonkoops@gmail.com>
 2025-10-24 16:08:33 -04:00
rmartinc
84a3c29f2b Manage the error when the admin console reads the certificate info 
Closes #43547

Signed-off-by: rmartinc <rmartinc@redhat.com>
 2025-10-24 11:58:47 +02:00
Tamas Adam
2d2f0dafca
Added backchannelLogoutUserSessionFromClient and changed backchannelLogoutUserFromClient (#42557) 
Closes #42482

Signed-off-by: Tamas Adam <tom@lambdac.no>
Co-authored-by: Tom Adam <tom.adam@valg.no>
 2025-10-23 14:47:59 +00:00
Steven Hawkins
422eadecf4
fix: adding type validation and lazily adding cli options (#43467) 
* fix: adding type validation and lazily adding cli options

closes: #43466

Signed-off-by: Steve Hawkins <shawkins@redhat.com>

* consolidating empty value checking

Signed-off-by: Steve Hawkins <shawkins@redhat.com>

* stripping the smallrye code if possible

Signed-off-by: Steve Hawkins <shawkins@redhat.com>

---------

Signed-off-by: Steve Hawkins <shawkins@redhat.com>
 2025-10-23 13:46:35 +00:00
vramik
b5ed45f2a0 Ability to define workflows with YAML 
Closes #42687

Signed-off-by: vramik <vramik@redhat.com>
Co-authored-by: Pedro Igor <pigor.craveiro@gmail.com>
 2025-10-23 09:33:50 -03:00
vramik
b1c0c15ad5 Add validation for Workflwow, Condition and Steps fields 
Closes #43559

Signed-off-by: vramik <vramik@redhat.com>
 2025-10-23 09:33:35 -03:00
dependabot[bot]
c88e56707b Bump @types/node from 24.6.2 to 24.8.0 in /js 
Bumps [@types/node](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/node) from 24.6.2 to 24.8.0.
- [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases)
- [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/node)

---
updated-dependencies:
- dependency-name: "@types/node"
  dependency-version: 24.8.0
  dependency-type: direct:development
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 2025-10-23 09:32:20 -03:00
Pedro Igor
e4d4570404
Prevent the username field from being rendered when running the identity-first login flow 
Closes #43091

Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>
 2025-10-23 13:02:57 +02:00
Pedro Igor
6527b139dc
Do not lower-case username and email if users are not imported from LDAP 
Closes #43621

Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>
 2025-10-23 13:02:33 +02:00
Pedro Igor
2b785425fa Allow managing realm admin roles if the the realm-admin role is granted 
Closes #43579
Closes #43578

Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>
Co-authored-by: Vlasta Ramik <vramik@users.noreply.github.com>
 2025-10-23 08:02:05 -03:00
dependabot[bot]
2d526eaf16 Bump eslint from 9.36.0 to 9.37.0 in /js 
Bumps [eslint](https://github.com/eslint/eslint) from 9.36.0 to 9.37.0.
- [Release notes](https://github.com/eslint/eslint/releases)
- [Commits](https://github.com/eslint/eslint/compare/v9.36.0...v9.37.0)

---
updated-dependencies:
- dependency-name: eslint
  dependency-version: 9.37.0
  dependency-type: direct:development
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 2025-10-22 19:27:33 -03:00
dependabot[bot]
1d2afb63f5 Bump lightningcss from 1.30.1 to 1.30.2 in /js 
Bumps [lightningcss](https://github.com/parcel-bundler/lightningcss) from 1.30.1 to 1.30.2.
- [Release notes](https://github.com/parcel-bundler/lightningcss/releases)
- [Commits](https://github.com/parcel-bundler/lightningcss/compare/v1.30.1...v1.30.2)

---
updated-dependencies:
- dependency-name: lightningcss
  dependency-version: 1.30.2
  dependency-type: direct:development
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2025-10-22 18:22:40 -03:00
dependabot[bot]
a89d575091 Bump typescript from 5.9.2 to 5.9.3 in /js 
Bumps [typescript](https://github.com/microsoft/TypeScript) from 5.9.2 to 5.9.3.
- [Release notes](https://github.com/microsoft/TypeScript/releases)
- [Changelog](https://github.com/microsoft/TypeScript/blob/main/azure-pipelines.release-publish.yml)
- [Commits](https://github.com/microsoft/TypeScript/compare/v5.9.2...v5.9.3)

---
updated-dependencies:
- dependency-name: typescript
  dependency-version: 5.9.3
  dependency-type: direct:development
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2025-10-22 16:31:16 -03:00
dependabot[bot]
88659cd465 Bump rollup from 4.52.2 to 4.52.4 in /js 
Bumps [rollup](https://github.com/rollup/rollup) from 4.52.2 to 4.52.4.
- [Release notes](https://github.com/rollup/rollup/releases)
- [Changelog](https://github.com/rollup/rollup/blob/master/CHANGELOG.md)
- [Commits](https://github.com/rollup/rollup/compare/v4.52.2...v4.52.4)

---
updated-dependencies:
- dependency-name: rollup
  dependency-version: 4.52.4
  dependency-type: direct:development
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2025-10-22 15:17:29 -03:00
rmartinc
62f68b2f19 DPoP replay check should take clockSkew into account 
Closes #43505

Signed-off-by: rmartinc <rmartinc@redhat.com>
 2025-10-22 15:35:13 +02:00
Giuseppe Graziano
a25a0268de
Experimental feature for JWT Authorization Grant (#43624) 
Closes #43444

Signed-off-by: Giuseppe Graziano <g.graziano94@gmail.com>
 2025-10-22 15:34:33 +02:00
Stian Thorgersen
f6ac64907d
SPIFFE should support OIDC JWK endpoint (#43651) 
Closes #43650

Signed-off-by: stianst <stianst@gmail.com>
 2025-10-22 15:19:56 +02:00
dependabot[bot]
ab7b835e51 Bump @rollup/plugin-commonjs from 28.0.6 to 28.0.8 in /js 
Bumps [@rollup/plugin-commonjs](https://github.com/rollup/plugins/tree/HEAD/packages/commonjs) from 28.0.6 to 28.0.8.
- [Changelog](https://github.com/rollup/plugins/blob/master/packages/commonjs/CHANGELOG.md)
- [Commits](https://github.com/rollup/plugins/commits/commonjs-v28.0.8/packages/commonjs)

---
updated-dependencies:
- dependency-name: "@rollup/plugin-commonjs"
  dependency-version: 28.0.8
  dependency-type: direct:development
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2025-10-21 17:18:04 -03:00
dependabot[bot]
0c2c8c4830 Bump react-i18next from 16.0.0 to 16.0.1 in /js 
Bumps [react-i18next](https://github.com/i18next/react-i18next) from 16.0.0 to 16.0.1.
- [Changelog](https://github.com/i18next/react-i18next/blob/master/CHANGELOG.md)
- [Commits](https://github.com/i18next/react-i18next/compare/v16.0.0...v16.0.1)

---
updated-dependencies:
- dependency-name: react-i18next
  dependency-version: 16.0.1
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2025-10-21 17:17:30 -03:00
dependabot[bot]
2e7977cfa2 Bump vite from 7.1.7 to 7.1.10 in /js 
Bumps [vite](https://github.com/vitejs/vite/tree/HEAD/packages/vite) from 7.1.7 to 7.1.10.
- [Release notes](https://github.com/vitejs/vite/releases)
- [Changelog](https://github.com/vitejs/vite/blob/main/packages/vite/CHANGELOG.md)
- [Commits](https://github.com/vitejs/vite/commits/v7.1.10/packages/vite)

---
updated-dependencies:
- dependency-name: vite
  dependency-version: 7.1.10
  dependency-type: direct:development
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2025-10-21 17:17:10 -03:00
dependabot[bot]
8f7559329d Bump github/codeql-action from 3.30.6 to 4.30.8 
Bumps [github/codeql-action](https://github.com/github/codeql-action) from 3.30.6 to 4.30.8.
- [Release notes](https://github.com/github/codeql-action/releases)
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md)
- [Commits](64d10c1313...f443b600d9)

---
updated-dependencies:
- dependency-name: github/codeql-action
  dependency-version: 4.30.8
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
 2025-10-21 17:16:30 -03:00
dependabot[bot]
9726e0f940 Bump snyk/actions from 0.5.0 to 1.0.0 
Bumps [snyk/actions](https://github.com/snyk/actions) from 0.5.0 to 1.0.0.
- [Release notes](https://github.com/snyk/actions/releases)
- [Commits](de2dda699b...9adf32b112)

---
updated-dependencies:
- dependency-name: snyk/actions
  dependency-version: 1.0.0
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
 2025-10-21 17:07:46 -03:00
Stian Thorgersen
84a161d4dd
Extract related methods from IdentityProvider to UserIdentityProvider (#43535) 
Closes #43534

Signed-off-by: stianst <stianst@gmail.com>
 2025-10-21 14:27:07 +00:00
Alexander Schwartz
6080f21c64
Adding this as a breaking change plus deprecation 
Closes #43022

Signed-off-by: Alexander Schwartz <alexander.schwartz@ibm.com>
 2025-10-21 09:58:33 -03:00
Steven Hawkins
4443834d06
fix: refines how defaults are shown 
closes: #43421

Signed-off-by: Steve Hawkins <shawkins@redhat.com>
 2025-10-21 14:35:55 +02:00
Martin Bartoš
419afce847
Fix anchors in the documentation 
Closes #43084

Signed-off-by: Martin Bartoš <mabartos@redhat.com>
Signed-off-by: Alexander Schwartz <alexander.schwartz@ibm.com>
Co-authored-by: Václav Muzikář <vaclav@muzikari.cz>
Co-authored-by: Alexander Schwartz <alexander.schwartz@ibm.com>
 2025-10-21 12:33:32 +00:00
Pedro Igor
c5b560e2d8
Update user profile to allow returning a brief user representation 
Closes #42225

Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>
 2025-10-21 12:52:31 +02:00