External-Mirrors/keycloak
2
0
Fork 0
mirror of https://github.com/keycloak/keycloak.git synced 2026-01-09 23:12:06 -03:30
Code Issues Packages Projects Releases Wiki Activity
26,590 Commits 26 Branches 288 Tags
Commit Graph

26590 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Pedro Igor
cc64375c88
Allow returning attributes when querying organizations 
Closes #34590

Signed-off-by: Himanshi Gupta <higupta@redhat.com>
Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>
Co-authored-by: Himanshi Gupta <higupta@redhat.com>
 2024-11-22 11:50:28 +01:00
AndyMunro
17863d1d4f Address QE comments on Server Admin Guide 
Closes #34916

Signed-off-by: AndyMunro <amunro@redhat.com>
(cherry picked from commit 205898baf35fd3f81e39e28b935b2f0eed02a91b)
 2024-11-22 11:46:26 +01:00
Steven Hawkins
13833fd221
fix: ensures that properties are runtime properties are filtered (#209) 
closes: #CVE-2024-10451

Signed-off-by: Steve Hawkins <shawkins@redhat.com>
 2024-11-18 11:32:48 +01:00
Peter Zaoral
7bdc16f029
fix: prevent inclusion of characters that could lead to FileVault path traversal (#212) 
Closes: #211

Signed-off-by: Peter Zaoral <pzaoral@redhat.com>
Co-authored-by: Václav Muzikář <vmuzikar@redhat.com>
 2024-11-18 09:27:50 +01:00
Steven Hawkins
6a10c0e345
fix: returning addresses instead of hosts on the ClientConnection (#208) 
also consolidates checks of whether a host or address is local

closes: #CVE-2024-9666

Signed-off-by: Steve Hawkins <shawkins@redhat.com>
 2024-11-18 09:25:44 +01:00
Douglas Palmer
b956819187
EMBARGOED CVE-2024-10270 org.keycloak/keycloak-services: Keycloak Denial of Service (#214) 
Closes #CVE-2024-10270

Signed-off-by: Douglas Palmer <dpalmer@redhat.com>
 2024-11-14 09:47:04 +01:00
Václav Muzikář
ba9d0c364c
Update docs with security warning around client certificate lookup (#213) 
Closes #203

Signed-off-by: Václav Muzikář <vmuzikar@redhat.com>
 2024-11-13 16:18:20 +01:00
Agnieszka Gancarczyk
c15bc7c47b
Backport to make improvements for translations (#34878) 
Signed-off-by: Agnieszka Gancarczyk <agagancarczyk@gmail.com>
 2024-11-13 12:36:31 +01:00
andymunro
90bd3661b6
Update installation locations (#34871) 
Closes #34855

Signed-off-by: AndyMunro <amunro@redhat.com>
Signed-off-by: Alexander Schwartz <aschwart@redhat.com>
Co-authored-by: Alexander Schwartz <aschwart@redhat.com>
(cherry picked from commit 3ca3a4ad349b4d457f6829eaf2ae05f1e01408be)
 2024-11-13 12:34:54 +01:00
andymunro
495ddb8673
Update Leveraging Jakarta EE (#34901) 
Closes #34873

Signed-off-by: AndyMunro <amunro@redhat.com>
(cherry picked from commit e63cdd0539fc01964b9aecc16fef1547e5eda64f)
 2024-11-13 12:34:32 +01:00
andymunro
c27a55d797
Address QE comments on HA guide (#34902) 
Closes #34887

Signed-off-by: AndyMunro <amunro@redhat.com>
(cherry picked from commit 2201241949f899ef5f963bae60f4d0a23f0c6709)
 2024-11-13 12:33:39 +01:00
Lukas Hanusovsky
a4993bb87c
Surefire artifacts - updating names for Quarkus IT and UT. (#34908) 
Signed-off-by: Lukas Hanusovsky <lhanusov@redhat.com>
 2024-11-13 12:31:19 +01:00
Erik Jan de Wit
12890936cb
add brute force enabled so we can render switch (#34282) (#34476) 
fixes: #34065

Signed-off-by: Erik Jan de Wit <erikjan.dewit@gmail.com>
(cherry picked from commit 4d25128018305f9b7fadc692d6e370b663402a68)
 2024-11-12 10:51:19 +01:00
Erik Jan de Wit
9b0fad6581
changed to use TextArea (#34539) (#34688) 
fixes: #34201

Signed-off-by: Erik Jan de Wit <erikjan.dewit@gmail.com>
(cherry picked from commit e4101b1b6167fa77070e5375e077ade7be64b40f)
 2024-11-12 10:49:09 +01:00
Pedro Igor
5c9f1837d7
Added a representation that includes an organization and user model 
Closes #34013

Signed-off-by: Robert Rieser <Robert.Rieser@degoya.studio>
Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>
Co-authored-by: Robert Rieser <Robert.Rieser@degoya.studio>
 2024-11-12 10:12:51 +01:00
Erik Jan de Wit
a3549f465e
Revise help icons for WebauthnPolicy settings (#34465) (#34466) (#34690) 
- Add missing icons with help labels
- Use correct help text for webAuthnPolicyCreateTimeout

Fixes #34465

Signed-off-by: Thomas Darimont <thomas.darimont@googlemail.com>
(cherry picked from commit e41ca1f579653ed49386b0997f767ae8c89563ba)

Co-authored-by: Thomas Darimont <thomas.darimont@googlemail.com>
 2024-11-11 23:00:46 +01:00
Pedro Igor
80c17f8392 Better message when updating users when import is disabled 
Closes #31456

Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>
 2024-11-11 22:41:30 +01:00
Jonas Suter
fd7125c769 Strip Double Quotes from Request Content in Organization API 
Closes #34401

Signed-off-by: Jonas Suter <jonas_suter@gmx.ch>
(cherry picked from commit 35b425736a5b14a0fdf10bcbde9864d16dcc74a8)
 2024-11-11 11:44:28 -03:00
Achim Rolle
5aa874eab1 Fix credential_type in update/remove credential email template 
Closes #34687

Signed-off-by: Achim Rolle <achim.rolle@aoe.com>
Signed-off-by: rmartinc <rmartinc@redhat.com>
Co-authored-by: rmartinc <rmartinc@redhat.com>
(cherry picked from commit 83065b85a2e0b838c6ce93c94c138604117c29b0)
 2024-11-08 07:46:28 +01:00
Stefan Guilhen
8df4e88665 Add Lets Encrypt intermediate CAs to keycloak.truststore 
- certificates used by stackexchange (stackoverflow social login)

Closes #27856

Signed-off-by: Stefan Guilhen <sguilhen@redhat.com>
(cherry picked from commit f7d9ef890f4ca6f4de9d4b60fabbfe990e6c3c50)
 2024-11-07 15:05:59 -03:00
Stefan Guilhen
227cb96de1 Guard against NPE by checking if caches are null in InfinispanOrganizationProvider 
- caches can be disabled and the provider has to check if they are set when using them

Closes #34603

Signed-off-by: Stefan Guilhen <sguilhen@redhat.com>
(cherry picked from commit e28b88bc0217aa793b58517b31d24dd6fc8eac60)
 2024-11-07 15:05:40 -03:00
Jon Koops
beb548adfe
Fix broken JavaScript adapter tests when running in cross-origin context (#34753) 
Closes #23732

Signed-off-by: Jon Koops <jonkoops@gmail.com>
Signed-off-by: rmartinc <rmartinc@redhat.com>
Co-auhored-by: rmartinc <rmartinc@redhat.com>
(cherry picked from commit 82ad09b649fcd89b2ba7e6f5b4b312353965d879)
 2024-11-07 16:42:11 +00:00
Erik Jan de Wit
3e067810b5
fixed link to documentation (#34613) (#34689) 
fixes: #34519

Signed-off-by: Erik Jan de Wit <erikjan.dewit@gmail.com>
(cherry picked from commit 1718a3ee94598fb9111deb5116a20d7ed893676c)
 2024-11-07 14:21:18 +01:00
Stefan Guilhen
a5daed4bd9 Remove Provider annotation along with default constructors from org resources 
Closes #34335

Signed-off-by: Stefan Guilhen <sguilhen@redhat.com>
(cherry picked from commit 2e51775accd4cbc0c7cdb2145c8f6199402cdee6)
 2024-11-07 10:12:53 -03:00
Lukas Hanusovsky
dd7ce67647
Surefire reports - support 26.0 release branch 
Closes #34681

Signed-off-by: Lukas Hanusovsky <lhanusov@redhat.com>
(cherry picked from commit 5ba1efc858372dbdada37b2a744977fe9dfcaed3)
 2024-11-07 12:43:26 +00:00
Kamesh Akella
22cc1194e7
update the sizing guide with the correct instance type 
Closes #34315

update the sizing guide with the correct instance type used in the Keycloak benchmark tests.

Signed-off-by: Kamesh Akella <kamesh.asp@gmail.com>
 2024-11-07 09:22:39 +01:00
Václav Muzikář
e11e019e83
fix: mark slf4j as not optional for the operator (#32652) (#34699) 
closes: #32651

Signed-off-by: Steve Hawkins <shawkins@redhat.com>
Co-authored-by: Steven Hawkins <shawkins@redhat.com>
 2024-11-07 08:10:24 +01:00
Jon Koops
9f55393dc9
Use a weekly cache key for PNPM store (#34656) (#34691) 
Closes #34655

Signed-off-by: Jon Koops <jonkoops@gmail.com>
 2024-11-06 17:50:25 +01:00
Pedro Ruivo
fd6fce169d cache-embedded-mtls-enabled is ignored 
Fixes #34644

Signed-off-by: Pedro Ruivo <pruivo@redhat.com>
 2024-11-05 18:58:00 +01:00
Erik Jan de Wit
282ad88c18
fix bundling issues (#34387) (#34648) 
fixes: #34386

Signed-off-by: Erik Jan de Wit <erikjan.dewit@gmail.com>
(cherry picked from commit 28c469cf2c4277c751bf36b9b37b24ecdb0c0c36)
 2024-11-05 08:20:41 -05:00
Erik Jan de Wit
1397f7f274
added required attribute to multiline (#34336) (#34477) 
fixes: #32786

Signed-off-by: Erik Jan de Wit <erikjan.dewit@gmail.com>
(cherry picked from commit 2e8b01aec1ed9f91b78441d9155db4a8a5207e09)
 2024-11-05 08:09:07 -05:00
Alexander Schwartz
c9d916cc17 Fixing explicit Anchor for downstream 
Closes #34634

Signed-off-by: Alexander Schwartz <aschwart@redhat.com>
 2024-11-04 18:27:27 +01:00
Alexander Schwartz
47e1e7a890 Fixing cross-references between guides 
Closes #34624

Signed-off-by: Alexander Schwartz <aschwart@redhat.com>
 2024-11-04 16:11:21 +01:00
mposolda
4938a8e563 Make documentation more clear that keycloak javascript adapter and node.js adapter are OIDC 
closes #34570

Signed-off-by: mposolda <mposolda@gmail.com>
(cherry picked from commit d80cb010ff087401569ec9c6dd544e0e6f0e5683)
 2024-11-04 13:12:19 +01:00
Stefan Guilhen
1792bd18a0 Add checks to prevent GroupLDAPStorageMapper from performing operations on groups it does not manage 
Closes #11008
Closes #17593
Closes #19652

Signed-off-by: Stefan Guilhen <sguilhen@redhat.com>
(cherry picked from commit af434d6bc1ae904da2538f207bf5313098757114)
 2024-11-04 08:47:34 +01:00
Václav Muzikář
18968b98b9 Fix Quarkus dev mode (#34550) 
Closes #34549

Signed-off-by: Václav Muzikář <vmuzikar@redhat.com>
(cherry picked from commit 9a7cfb38ac7fc238d9d35f81df4c675adb5189ac)
 2024-11-01 16:04:23 +01:00
Pedro Igor
81ce113f8a Do not rely on the pwdLastSet attribute when updating AD entries 
Closes #34467

Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>
 2024-10-31 16:07:09 +01:00
Alexander Schwartz
18dbf8924f
Remove inaccurate statement about master realm imports (#34544) 
This is supported since 26.0.0

Closes #34301

Signed-off-by: maxhov <14804474+maxhov@users.noreply.github.com>
Co-authored-by: Max Hovens <14804474+maxhov@users.noreply.github.com>
 2024-10-31 13:31:40 +01:00
Stefan Guilhen
07a92c54f4 Add validChecksum to jpa-changelog-26.0.0.xml 
Closes #34450

Signed-off-by: Stefan Guilhen <sguilhen@redhat.com>
 2024-10-31 09:28:07 -03:00
Stefan Guilhen
6c4f8619d3 Ensure hide_on_login has the default value set to 0 on MSSQL 
Closes #34450

Signed-off-by: Stefan Guilhen <sguilhen@redhat.com>
(cherry picked from commit ac258447317d3e52a3d44b98f58ab73e42f59a87)
 2024-10-31 09:28:07 -03:00
Václav Muzikář
f59aae2b47
Remove not needed Quarkus dependencies related to Dev UI services (#34309) (#34534) 
Closes #34308

Signed-off-by: Václav Muzikář <vmuzikar@redhat.com>
(cherry picked from commit abb7c414abec3b30bf9a8bd552caaa20e3e3f206)
 2024-10-31 10:24:35 +01:00
Erik Jan de Wit
6dbe8f7813
also call onToggle on open changed (#33813) (#34481) 
fixes: #31415

Signed-off-by: Erik Jan de Wit <erikjan.dewit@gmail.com>
(cherry picked from commit 624817bdc1ba410307e5986ebacef13ce8bd82b6)
 2024-10-30 16:01:50 +00:00
Erik Jan de Wit
5e67addd8c
more space for the title override PF style (#33746) (#34480) 
* more space for the title override PF style

fixes: #33607
Signed-off-by: Erik Jan de Wit <erikjan.dewit@gmail.com>

* changed to percentages

Signed-off-by: Erik Jan de Wit <erikjan.dewit@gmail.com>

---------

Signed-off-by: Erik Jan de Wit <erikjan.dewit@gmail.com>
(cherry picked from commit d1504e46573b864ba2d8ec4bea58a82c4c879c02)
 2024-10-30 16:01:30 +00:00
Erik Jan de Wit
58c7957f49
added possible override (#34479) 
fixes: #33640

Signed-off-by: Erik Jan de Wit <erikjan.dewit@gmail.com>
(cherry picked from commit c5d26bd45d5ea669be3120a1699758011f4ee906)
 2024-10-30 16:00:16 +00:00
Erik Jan de Wit
d145c54a99
fixed key of policy group help (#34332) (#34478) 
fixes: #33618

Signed-off-by: Erik Jan de Wit <erikjan.dewit@gmail.com>
(cherry picked from commit 27677a043234095aec11733946cea7b88bae6aa2)
 2024-10-30 15:59:31 +00:00
Martin Bartoš
12ff16e2ba
Add oracle dependency required for IDELauncher 
Closes #33627

Signed-off-by: Alexander Schwartz <aschwart@redhat.com>
(cherry picked from commit 988af11a3958fd8a2cb5c8b91a6b2bf0d0940715)

Co-authored-by: Alexander Schwartz <aschwart@redhat.com>
 2024-10-29 11:24:14 +00:00
Jon Koops
ec578c0f9e
Automatically retrieve configuration for authorization (#34044) (#34097) 
Closes #14562

Signed-off-by: Jon Koops <jonkoops@gmail.com>
(cherry picked from commit 7657e71be17b18d4a2f3505e0d48401a8f251df3)
 2024-10-29 10:41:31 +01:00
Steven Hawkins
1b9bf5d225
fix: upgrading angus mail to 2.0.3 (#34316) (#34392) 
closes: #33798

Signed-off-by: Steve Hawkins <shawkins@redhat.com>
(cherry picked from commit dbc2ab3cd060ee34a947722ed9c119fdf24c8762)
 2024-10-29 10:38:22 +01:00
Pedro Igor
f196e8892d
Implement pagination for getLDAPRoleMappings (#34043) (#34409) 
* Implement pagination for getLDAPRoleMappings

On Active Directory, allow to retrieve more groups than the MaxPageSize
(default to 1000). Without this patch, we need to increase the
MaxPageSize which does not really scale. Implemented only for the
LoadRolesByMember startegy.

Closes #34042

Signed-off-by: Alexi Vandevoorde <alexi@vandevoor.de>
Co-authored-by: Alexi Vandevoorde <alexi.vandevoorde@gmail.com>
 2024-10-29 10:37:25 +01:00
Stefan Guilhen
5b904db437 Check if LDAPObject is available from a previously cached proxied user 
Closes #34412

Signed-off-by: Stefan Guilhen <sguilhen@redhat.com>
(cherry picked from commit d66030fcadf48eab8b2f8dc34a3d30921283c5e3)
 2024-10-28 20:04:33 -03:00