External-Mirrors/keycloak
2
0
Fork 0
mirror of https://github.com/keycloak/keycloak.git synced 2026-01-10 15:32:05 -03:30
Code Issues Packages Projects Releases Wiki Activity
26,958 Commits 26 Branches 288 Tags
Commit Graph

1040 Commits

Author SHA1 Message Date
vramik
044807f162 [FGAP] Create new internal client which would hold the authorization objects for feature V2 
Closes #34565

Signed-off-by: vramik <vramik@redhat.com>
 2024-12-05 11:56:13 -03:00
Thomas Darimont
f61937f3d9
Prefer usage of StandardCharsets.UTF_8 over "UTF-8" charset reference 
Fixes #35080

Signed-off-by: Thomas Darimont <thomas.darimont@googlemail.com>
Signed-off-by: Alexander Schwartz <aschwart@redhat.com>
Co-authored-by: Alexander Schwartz <aschwart@redhat.com>
 2024-11-25 10:45:37 +00:00
vramik
440e81c8b9 Add a realm-level setting to enable FGAP to a realm 
Closes #34920

Signed-off-by: vramik <vramik@redhat.com>
 2024-11-19 09:59:34 -03:00
Awambeng
cfd187b0ff
Introduce SdJwtFacade layer for simplified SD-JWT handling and enhance test coverage (#34915) 
Closes #32955

Signed-off-by: Awambeng Rodrick <awambengrodrick@gmail.com>
 2024-11-15 15:20:10 +01:00
rmartinc
c1d4dad4dc Avoid MRJAR in keycloak-core 
Closes #34630

Signed-off-by: rmartinc <rmartinc@redhat.com>
 2024-11-15 15:16:56 +01:00
vramik
9050172448 [FGAP] First draft of Authorization Schema 
Closes #34569

Signed-off-by: vramik <vramik@redhat.com>
 2024-11-14 07:52:37 -03:00
Pedro Igor
d04f7900f5 added membershipType to members list and membership type filter 
Signed-off-by: Agnieszka Gancarczyk <agagancarczyk@gmail.com>
 Co-authored-by: Pedro Igor <pigor.craveiro@gmail.com>
 Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>

Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>
 2024-11-12 09:13:18 -03:00
Marek Posolda
92d9ac6621
Update KEYCLOAK_SESSION cookie to not have sessionId in plaintext (#34551) 
closes #34026

Signed-off-by: mposolda <mposolda@gmail.com>
 2024-11-11 18:47:18 +01:00
rmartinc
e6ffc04cac Do not calculate thumbprints for certificates if not needed 
Closes #34776

Signed-off-by: rmartinc <rmartinc@redhat.com>
 2024-11-11 10:37:05 +01:00
Pedro Igor
0a05ba49d1 Adding a details map to admin events to store additional contextual data when the event is fired 
Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>
 2024-11-07 17:19:43 -03:00
Robert Rieser
42fcc64bac issue-34013: Added a representation that includes an organization and user model, as well as included it in the event body for removing and adding of members to an organization 
https://github.com/keycloak/keycloak/issues/34013

Signed-off-by: Robert Rieser <Robert.Rieser@degoya.studio>
 2024-11-07 17:19:43 -03:00
Thomas Darimont
3315ea718a Add ability to enable OID4VCI Verifiable Credentials per realm (#34524) 
- Added new realm property verifiableCredentialsEnabled
- Updated RealmRepresentation
- Guarded route to Oid4VCI page
- Add boolean switch to Realm settings page to control Verifiable Credentials enablement
- We now only show the Verifiable Credentials page in the nave if the "Verifiable Credentials" realm setting is enabled.

Fixes #34524

Signed-off-by: Thomas Darimont <thomas.darimont@googlemail.com>
 2024-11-04 14:58:30 +01:00
Ingrid Kamga
c4d6979907
Scaffold verification of SD-JWT VP token (#29859) (#33752) 
Closes #29859

Signed-off-by: Ingrid Kamga <Ingrid.Kamga@adorsys.com>
 2024-10-25 14:49:25 +02:00
Gilvan Filho
c4005d29f0 add linear strategy to brute force 
closes #25917

Signed-off-by: Gilvan Filho <gilvan.sfilho@gmail.com>
 2024-10-22 10:33:22 -03:00
rmartinc
6d52520730 Load client keys using SubjectPublicKeyInfo and upload jwks type into the jwks attributes for OIDC ones 
Closes #33820

Signed-off-by: rmartinc <rmartinc@redhat.com>
 2024-10-22 14:24:15 +02:00
Pascal Knüppel
41ee68611f
Allow to create EC certificates if new EC-key-provider is created (#31843) 
Closes #31842

Signed-off-by: Pascal Knüppel <pascal.knueppel@governikus.de>
 2024-10-17 16:05:59 +02:00
Thomas Darimont
40bdc902f0 Use account-console client for server-side auth check 
Also generate PKCE verifier and use challenge parameters

Signed-off-by: Thomas Darimont <thomas.darimont@googlemail.com>
 2024-10-17 07:53:20 -03:00
Thomas Darimont
729417b20a Use account-console client for server-side auth check 
- Also generate PKCE verifier and use challenge parameters

Signed-off-by: Thomas Darimont <thomas.darimont@googlemail.com>
 2024-10-17 07:53:20 -03:00
Ogen Bertrand
304da50efc
Implement SdJwtVP.of(String) with enhanced error handling 
This update includes validation for missing disclosures, duplicate disclosure digests, and malformed disclosure data, improving overall robustness and error handling during disclosure processing.

Closes #33020

Signed-off-by: Ogenbertrand <ogenbertrand@gmail.com>
 2024-10-07 16:40:54 +02:00
Maksim Zvankovich
35eba8be8c Add option to include the organization id in the organization claims 
Closes #32746

Signed-off-by: Maksim Zvankovich <m.zvankovich@nexovagroup.eu>
Co-authored-by: Stefan Guilhen <sguilhen@redhat.com>
 2024-10-03 08:11:36 -03:00
vramik
c1653448f3 [Organizations] Allow orgs to define the redirect URL after user registers or accepts invitation link 
Closes #33201

Signed-off-by: vramik <vramik@redhat.com>
 2024-10-02 07:37:48 -03:00
rmartinc
c532751ff4 Downgrade Java for client libraries to 8 
Closes #33051

Signed-off-by: rmartinc <rmartinc@redhat.com>
 2024-09-20 17:01:01 +02:00
Pedro Ruivo
f67bec0417 Rename remote-cache Feature 
Renamed to "clusterless"

Closes #32596

Signed-off-by: Pedro Ruivo <pruivo@redhat.com>
 2024-09-13 13:03:13 +02:00
Stefan Guilhen
e7a4635620 Filter out org brokers from the account console 
- org-linked brokers should not be available for login
- prepare the endpoint for search/pagination

Closes #31944

Signed-off-by: Stefan Guilhen <sguilhen@redhat.com>
 2024-09-04 09:00:52 -03:00
mposolda
dad4477995 Remove keycloak-core and keycloak-crypto-default from SAML galleon feature pack and upgrade them to Java 17 
closes #32586

Signed-off-by: mposolda <mposolda@gmail.com>
 2024-09-03 15:58:57 +02:00
keshavprashantdeshpande
058c2717a0
Add setter for frontChannelLogoutSupported and frontChannelLogoutSessionSupported (#32532) 
Closes  #30178

Signed-off-by: keshavprashantdeshpande <vaidehidabir@gmail.com>
 2024-09-02 12:18:01 +00:00
Erik Jan de Wit
776a491989
added organizations table to account (#32311) 
* added organizations table to account

Signed-off-by: Erik Jan de Wit <erikjan.dewit@gmail.com>
Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>
Co-authored-by: Pedro Igor <pigor.craveiro@gmail.com>
 2024-08-22 15:44:03 -03:00
Pedro Igor
eeae50fb43 Make sure federationLink always map to the storage provider associated with federated users 
Closes #31670

Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>
 2024-08-20 11:27:22 +02:00
Stefan Guilhen
f82159cf65 Rework logic to fetch IDPs for the login page so that IDPs are fetched from the provider and not filtered in code. 
Closes #32090

Signed-off-by: Stefan Guilhen <sguilhen@redhat.com>
 2024-08-19 09:06:35 -03:00
mposolda
54a538b3ad Update RolePolicyRepresentation fields from 'boolean' to 'Boolean' 
closes #32117

Signed-off-by: mposolda <mposolda@gmail.com>
 2024-08-14 13:11:06 +02:00
rmartinc
2a06e1a6db Add SHAKE256 hash provider for Ed448 
Closes #31931

Signed-off-by: rmartinc <rmartinc@redhat.com>
 2024-08-08 17:36:54 +02:00
Justin Tay
966a454548
Add ECDH-ES JWE Algorithm Provider, Add generated ECDH key provider (#23928) 
Closes #23596
Closes #23597

Signed-off-by: Justin Tay <49700559+justin-tay@users.noreply.github.com>
 2024-08-08 17:29:35 +02:00
Pascal Knüppel
bf951a5554
Fix certificate creation with cross-keys (#31866) 
fixes #31864

Signed-off-by: Pascal Knüppel <pascal.knueppel@governikus.de>
 2024-08-07 12:41:12 +02:00
Ingrid Kamga
36a141007e
Implement advanced verification of SD-JWT in Keycloak (#30966) 
closes #30907

Signed-off-by: Ingrid Kamga <Ingrid.Kamga@adorsys.com>
 2024-08-05 11:50:03 +02:00
Pascal Knüppel
4a15e1c2b0
Support certificate creation for EC keys (#31817) 
fixes #31816

Signed-off-by: Captain-P-Goldfish <captain.p.goldfish@gmx.de>
 2024-08-02 11:52:48 +02:00
Pascal Knüppel
94784182df
Implement DPoP for all grantTypes (#29967) 
fixes #30179
fixes #30181


Signed-off-by: Pascal Knüppel <captain.p.goldfish@gmx.de>
Signed-off-by: Pascal Knüppel <pascal.knueppel@governikus.de>
 2024-07-29 16:30:54 +02:00
Pascal Knüppel
b20123dcdc Add x5c and jwk as optional params to JWSBuilder and JWSHeader 
Signed-off-by: Pascal Knüppel <pascal.knueppel@governikus.de>
 2024-07-29 09:25:02 +02:00
vramik
649b35929e Make sure users created through a registration link are managed members 
Closes #30743

Signed-off-by: vramik <vramik@redhat.com>
 2024-07-25 04:30:13 -03:00
Pascal Knüppel
018a0802bc
Remove java.util.Date from VerifiableCredential (#30920) 
closes #30918

Signed-off-by: Pascal Knüppel <pascal.knueppel@governikus.de>
Signed-off-by: Captain-P-Goldfish <captain.p.goldfish@gmx.de>
 2024-07-18 09:52:02 +02:00
Martin Kanis
e5848bdcf9 Cannot set unmanagedAttributePolicy without profile attributes 
Closes #31153

Signed-off-by: Martin Kanis <mkanis@redhat.com>
 2024-07-17 09:53:59 -03:00
mposolda
1864cf1827 Offline tokens created in Keycloak 14 or earlier will not work on Keycloak 25 
closes #31224

Signed-off-by: mposolda <mposolda@gmail.com>
 2024-07-15 18:30:35 +02:00
mposolda
3c3f59f861 Move some server related logic from info representation classes to server codebase 
Signed-off-by: mposolda <mposolda@gmail.com>
 2024-06-27 11:00:30 +02:00
Douglas Palmer
5af3001122 Check if OSGI metadata can be removed entirely 
Closes #29104

Signed-off-by: Douglas Palmer <dpalmer@redhat.com>
 2024-06-25 14:12:33 +02:00
Andre F de M
0f061a75e2 Issue: 26568 - bcfips version bump and fixes 
* bump BCFIPS to 1.0.2.5
               * fix bc-fips related test error
               * remove unused imports

               Closes: #26568

Signed-off-by: Andre F de M <trixpan@users.noreply.github.com>
 2024-06-25 11:07:27 +02:00
Jon Koops
df18629ffe
Use a default Java version from root POM (#29927) 
Signed-off-by: Jon Koops <jonkoops@gmail.com>
 2024-06-21 14:19:31 +02:00
Pedro Igor
a0ad680346 Adding an alias to organization and exposing them to templates 
Closes #30312
Closes #30313

Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>
 2024-06-20 14:36:14 -03:00
rmartinc
c51640546d Improvements for ldap test authentication 
Closes #30434

Signed-off-by: rmartinc <rmartinc@redhat.com>
 2024-06-15 10:01:24 +02:00
Jon Koops
c7361ccf6e
Run the Vite dev server through the Keycloak server (#27311) 
Closes #19750
Closes #28643
Closes #30115

Signed-off-by: Jon Koops <jonkoops@gmail.com>
 2024-06-12 11:55:14 +02:00
Patrick Jennings
75925dcf6c
Client type configuration inheritance (#30056) 
closes #30213 

Signed-off-by: Patrick Jennings <pajennin@redhat.com>
 2024-06-10 18:59:08 +02:00
mposolda
0bf613782f Updating client policies in JSON editor is buggy. Attempt to update global client policies should throw the error 
closes #30102

Signed-off-by: mposolda <mposolda@gmail.com>
 2024-06-05 13:55:02 +02:00