External-Mirrors/keycloak
2
0
Fork 0
mirror of https://github.com/keycloak/keycloak.git synced 2026-01-10 15:32:05 -03:30
Code Issues Packages Projects Releases Wiki Activity
28,060 Commits 26 Branches 288 Tags
Commit Graph

125 Commits

Author SHA1 Message Date
Marek Posolda
025b2ba442
Introducing IdpLinkAction as AIA to replace client-initiated account linking (#38952) 
closes #37269
closes #35446

Signed-off-by: mposolda <mposolda@gmail.com>


Co-authored-by: andymunro <48995441+andymunro@users.noreply.github.com>
Signed-off-by: Marek Posolda <mposolda@gmail.com>
 2025-04-17 13:20:05 +02:00
vramik
bd58b70447 Test coverage for count methods when filtering 
Closes #38692

Signed-off-by: vramik <vramik@redhat.com>
 2025-04-15 15:31:02 -03:00
Martin Bartoš
83001e4024
OTelHttpClientFactory not configured properly when tracing enabled 
Closes #38740

Signed-off-by: Martin Bartoš <mabartos@redhat.com>
 2025-04-08 17:04:23 +00:00
vramik
602258d935 [FGAP] Switch the feature from Experimental to Supported 
Closes #38651

Signed-off-by: vramik <vramik@redhat.com>
 2025-04-08 13:00:47 -03:00
Pedro Igor
79b533ee02
Allow managing client authorization settings is manage scope is granted for clients 
Closes #38726

Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>
 2025-04-08 13:07:48 +02:00
Pedro Igor
be880ae204
Do not cache partial results when FGAP is enabled 
Closes #38705

Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>
 2025-04-08 08:22:22 +02:00
Pedro Igor
87430fc181
Add impersonate-members scope to group resource type 
Closes #38566

Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>
 2025-04-07 14:56:27 +00:00
Pedro Igor
d98ca0a2a2
Make sure searches by identifiers are filtered 
Closes #38679

Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>
 2025-04-07 14:59:43 +02:00
Lukas Hanusovsky
f5323fec24
[Test framework] AdminConsoleWhoAmILocaleTest migration (#38158) 
* Moving files to the new test suite

Signed-off-by: Lukas Hanusovsky <lhanusov@redhat.com>

* Move AdminConsoleWhoAmILocaleTest.java, DeclarativeUserTest.java to the new testsuite

Part of: #34494

Signed-off-by: Lukas Hanusovsky <lhanusov@redhat.com>

---------

Signed-off-by: Lukas Hanusovsky <lhanusov@redhat.com>
 2025-04-07 12:45:52 +02:00
Šimon Vacek
2f852b4b9a
Move ClientRolesTest to the new testsuite (#38505) 
Part of: #34494

Signed-off-by: Simon Vacek <simonvacky@email.cz>
 2025-04-07 12:34:49 +02:00
vramik
6488890585 [FGAP:V2] remove configure scope from Client resource type 
Closes #38567

Signed-off-by: vramik <vramik@redhat.com>
 2025-04-07 07:05:02 -03:00
Pedro Igor
e5ff19b327
Adding missing fgap filtering to user count methods 
Closes #38510

Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>
 2025-04-04 14:21:57 +02:00
Pedro Igor
9f079f7874
Permission checks that do not check a specific client should check the permissions granted to the client resource type 
Closes #38653

Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>
 2025-04-03 17:00:47 +00:00
vramik
8127a9da60 [FGAP] Allow user creation when the admin has permission to manage-members and manage-membership for all existing groups defined in UserRepresentation 
Closes #38269

Signed-off-by: vramik <vramik@redhat.com>
 2025-04-03 12:08:46 -03:00
Pedro Igor
dbb0179a93 Aligning partial evaluation with the outcome from regular evaluations 
Closes #38626

Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>
 2025-04-03 12:07:30 -03:00
Pedro Igor
29d3dcb49a
Do not allow delete the FGAP client 
Closes #38644

Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>
 2025-04-03 14:57:06 +02:00
vramik
f12fa0b5bb [FGAP] remove transitiveness from auth scopes 
Closes #38557

Signed-off-by: vramik <vramik@redhat.com>
 2025-04-02 16:56:25 -03:00
Pedro Igor
61cb0acbc4 Fixing inconsistencies when evaluating permission in the evaluation tab 
Closes #38498

Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>
 2025-04-01 11:40:27 -03:00
Václav Muzikář
2a0ce46471
Prevent frontend endpoint redirect to admin endpoint (#38464) 
Closes #38463

Signed-off-by: Václav Muzikář <vmuzikar@redhat.com>
 2025-03-28 18:44:43 +01:00
Pedro Igor
78aa8b486f User not visible when permission with different scope exists 
Closes #38369

Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>
 2025-03-27 08:01:04 -03:00
Pedro Igor
75651ff5c0 Partial evaluation processing only permissions with scope view 
Closes #38436

Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>
 2025-03-27 08:01:04 -03:00
Pedro Igor
26c90f369f Support for partial evaluation for clients 
Closes #38393

Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>
 2025-03-25 09:04:12 -03:00
Pedro Igor
1c57035d41 Support partial evaluation for the group resource type 
Closes #38273

Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>
 2025-03-24 11:49:53 -03:00
vramik
a72d15b857 PartialEvaluator ignores view-* and manage-* roles 
Closes #38284

Signed-off-by: vramik <vramik@redhat.com>
 2025-03-24 08:30:59 -03:00
Sebastian Rose
4fb1c41155 Sending Mails via SMTP and XOAUTH2 authentication mechanism 
Closes #17432

Signed-off-by: Sebastian Rose <sebastian.rose@gmail.com>
 2025-03-21 10:12:18 +01:00
Pedro Igor
ed809d7884 Filtering not working when using view-member permission with a permission that denies access to a resource 
Closes #38304

Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>
 2025-03-20 17:06:51 -03:00
Stian Thorgersen
d7e3d480fb
Sort test classes by server config (#38215) 
Signed-off-by: stianst <stianst@gmail.com>
 2025-03-20 10:41:31 +01:00
Giuseppe Graziano
5a0c68e624 Remove deprecated TokenExchangeRequest.additionalParameters() 
Closes #37925

Signed-off-by: Giuseppe Graziano <g.graziano94@gmail.com>
 2025-03-19 21:30:30 +01:00
Pedro Igor
a4000575a4 Initial support for partial evaluation 
Closes #38085

Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>
 2025-03-19 13:30:52 -03:00
Stian Thorgersen
ccbc1fa9ab
Simplify TimeOffsetTest to just check time is set, rather than using events which is expensive 
Closes #38180

Signed-off-by: stianst <stianst@gmail.com>
 2025-03-18 15:28:05 +00:00
Simon Vacek
546724ddf8 Move AdminEventTest.java, LoginEventsTest.java to the new testsuite 
Part of: #34494

Signed-off-by: Simon Vacek <simonvacky@email.cz>

# Conflicts:
#	test-framework/core/src/main/java/org/keycloak/testframework/realm/RealmConfigBuilder.java
 2025-03-17 12:38:57 +01:00
Simon Vacek
d6561cff1b Moving files to the new test suite 
Signed-off-by: Simon Vacek <simonvacky@email.cz>
 2025-03-17 12:38:57 +01:00
Simon Vacek
723f191a86 Move InitialAccessTokenResourceTest.java, RoleByIdResourceTest.java, TimeOffsetTest.java to the new testsuite 
Part of: #34494

Signed-off-by: Simon Vacek <simonvacky@email.cz>
 2025-03-14 10:26:58 +01:00
Simon Vacek
578a63ca03 Moving files to the new test suite 
Signed-off-by: Simon Vacek <simonvacky@email.cz>
 2025-03-14 10:26:58 +01:00
Simon Vacek
62cff80c5e Move CrossRealmPermissionsTest.java to the new testsuite 
Part of: #34494

Signed-off-by: Simon Vacek <simonvacky@email.cz>
 2025-03-14 10:25:26 +01:00
Simon Vacek
6efccbffdc Moving files to the new test suite 
Signed-off-by: Simon Vacek <simonvacky@email.cz>
 2025-03-14 10:25:26 +01:00
Simon Vacek
e1fdd1dab6 Move ServiceAccountClientTest.java to the new testsuite 
Part of: #34494

Signed-off-by: Simon Vacek <simonvacky@email.cz>
 2025-03-14 10:21:02 +01:00
Simon Vacek
e8d3d142df Moving files to the new test suite 
Signed-off-by: Simon Vacek <simonvacky@email.cz>
 2025-03-14 10:21:02 +01:00
Pedro Igor
70114e249a Fix showing resource display name when listing permissions 
Closes #38027

Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>
 2025-03-13 13:05:15 -03:00
Lukas Hanusovsky
8f0bc985f6
[Test framework] AttackDetectionResourceTest migration (#38010) 
Signed-off-by: Lukas Hanusovsky <lhanusov@redhat.com>
 2025-03-13 13:50:24 +01:00
Stian Thorgersen
d3d44cffb1
Final wrap-up of refactoring OAuthClient (#38045) 
Closes #37225

Signed-off-by: stianst <stianst@gmail.com>
 2025-03-12 13:11:50 +01:00
Stian Thorgersen
b1a7c79311
Remove custom parameters on OAuthClient (#38032) 
Closes #38021

Signed-off-by: stianst <stianst@gmail.com>
 2025-03-12 12:01:35 +01:00
Stian Thorgersen
899eb976aa
Remove clientSessionState and clientSessionHost fields on OAuthClient (#38033) 
Closes #38023

Signed-off-by: stianst <stianst@gmail.com>
 2025-03-12 10:10:45 +01:00
Stian Thorgersen
6b1557e407
Make request and requestUri parameters on requests and not fields on OAuthClient (#38018) 
Closes #37870

Signed-off-by: stianst <stianst@gmail.com>
 2025-03-12 08:59:41 +01:00
vramik
872a691757 Remove permissions and resources when their corresponding objects are deleted 
Closes #37242

Signed-off-by: vramik <vramik@redhat.com>
 2025-03-11 14:58:03 -03:00
Stian Thorgersen
bce75cdde1
Make claims parameter on login request in OAuthClient (#38007) 
Closes #38004

Signed-off-by: stianst <stianst@gmail.com>
 2025-03-11 15:03:03 +01:00
Stian Thorgersen
604d9de162
Make PKCE arguments on requests in OAuthClient (#38002) 
Closes #38001

Signed-off-by: stianst <stianst@gmail.com>
 2025-03-11 12:26:18 +01:00
Stian Thorgersen
5d59b66a22
Make dpopJkt and dpopProof arguments on requests in OAuthClient (#37996) 
Closes #37995

Signed-off-by: stianst <stianst@gmail.com>
 2025-03-11 09:56:18 +01:00
Lukas Hanusovsky
89980e0971
[Test framework] AdminEventAuthDetailsTest migration (#37910) 
Signed-off-by: Lukas Hanusovsky <lhanusov@redhat.com>
 2025-03-11 08:22:07 +01:00
Stian Thorgersen
6720c2b29c
Make state and nonce passed on requests in AbstractOAuthClient (#37978) 
Closes #37973

Signed-off-by: stianst <stianst@gmail.com>
 2025-03-10 17:17:42 +01:00