keycloak

mirror of https://github.com/keycloak/keycloak.git synced 2026-01-09 23:12:06 -03:30

Author	SHA1	Message	Date
Lukas Hanusovsky	92849ef5d3	Move AdminClientTest to the new testsuite (#44705 ) * Moving files to the new test suite Signed-off-by: Simon Vacek <simonvacky@email.cz> * Move AdminClientTest to the new testsuite Part of: #35040 Signed-off-by: Simon Vacek <simonvacky@email.cz> Co-authored: Lukas Hanusovsky <lhanusov@redhat.com> * Refactoring of ManagedCertificates * Fix compatiblity issue with ManagedCertificates dependency Signed-off-by: stianst <stianst@gmail.com> * Fixing trustStrategy for SSLContext truststore. Signed-off-by: Lukas Hanusovsky <lhanusov@redhat.com> * Fix FIPS Signed-off-by: stianst <stianst@gmail.com> --------- Signed-off-by: Simon Vacek <simonvacky@email.cz> Signed-off-by: stianst <stianst@gmail.com> Signed-off-by: Lukas Hanusovsky <lhanusov@redhat.com> Co-authored-by: Simon Vacek <simonvacky@email.cz> Co-authored-by: stianst <stianst@gmail.com>	2025-12-17 14:31:22 +00:00
forkimenjeckayang	ca617d9711	[OID4VCI]: Use Keycloak time utility for OID4VC related timestamps (#44871 ) Closes: #44235 Signed-off-by: forkimenjeckayang <forkimenjeckayang@gmail.com>	2025-12-17 14:58:01 +01:00
Martin Kanis	012cefb654	The existence of an organization attribute called id is not validated Closes #44522 Signed-off-by: Martin Kanis <mkanis@redhat.com>	2025-12-17 08:05:32 -03:00
Pedro Ruivo	ba495d1ab1	Remote Infinispan should return count per client only for the current realm (#44948 ) Closes #44577 Signed-off-by: Pedro Ruivo <1492066+pruivo@users.noreply.github.com> Co-authored-by: Pedro Ruivo <1492066+pruivo@users.noreply.github.com>	2025-12-17 07:40:49 +01:00
Vlasta Ramik	ab546c9184	Flaky test: org.keycloak.testsuite.broker.KcOidcBrokerTest#testPostBrokerLoginFlowWithOTP (#44945 ) Closes #43973 Signed-off-by: vramik <vramik@redhat.com>	2025-12-16 14:58:53 -05:00
Palpable	94ee6d81fb	[OID4VCI] Realign naming of attribute configuring algorithms for credential (#44765 ) Closes #44621 Signed-off-by: Vitalisn4 <ngamvitalisyuh@gmail.com> Signed-off-by: mposolda <mposolda@gmail.com> Signed-off-by: Ingrid Kamga <Ingrid.Kamga@adorsys.com> Co-authored-by: Marek Posolda <mposolda@gmail.com> Co-authored-by: Ingrid Kamga <Ingrid.Kamga@adorsys.com>	2025-12-16 14:46:17 +01:00
Awambeng Rodrick	a1bffa3ddc	Add spec-compliant jwt vc issuer well-known endpoint - expose /.well-known/jwt-vc-issuer/realms/{realm} and keep legacy route with deprecation headers - build consumer metadata URL per draft-ietf-oauth-sd-jwt-vc-13 and add realm-path coverage - add integration test for new path plus deprecation headers on legacy endpoint Closes #44256 Signed-off-by: Awambeng Rodrick <awambengrodrick@gmail.com> Signed-off-by: Awambeng <awambengrodrick@gmail.com>	2025-12-16 13:46:06 +01:00
forkimenjeckayang	2f7045d7dd	Remove deferred credential endpoint from OID4VC metadata (#44907 ) Closes #44779 Signed-off-by: forkimenjeckayang <forkimenjeckayang@gmail.com>	2025-12-16 12:50:12 +01:00
Lukas Hanusovsky	e8c6a7b98d	[Test Framework] Migrate initial WebAuthn setup + WebAuthnRegisterAndLoginTest. (#44016 ) Signed-off-by: Lukas Hanusovsky <lhanusov@redhat.com>	2025-12-15 15:01:42 +01:00
Stian Thorgersen	ab9c6e36ee	Remove legacy/jakarta Undertow as we only need one, and upgrade to the latest to fix CVEs (#44901 ) Closes #44814 Signed-off-by: stianst <stianst@gmail.com>	2025-12-15 10:39:19 +01:00
Awambeng	af8e905774	refactor(oid4vc): remove notification ID handling and related endpoint (#44844 ) Closes #44802 Signed-off-by: Awambeng Rodrick <awambengrodrick@gmail.com>	2025-12-12 14:38:01 +01:00
Stian Thorgersen	421abedaa4	Remove log4j 1.x from Arquillian testsuite (#44827 ) Closes #44555 Signed-off-by: stianst <stianst@gmail.com>	2025-12-11 11:31:11 +00:00
Stian Thorgersen	2f1628d1a9	Remove log4j 1.x from testsuite/model Closes #44554 Signed-off-by: stianst <stianst@gmail.com>	2025-12-11 10:23:03 +01:00
Stian Thorgersen	ed69f65a9c	Remove jpa-performance Closes #44812 Signed-off-by: stianst <stianst@gmail.com>	2025-12-10 23:16:47 +00:00
Stian Thorgersen	7eb3b693b2	Remove log4j 1.x from testsuite/utils Closes #44557 Signed-off-by: stianst <stianst@gmail.com>	2025-12-10 20:08:03 +00:00
forkimenjeckayang	be22a4bd62	[OID4VCI] Fix OID4VC wallet interoperability issues (#44682 ) closes #44736 Signed-off-by: forkimenjeckayang <forkimenjeckayang@gmail.com>	2025-12-10 12:08:01 +01:00
Marek Posolda	f641269ac1	CredentialRequest with credentialIdentifier does not work when creden… (#44794 ) closes #44793 Signed-off-by: mposolda <mposolda@gmail.com>	2025-12-10 12:02:52 +01:00
Christian Glasmachers	921b10ee80	Login failure cache: Evict entries after the configured failure reset time Closes #44801 Signed-off-by: Alexander Schwartz <alexander.schwartz@ibm.com> Signed-off-by: Alexander Schwartz <alexander.schwartz@gmx.net> Signed-off-by: Pedro Ruivo <pruivo@redhat.com> Co-authored-by: Christian Glasmachers <Christian.Glasmachers-extern@deutschebahn.com> Co-authored-by: Alexander Schwartz <alexander.schwartz@ibm.com> Co-authored-by: Alexander Schwartz <alexander.schwartz@gmx.net> Co-authored-by: Pedro Ruivo <pruivo@users.noreply.github.com>	2025-12-10 11:20:19 +01:00
rmartinc	43c1a169e4	Manage service accounts when updating a client using registration Closes #44257 Signed-off-by: rmartinc <rmartinc@redhat.com>	2025-12-09 12:11:11 +01:00
mposolda	3e001a378f	Credential offer endpoint has parameter user_id, but expects username closes #44642 Signed-off-by: mposolda <mposolda@gmail.com>	2025-12-08 10:42:35 +01:00
Pascal Knüppel	46e5979b17	[OID4VCI] Handle key_attestation_required in metadata endpoint (#44471 ) fixes #43801 Signed-off-by: Pascal Knüppel <pascal.knueppel@governikus.de> Signed-off-by: Pascal Knüppel <captain.p.goldfish@gmx.de> Signed-off-by: Captain-P-Goldfish <captain.p.goldfish@gmx.de> Co-authored-by: Ingrid Kamga <xingridkamga@gmail.com>	2025-12-05 16:00:32 +01:00
Sebastian Schuster	b5178a2bec	Added section on recommended isolation level to db guides Closes #44611 Signed-off-by: Sebastian Schuster <sebastian.schuster@bosch.com> Signed-off-by: Alexander Schwartz <alexander.schwartz@ibm.com> Co-authored-by: Alexander Schwartz <alexander.schwartz@ibm.com>	2025-12-05 14:48:31 +01:00
Martin Bartoš	52bf0face3	ModelTests are broken after consolidating config logic Closes #44700 Signed-off-by: Martin Bartoš <mabartos@redhat.com>	2025-12-05 11:27:18 +00:00
forkimenjeckayang	4dd68c0316	[OID4VCI] Conformance Test Fixes (#44439 ) closes #44659 Signed-off-by: forkimenjeckayang <forkimenjeckayang@gmail.com>	2025-12-04 09:03:38 +01:00
Ricardo Martin	f91363d12d	Improve Public Key Management for JWTAuthorizationGrant identity provider Closes #44243 Signed-off-by: rmartinc <rmartinc@redhat.com>	2025-12-03 11:45:34 +01:00
Pascal Knüppel	9b870d3d8a	Fix ClassCastException on mixing AddressMapper with ClaimsMapper (#44457 ) closes #44455 Signed-off-by: Pascal Knüppel <pascal.knueppel@governikus.de> Signed-off-by: Captain-P-Goldfish <captain.p.goldfish@gmx.de>	2025-12-01 14:55:44 +01:00
Giuseppe Graziano	2b4855ff97	Executor for checking claims in JWT assertions (#44537 ) Closes #4443 Signed-off-by: Giuseppe Graziano <g.graziano94@gmail.com>	2025-12-01 11:07:42 +01:00
Pedro Igor	9abe18e86e	Manual sync not executed because of the last sync time Closes #44552 Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>	2025-11-28 19:45:17 +01:00
Pedro Ruivo	b35dd72392	User session deleted events for invalid sessions Closes #44513 Signed-off-by: Pedro Ruivo <1492066+pruivo@users.noreply.github.com> Co-authored-by: Pedro Ruivo <1492066+pruivo@users.noreply.github.com>	2025-11-28 15:43:59 +00:00
Sebastian Łaskawiec	aa789dd023	Logout confirmation Signed-off-by: Sebastian Łaskawiec <sebastian.laskawiec@gmail.com>	2025-11-28 14:24:32 +01:00
stianst	f6676ccd76	Migrate i18n package to new testsuite Closes #44520 Signed-off-by: stianst <stianst@gmail.com>	2025-11-28 08:56:11 -03:00
Pedro Ruivo	3ed15e740a	Add new option to schedule user session expiration Closes #44068 Signed-off-by: Pedro Ruivo <1492066+pruivo@users.noreply.github.com> Signed-off-by: Alexander Schwartz <alexander.schwartz@ibm.com> Signed-off-by: Ryan Emerson <remerson@ibm.com> Co-authored-by: Pedro Ruivo <1492066+pruivo@users.noreply.github.com> Co-authored-by: Alexander Schwartz <alexander.schwartz@ibm.com> Co-authored-by: Ryan Emerson <remerson@ibm.com>	2025-11-27 23:01:32 +01:00
Thomas Diesler	54bf9206b2	[OID4VCI] Credential Offer must be created by Issuer not Holder (#44255 ) closes #44116 Signed-off-by: Thomas Diesler <tdiesler@ibm.com>	2025-11-27 16:07:10 +01:00
Alexander Schwartz	39d1fa2825	Escape passkeys descriptions and labels depending on the context Closes #44387 Signed-off-by: Alexander Schwartz <alexander.schwartz@ibm.com>	2025-11-27 11:16:21 +01:00
Alexis Rico	b0b38176f0	Manage Organization Invites Closes #38809 Signed-off-by: Alexis Rico <sferadev@gmail.com> Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com> Co-authored-by: Pedro Igor <pigor.craveiro@gmail.com>	2025-11-27 10:28:52 +01:00
Pedro Igor	96aea99d6c	Make sure LDAP sync runs in a single cluster node and respecting the configured period Closes #43752 Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com> Signed-off-by: Alexander Schwartz <alexander.schwartz@ibm.com> Co-authored-by: Alexander Schwartz <alexander.schwartz@ibm.com>	2025-11-27 08:08:20 +01:00
mposolda	cbb823bc0e	Make sd-jwt key binding verification work with EdDSA keys closes #44369 Signed-off-by: mposolda <mposolda@gmail.com>	2025-11-26 14:44:29 +01:00
Alexander Schwartz	2210b1ed50	Avoid un-escaped strings in the login templates for HTML entities Closes #44296 Signed-off-by: Alexander Schwartz <alexander.schwartz@ibm.com>	2025-11-26 07:55:35 -03:00
Stian Thorgersen	a8d4336da6	Migrate transactions package to new testsuite Closes #44460 Signed-off-by: stianst <stianst@gmail.com>	2025-11-26 10:57:19 +01:00
Alexander Schwartz	37f2488441	When joining a group, don't rely on cached values if user has already been updated Closes #44480 Signed-off-by: Alexander Schwartz <alexander.schwartz@ibm.com>	2025-11-26 10:52:14 +01:00
Stian Thorgersen	63c7cc7381	Delete MetricsRestServiceTest Closes #44451 Signed-off-by: stianst <stianst@gmail.com>	2025-11-25 12:21:29 +01:00
Thomas Diesler	39264edf3f	[OID4VCI] Fix deprecated realm-scoped well-known endpoint access Signed-off-by: Thomas Diesler <tdiesler@ibm.com>	2025-11-25 12:19:17 +01:00
mposolda	49b694bf0a	Compilation failure in OID4VCTimeNormalizationSdJwtTest closes #44419 Signed-off-by: mposolda <mposolda@gmail.com>	2025-11-24 08:39:09 -03:00
Awambeng	8406cf34fb	[OID4VCI]: Realm-Configurable Time-Claim Normalization (Randomize/Round) to Mitigate Correlation (#43834 ) Closes #43399 Signed-off-by: Awambeng <awambengrodrick@gmail.com>	2025-11-24 11:07:07 +01:00
Pascal Knüppel	64d5e1a3d5	[OID4VCI] Redesign SDJwt API and handle keybinding JWT (#44227 ) closes #42091 Signed-off-by: Pascal Knüppel <pascal.knueppel@governikus.de> Signed-off-by: Captain-P-Goldfish <captain.p.goldfish@gmx.de> Signed-off-by: mposolda <mposolda@gmail.com> Co-authored-by: mposolda <mposolda@gmail.com>	2025-11-24 11:01:19 +01:00
vramik	091b57c1e4	Flaky test: org.keycloak.testsuite.account.AccountRestServiceTest#listApplicationsWithoutPermission Closes #43755 Signed-off-by: vramik <vramik@redhat.com>	2025-11-21 15:05:41 -03:00
Peter Zaoral	4e5f9acac7	Add CI tests for Azure SQL Database Closes: #42986 Signed-off-by: Peter Zaoral <pzaoral@redhat.com>	2025-11-21 14:42:28 +00:00
Pedro Ruivo	13ef89664c	More accurate user session expiration logic Closes #44204 Signed-off-by: Pedro Ruivo <1492066+pruivo@users.noreply.github.com> Co-authored-by: Pedro Ruivo <1492066+pruivo@users.noreply.github.com>	2025-11-19 21:06:17 +01:00
mposolda	68cfb8d720	Fix flaky test ClientAuthSignedJWTTest.testClientWithGeneratedKeysJKS closes #43713 Signed-off-by: mposolda <mposolda@gmail.com>	2025-11-18 11:52:01 +01:00
rmartinc	f0f776e5c8	Fix for WebAuthnSigningInTest WebAuthn test Closes #43477 Signed-off-by: rmartinc <rmartinc@redhat.com>	2025-11-18 11:02:13 +01:00

1 2 3 4 5 ...

7732 Commits