External-Mirrors/keycloak
2
0
Fork 0
mirror of https://github.com/keycloak/keycloak.git synced 2026-01-10 15:32:05 -03:30
Code Issues Packages Projects Releases Wiki Activity
28,610 Commits 26 Branches 288 Tags
Commit Graph

28610 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Steven Hawkins
7ef44e5f93
fix: improve handling when expressions are disabled (#42189) (#42240) 
closes: #42158


(cherry picked from commit f52421fe4442269be848696e001a4767c7db837f)

Signed-off-by: Steve Hawkins <shawkins@redhat.com>
 2025-09-02 17:02:22 +02:00
Václav Muzikář
4254f16b6a
Upgrade to Quarkus 3.20.2.2 
Closes #42245

Signed-off-by: Václav Muzikář <vmuzikar@redhat.com>
 2025-08-29 21:05:48 +02:00
Steven Hawkins
6b45aa0436
fix: adding debug logging for the KeycloakRealmImport (#42102) (#42231) 
also simplifying status logic

closes: #42019


(cherry picked from commit ec0f64b4cd3cb30bd3cc42a651aba0532663ed43)

Signed-off-by: Steve Hawkins <shawkins@redhat.com>
 2025-08-29 12:03:37 +00:00
Steven Hawkins
13cf87b9d7
fix: expands our warnings/notes around placeholder usage (#42151) (#42232) 
addresses CVE-2025-9162

closes: #42046


(cherry picked from commit e89133616732ba441185813aac7e0279fde6e9d4)

Signed-off-by: Steve Hawkins <shawkins@redhat.com>
 2025-08-29 13:48:55 +02:00
Alexander Schwartz
8d052f015b
Avoid deleting old client sessions 
Closes #41427

Signed-off-by: Alexander Schwartz <aschwart@redhat.com>
 2025-08-28 09:59:19 -03:00
Steven Hawkins
7767717d17
fix: using volatile for double checked locking 
closes: #40630

Signed-off-by: Steve Hawkins <shawkins@redhat.com>
 2025-08-22 16:01:28 +00:00
Alexander Schwartz
7446299c23
Don't validate duplicate credential label on update if label is unchanged (#41985) 
Closes #41945

Signed-off-by: Alexander Schwartz <alexander.schwartz@gmx.net>
 2025-08-20 08:42:20 +02:00
Ricardo Martin
da51e2213f
Check null for new keySize and validity parameters when generating certificates (#41984) 
Closes #41906


(cherry picked from commit 0ff7d551dd2aab42da9cfdb03a5267a73d4e470e)

Signed-off-by: rmartinc <rmartinc@redhat.com>
 2025-08-20 07:54:56 +02:00
Pedro Igor
08de42a57d
Do not try to lookup the user if the sub claim is missing from the admin bearer token (#41981) 
Closes #41098

Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>
 2025-08-19 14:45:44 +00:00
Martin Bartoš
d7e6ccb267
Upgrade to Quarkus 3.20.2.1 (#41964) 
Closes #41963

Signed-off-by: Martin Bartoš <mabartos@redhat.com>
 2025-08-19 14:47:21 +02:00
Ricardo Martin
c712e4a388 Allow and control sending UTF-8 emails in the default email sender impl 
Closes #41023

Signed-off-by: rmartinc <rmartinc@redhat.com>
Signed-off-by: Alexander Schwartz <aschwart@redhat.com>
Co-authored-by: Alexander Schwartz <aschwart@redhat.com>
(cherry picked from commit 949ef35a3bda916b24763c435033258a84ba8596)
 2025-08-19 09:46:58 +02:00
Steven Hawkins
4a6a66a449
fix: warn instead of an error if optimized provider timestamps change (#41798) (#41946) 
closes: #41268


(cherry picked from commit 02cd3ddfb7ed550cb7c4ac97fb98b4af9f0f1f8d)

Signed-off-by: Steve Hawkins <shawkins@redhat.com>
 2025-08-18 17:37:38 +02:00
Ryan Emerson
ec6e015dff
Upgrade to Infinispan 15.0.19.Final 
Closes #41934

Signed-off-by: Ryan Emerson <remerson@ibm.com>
 2025-08-18 13:51:01 +02:00
Alexander Schwartz
c1b00ac15a Adjust the test to dynamically remove all sessions 
This will handle even those sessions created by other tests.

Closes #41545

Signed-off-by: Alexander Schwartz <aschwart@redhat.com>
 2025-08-15 16:40:22 -03:00
Alexander Schwartz
e7c98a4714
Fix typo in caching docs: 'Proving' → 'Providing' 
Closes #41663

Signed-off-by: Ramlah7 <ramlahmunir786@gmail.com>
Co-authored-by: RAMLAH MUNIR <ramlahmunir786@gmail.com>
 2025-08-15 10:33:16 +02:00
Pedro Igor
56da6c4b7d
memberOf attribute empty or values with a DN that does not match the role base DN fetches all roles 
Closes #41842

Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>
 2025-08-14 17:16:16 +02:00
rmartinc
0e23856dce Use Optional instead of getOrDefault for settings in testSMTPConnection 
Closes #41643

Signed-off-by: rmartinc <rmartinc@redhat.com>
(cherry picked from commit a58556d761cdee0647bb7293665d99d1770152fb)
 2025-08-13 14:22:43 +02:00
Ricardo Martin
75fed7d71d Upgrade angus mail to 2.0.4 
Closes #41808

Signed-off-by: rmartinc <rmartinc@redhat.com>
(cherry picked from commit facffa36cc047de214aa025c21b4fdfa71236b67)
 2025-08-13 10:00:54 +02:00
Jose Renato Villela Dantas
cc2f76738a
Set client in the session context for logout token encode 
Closes #40984

Signed-off-by: rmartinc <rmartinc@redhat.com>
Co-authored-by: rmartinc <rmartinc@redhat.com>
 2025-08-13 04:37:49 +00:00
Stefan Guilhen
16255afa18
Change e-mail verification to perform a find by UUID on LDAP only when the local and imported users are different 
Closes #41532


(cherry picked from commit 5b4973f0e88d5b6a50dfaf7f5532af9aae6db5b6)

Signed-off-by: Stefan Guilhen <sguilhen@redhat.com>
 2025-08-08 17:33:32 +02:00
Pedro Ruivo
2ebe03ae2d Ensure cache configuration has correct number of owners 
Closes #41558

Signed-off-by: Pedro Ruivo <1492066+pruivo@users.noreply.github.com>
 2025-08-06 18:49:18 +01:00
Steven Hawkins
d7630b0cea
fix: correcting how provider default is found (#41678) (#41697) 
closes: #41677


(cherry picked from commit 5731cdf6738bc4344d495bd1193fe531f4f7ed7a)

Signed-off-by: Steve Hawkins <shawkins@redhat.com>
 2025-08-06 12:30:59 +00:00
Alexander Schwartz
1b5e05c8f5
Reduce likelihood of multiple coordinators on concurrent startup 
Closes #41290

Signed-off-by: Alexander Schwartz <aschwart@redhat.com>
Signed-off-by: Alexander Schwartz <alexander.schwartz@gmx.net>
Co-authored-by: Pedro Ruivo <pruivo@users.noreply.github.com>
 2025-08-04 08:41:46 -03:00
Martin Kanis
4e699e10da
LDAP Import: KERBEROS_PRINCIPAL not updated when UserPrincipal changes and KERBEROS_PRINCIPAL was null on creation 
Closes #41520


(cherry picked from commit 79fc97056e22ebfd6a8f87a83f9e01a000441ac1)

Signed-off-by: Martin Kanis <mkanis@redhat.com>
 2025-08-01 10:55:12 +00:00
mposolda
4699ea0662 Getting error 405 'Method Not Allowed' when calling the 'certs' endpoint with HEAD method 
closes #41537

Signed-off-by: mposolda <mposolda@gmail.com>
(cherry picked from commit 2dab73063dd5cc1fdcd5080f8a9f01222ea32d81)
 2025-08-01 10:44:46 +02:00
Alexander Schwartz
699f61f168
Making IDs for configuration options unique 
Closes #41423

Signed-off-by: Alexander Schwartz <aschwart@redhat.com>
 2025-07-30 10:11:25 -03:00
Martin Bartoš
55cd851ecc ExternalLinks are broken in documentation 
Closes #41491

Signed-off-by: Martin Bartoš <mabartos@redhat.com>
 2025-07-30 13:38:42 +02:00
Martin Bartoš
58b69351be Synchronize Maven surefire plugin with Quarkus 
Closes #41488

Signed-off-by: Martin Bartoš <mabartos@redhat.com>
 2025-07-30 13:38:42 +02:00
Alexander Schwartz
8634cdaa4a
Close spans in the exceptional path 
Closes #41469

Signed-off-by: Alexander Schwartz <aschwart@redhat.com>
 2025-07-29 14:49:16 +02:00
Alexander Schwartz
ff4d4233f4
Fix broken anchor for caching docs 
Also shorten the docs as KC is now encrypting by default.

Closes #41421

Signed-off-by: Alexander Schwartz <aschwart@redhat.com>
 2025-07-28 14:57:39 -03:00
Alexander Schwartz
dcba51c0af
Setting 'write_data_on_find' to true to ensure merging of views (#41401) 
Closes #41390

Signed-off-by: Alexander Schwartz <aschwart@redhat.com>
 2025-07-25 13:22:15 +02:00
Martin Bartoš
089975417b
MariaDB connector dependency is not properly overriden (#41372) 
Closes #41370

Signed-off-by: Martin Bartoš <mabartos@redhat.com>
 2025-07-23 18:29:17 +02:00
Martin Bartoš
7c7ad7946d
Update MariaDB connector to 3.5.3 (#41361) 
Closes #39634

Signed-off-by: Martin Bartoš <mabartos@redhat.com>
 2025-07-23 13:16:13 +00:00
Martin Bartoš
7787c9047c
Upgrade to Quarkus 3.20.2 (#41359) 
Closes #40591

Signed-off-by: Martin Bartoš <mabartos@redhat.com>
 2025-07-23 11:04:43 +00:00
Vlasta Ramik
114425c37f
Fix #40995 avoid ModelException: At least one condition should be provided to OR query 
Closes #40995

Signed-off-by: Sylvere Richard <sylvere.richard@gmail.com>
Co-authored-by: Sylvere Richard <sylvere.richard@gmail.com>
 2025-07-22 09:45:44 +00:00
Ryan Emerson
e982aa20be
Upgrade to Infinispan 15.0.18.Final 
Closes #41257

Signed-off-by: Ryan Emerson <remerson@redhat.com>
 2025-07-21 15:57:06 +00:00
Steven Hawkins
00640d629b
fix: refine test for rolling 
closes: #41204


(cherry picked from commit 6c7be65456153bc912edff7a3673eee355b7e14c)

Signed-off-by: Steve Hawkins <shawkins@redhat.com>
 2025-07-21 14:00:18 +02:00
Steven Hawkins
df1329f70a
fix: prevent quarkus from persisting logging runtime defaults (#41005) (#41166) 
* fix: ensures that build time logging wildcards are not used at runtime

closes: #40977



* fix: removing the usage of ConfigValue.getRawValue where not appropriate

closes:



* correcting auto logging tests



---------


(cherry picked from commit cf7c9a6ecd21c9a538e9c84aa154edb981ae3b08)

Signed-off-by: Steve Hawkins <shawkins@redhat.com>
 2025-07-19 14:15:20 +00:00
Ryan Emerson
91eec167ad
Default jdbc-ping cluster setup for distributed caches fails in Oracle 
Closes #40784
Closes #41105

Signed-off-by: Ryan Emerson <remerson@redhat.com>
Co-authored-by: Alexander Schwartz <aschwart@redhat.com>
 2025-07-18 14:21:43 +02:00
Stan Silvert
e378bb87ba
Only view svc acct users on exact search 
Closes #41103


(cherry picked from commit bfd725d851d39f2f9bc1b483cf7e26c2d7068d61)

Signed-off-by: Stan Silvert <ssilvert@redhat.com>
 2025-07-17 13:13:46 +00:00
Alexander Schwartz
1d646e8f70
Fix em-dash in SPI options in the docs 
Closes #41152

Signed-off-by: Alexander Schwartz <aschwart@redhat.com>
Signed-off-by: Alexander Schwartz <alexander.schwartz@gmx.net>
Co-authored-by: Steven Hawkins <shawkins@redhat.com>
 2025-07-17 08:41:27 -03:00
Ricardo Martin
68f4cd392a
Check if PK for DATABASECHANGELOG already exists 
Closes #41082


(cherry picked from commit 164274ac51b748cd9c3a94ad28fbb3a85384b2ae)

Signed-off-by: rmartinc <rmartinc@redhat.com>
 2025-07-14 12:03:56 +02:00
mposolda
5fff25edc8 Add option 'Requires short state parameter' to OIDC IDP 
closes #40237

Signed-off-by: mposolda <mposolda@gmail.com>
(cherry picked from commit 274afa88fae0967ab281be93d41ec0ad1e8586cc)
 2025-07-14 08:43:08 +02:00
Stian Thorgersen
ff0b79c636
Increase timeout when publishing to Maven Central (#41100) 
Signed-off-by: stianst <stianst@gmail.com>
 2025-07-11 07:23:28 +00:00
Pedro Ruivo
d944cd0d43
Skip computing lifespan for read-only sessions 
Fixes #40980

Signed-off-by: Pedro Ruivo <1492066+pruivo@users.noreply.github.com>
Co-authored-by: Pedro Ruivo <1492066+pruivo@users.noreply.github.com>
 2025-07-11 08:59:37 +02:00
Pedro Ruivo
d291e7170c
Improve logging for client sessions load 
Closes #41034

Signed-off-by: Pedro Ruivo <1492066+pruivo@users.noreply.github.com>
Signed-off-by: Alexander Schwartz <alexander.schwartz@gmx.net>
Co-authored-by: Pedro Ruivo <1492066+pruivo@users.noreply.github.com>
Co-authored-by: Alexander Schwartz <alexander.schwartz@gmx.net>
Co-authored-by: Marek Posolda <mposolda@gmail.com>
 2025-07-10 18:21:00 +02:00
Ricardo Martin
74c0fed5fd
Remove /etc/system-fips file before executing fips-mode-setup 
Closes #41038


(cherry picked from commit e631ef4f92683b073f9cac9ae0f55ac0a3483187)

Signed-off-by: rmartinc <rmartinc@redhat.com>
 2025-07-10 10:51:32 +00:00
Ryan Emerson
7ff4014d4b
Run clustering compatibility tests on release/x.y branches 
Closes #40970

Signed-off-by: Ryan Emerson <remerson@redhat.com>
 2025-07-09 21:02:39 +02:00
rmartinc
dbfca95a99 Do not add steps if feature disabled in default flows 
Allow login if a step is disabled even the authenticator is not enabled by profile
Closes #40954

Signed-off-by: rmartinc <rmartinc@redhat.com>
(cherry picked from commit d62114e50ea85920f229ba32d08a30034ecca596)
 2025-07-09 13:05:41 +02:00
vramik
8428e2064d Fix NPE when accessing group concurrently 
Closes #40368

Signed-off-by: vramik <vramik@redhat.com>
 2025-07-09 08:05:04 -03:00