7707 Commits

Author	SHA1	Message	Date
Pascal Knüppel	9b870d3d8a	Fix ClassCastException on mixing AddressMapper with ClaimsMapper (#44457) ... closes #44455 Signed-off-by: Pascal Knüppel <pascal.knueppel@governikus.de> Signed-off-by: Captain-P-Goldfish <captain.p.goldfish@gmx.de>	2025-12-01 14:55:44 +01:00
Giuseppe Graziano	2b4855ff97	Executor for checking claims in JWT assertions (#44537) ... Closes #4443 Signed-off-by: Giuseppe Graziano <g.graziano94@gmail.com>	2025-12-01 11:07:42 +01:00
Pedro Igor	9abe18e86e	Manual sync not executed because of the last sync time ... Closes #44552 Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>	2025-11-28 19:45:17 +01:00
Pedro Ruivo	b35dd72392	User session deleted events for invalid sessions ... Closes #44513 Signed-off-by: Pedro Ruivo <1492066+pruivo@users.noreply.github.com> Co-authored-by: Pedro Ruivo <1492066+pruivo@users.noreply.github.com>	2025-11-28 15:43:59 +00:00
Sebastian Łaskawiec	aa789dd023	Logout confirmation ... Signed-off-by: Sebastian Łaskawiec <sebastian.laskawiec@gmail.com>	2025-11-28 14:24:32 +01:00
stianst	f6676ccd76	Migrate i18n package to new testsuite ... Closes #44520 Signed-off-by: stianst <stianst@gmail.com>	2025-11-28 08:56:11 -03:00
Pedro Ruivo	3ed15e740a	Add new option to schedule user session expiration ... Closes #44068 Signed-off-by: Pedro Ruivo <1492066+pruivo@users.noreply.github.com> Signed-off-by: Alexander Schwartz <alexander.schwartz@ibm.com> Signed-off-by: Ryan Emerson <remerson@ibm.com> Co-authored-by: Pedro Ruivo <1492066+pruivo@users.noreply.github.com> Co-authored-by: Alexander Schwartz <alexander.schwartz@ibm.com> Co-authored-by: Ryan Emerson <remerson@ibm.com>	2025-11-27 23:01:32 +01:00
Thomas Diesler	54bf9206b2	[OID4VCI] Credential Offer must be created by Issuer not Holder (#44255) ... closes #44116 Signed-off-by: Thomas Diesler <tdiesler@ibm.com>	2025-11-27 16:07:10 +01:00
Alexander Schwartz	39d1fa2825	Escape passkeys descriptions and labels depending on the context ... Closes #44387 Signed-off-by: Alexander Schwartz <alexander.schwartz@ibm.com>	2025-11-27 11:16:21 +01:00
Alexis Rico	b0b38176f0	Manage Organization Invites ... Closes #38809 Signed-off-by: Alexis Rico <sferadev@gmail.com> Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com> Co-authored-by: Pedro Igor <pigor.craveiro@gmail.com>	2025-11-27 10:28:52 +01:00
Pedro Igor	96aea99d6c	Make sure LDAP sync runs in a single cluster node and respecting the configured period ... Closes #43752 Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com> Signed-off-by: Alexander Schwartz <alexander.schwartz@ibm.com> Co-authored-by: Alexander Schwartz <alexander.schwartz@ibm.com>	2025-11-27 08:08:20 +01:00
mposolda	cbb823bc0e	Make sd-jwt key binding verification work with EdDSA keys ... closes #44369 Signed-off-by: mposolda <mposolda@gmail.com>	2025-11-26 14:44:29 +01:00
Alexander Schwartz	2210b1ed50	Avoid un-escaped strings in the login templates for HTML entities ... Closes #44296 Signed-off-by: Alexander Schwartz <alexander.schwartz@ibm.com>	2025-11-26 07:55:35 -03:00
Stian Thorgersen	a8d4336da6	Migrate transactions package to new testsuite ... Closes #44460 Signed-off-by: stianst <stianst@gmail.com>	2025-11-26 10:57:19 +01:00
Alexander Schwartz	37f2488441	When joining a group, don't rely on cached values if user has already been updated ... Closes #44480 Signed-off-by: Alexander Schwartz <alexander.schwartz@ibm.com>	2025-11-26 10:52:14 +01:00
Stian Thorgersen	63c7cc7381	Delete MetricsRestServiceTest ... Closes #44451 Signed-off-by: stianst <stianst@gmail.com>	2025-11-25 12:21:29 +01:00
Thomas Diesler	39264edf3f	[OID4VCI] Fix deprecated realm-scoped well-known endpoint access ... Signed-off-by: Thomas Diesler <tdiesler@ibm.com>	2025-11-25 12:19:17 +01:00
mposolda	49b694bf0a	Compilation failure in OID4VCTimeNormalizationSdJwtTest ... closes #44419 Signed-off-by: mposolda <mposolda@gmail.com>	2025-11-24 08:39:09 -03:00
Awambeng	8406cf34fb	[OID4VCI]: Realm-Configurable Time-Claim Normalization (Randomize/Round) to Mitigate Correlation (#43834) ... Closes #43399 Signed-off-by: Awambeng <awambengrodrick@gmail.com>	2025-11-24 11:07:07 +01:00
Pascal Knüppel	64d5e1a3d5	[OID4VCI] Redesign SDJwt API and handle keybinding JWT (#44227) ... closes #42091 Signed-off-by: Pascal Knüppel <pascal.knueppel@governikus.de> Signed-off-by: Captain-P-Goldfish <captain.p.goldfish@gmx.de> Signed-off-by: mposolda <mposolda@gmail.com> Co-authored-by: mposolda <mposolda@gmail.com>	2025-11-24 11:01:19 +01:00
vramik	091b57c1e4	Flaky test: org.keycloak.testsuite.account.AccountRestServiceTest#listApplicationsWithoutPermission ... Closes #43755 Signed-off-by: vramik <vramik@redhat.com>	2025-11-21 15:05:41 -03:00
Peter Zaoral	4e5f9acac7	Add CI tests for Azure SQL Database ... Closes: #42986 Signed-off-by: Peter Zaoral <pzaoral@redhat.com>	2025-11-21 14:42:28 +00:00
Pedro Ruivo	13ef89664c	More accurate user session expiration logic ... Closes #44204 Signed-off-by: Pedro Ruivo <1492066+pruivo@users.noreply.github.com> Co-authored-by: Pedro Ruivo <1492066+pruivo@users.noreply.github.com>	2025-11-19 21:06:17 +01:00
mposolda	68cfb8d720	Fix flaky test ClientAuthSignedJWTTest.testClientWithGeneratedKeysJKS ... closes #43713 Signed-off-by: mposolda <mposolda@gmail.com>	2025-11-18 11:52:01 +01:00
rmartinc	f0f776e5c8	Fix for WebAuthnSigningInTest WebAuthn test ... Closes #43477 Signed-off-by: rmartinc <rmartinc@redhat.com>	2025-11-18 11:02:13 +01:00
Marek Posolda	a4c583246d	Use the unified constants class for sd-jwt/oid4vc standard data and claims (#44153) ... closes #44152 Signed-off-by: mposolda <mposolda@gmail.com>	2025-11-18 10:41:04 +01:00
Pedro Ruivo	7dc7c81b25	Fix UserSessionProviderOfflineModelTest#testLoadUserSessionsWithNotDeletedOfflineClientSessions ... Fixes #43886 Signed-off-by: Pedro Ruivo <1492066+pruivo@users.noreply.github.com> Co-authored-by: Pedro Ruivo <1492066+pruivo@users.noreply.github.com>	2025-11-14 20:46:02 +01:00
Pedro Igor	d4f9a09236	Fixing encoding of forwarded parameters ... Closes #44125 Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>	2025-11-14 15:46:09 -03:00
Pedro Ruivo	70e1dba2c3	Create remember_me column for user sessions ... Closes #44112 Signed-off-by: Pedro Ruivo <1492066+pruivo@users.noreply.github.com> Co-authored-by: Pedro Ruivo <1492066+pruivo@users.noreply.github.com>	2025-11-14 14:41:04 +01:00
Stian Thorgersen	a2c1055f8d	Proposed import order (#43432) ... * Add importOrder to Spotless Closes #43235 Signed-off-by: stianst <stianst@gmail.com> * Re-order imports with Spotless Signed-off-by: stianst <stianst@gmail.com> --------- Signed-off-by: stianst <stianst@gmail.com>	2025-11-14 09:34:49 +01:00
Pedro Igor	b46b0321d6	Skip FGAP when evaluating permissions for regular clients ... Closes #40712 Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>	2025-11-13 22:16:09 +01:00
Pedro Ruivo	0876ca9aa1	Use batches to expire entries from Database ... Closes #44067 Signed-off-by: Pedro Ruivo <1492066+pruivo@users.noreply.github.com> Co-authored-by: Pedro Ruivo <1492066+pruivo@users.noreply.github.com>	2025-11-13 15:13:15 +00:00
stianst	8dce1eff15	Migrate keys package to new test framework ... Closes #44118 Signed-off-by: stianst <stianst@gmail.com>	2025-11-13 10:19:53 -03:00
vramik	748b58bf64	Remove creation of default policy, resource and permission upon enabling authorization for a client ... Closes #43867 Signed-off-by: vramik <vramik@redhat.com>	2025-11-13 09:14:56 -03:00
Pedro Igor	9d728dd686	Missing message properties when rendering pages for organization invites ... Closes #44113 Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>	2025-11-12 15:56:39 -03:00
Martin Kanis	a7c02076a1	UPDATE_EMAIL action invalidates old email ... Closes #43738 Signed-off-by: Martin Kanis <mkanis@redhat.com>	2025-11-12 11:32:36 -03:00
Awambeng	c0be5c42b9	[OID4VCI]: Add backward compatibility for Draft 15 wallets (single proof support) (#43951) ... Closes #43926 Signed-off-by: Awambeng Rodrick <awambengrodrick@gmail.com>	2025-11-12 14:30:33 +01:00
forkimenjeckayang	a05ed3154c	[OID4VCI] Relax CORS policy on credential offer endpoint (#43182) ... Closes #43183 Signed-off-by: forkimenjeckayang <forkimenjeckayang@gmail.com> Signed-off-by: Awambeng Rodrick <awambengrodrick@gmail.com> Co-authored-by: Awambeng Rodrick <awambengrodrick@gmail.com>	2025-11-12 14:25:20 +01:00
Ricardo Martin	de49500393	Client policy to enforce only downscoping in Token Exchange (#44030) ... Closes #43931 Signed-off-by: rmartinc <rmartinc@redhat.com>	2025-11-12 08:48:42 +01:00
rmartinc	fb13aa5039	Use http for the DockerClientTest to avoid certificate issues ... Closes #44117 Signed-off-by: rmartinc <rmartinc@redhat.com>	2025-11-11 17:48:44 +01:00
Pedro Ruivo	39964befef	Sessions not removed when user is deleted ... Fixes #43323 Signed-off-by: Pedro Ruivo <1492066+pruivo@users.noreply.github.com> Co-authored-by: Pedro Ruivo <1492066+pruivo@users.noreply.github.com>	2025-11-11 14:09:05 +01:00
Martin Kanis	c28cde359c	Local user can't login when ldap error ... Closes #43639 Signed-off-by: Martin Kanis <mkanis@redhat.com>	2025-11-11 08:48:26 -03:00
Ingrid Kamga	ce05241c7f	[OID4VCI] Tolerate clock skew in SD-JWT time checks (#43506) ... Closes #43456 Signed-off-by: Ingrid Kamga <Ingrid.Kamga@adorsys.com>	2025-11-11 09:02:44 +01:00
vramik	302fa3db08	Make LDAPProvidersIntegrationTest import a test realm after each test ... Closes #43754 Signed-off-by: vramik <vramik@redhat.com>	2025-11-10 10:19:25 -03:00
Stian Thorgersen	d8275fe5df	Remove wildcard imports (#44060) ... Closes #44059 Signed-off-by: stianst <stianst@gmail.com>	2025-11-10 11:46:05 +01:00
Pedro Ruivo	18eeef7b26	Create user session expired event ... Closes #43942 Signed-off-by: Pedro Ruivo <1492066+pruivo@users.noreply.github.com> Signed-off-by: Alexander Schwartz <alexander.schwartz@ibm.com> Co-authored-by: Pedro Ruivo <1492066+pruivo@users.noreply.github.com> Co-authored-by: Alexander Schwartz <alexander.schwartz@ibm.com>	2025-11-07 22:36:47 +00:00
Pedro Ruivo	80895d7fb4	AUTH_SESSION_ID cookie has the incorrect route ... Fixes #43933 Signed-off-by: Pedro Ruivo <1492066+pruivo@users.noreply.github.com> Co-authored-by: Pedro Ruivo <1492066+pruivo@users.noreply.github.com>	2025-11-07 21:32:45 +00:00
Lukas Hanusovsky	768cea1b82	Add FIPS suite to the new tests (#43431) ... * Add FIPS test suite to the new tests Signed-off-by: Lukas Hanusovsky <lhanusov@redhat.com> * Tweaks to FIPS suite in new test Signed-off-by: stianst <stianst@gmail.com> --------- Signed-off-by: Lukas Hanusovsky <lhanusov@redhat.com> Signed-off-by: stianst <stianst@gmail.com> Co-authored-by: stianst <stianst@gmail.com>	2025-11-06 14:08:19 +01:00
Stian Thorgersen	b278dbbb3d	Allow identity provider configuration without defaults for user authentication (#43963) ... Closes #43552 Signed-off-by: stianst <stianst@gmail.com>	2025-11-05 10:13:40 -03:00
Alexander Schwartz	3ef8c565f3	Avoid touching the database layer if no changes are necessary for a user ... Closes #43682 Signed-off-by: Alexander Schwartz <alexander.schwartz@ibm.com>	2025-11-05 06:44:48 -03:00