keycloak

mirror of https://github.com/keycloak/keycloak.git synced 2026-01-10 15:32:05 -03:30

Author	SHA1	Message	Date
Pedro Igor	ac121b4c50	Make it possible to check for permissions when deciding if a feature is enabled or not (#42909 ) Do not query organizations if manage-realm is not granted Closes #41418 Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>	2025-09-24 12:19:49 +00:00
Martin Bartoš	2ecf04acd5	[26.3] Upgrade to Quarkus 3.20.3 LTS (#42896 ) * Upgrade to Quarkus 3.20.3 LTS Closes #41371 Closes #42491 Closes #42492 Signed-off-by: Martin Bartoš <mabartos@redhat.com> * Revert "MariaDB connector dependency is not properly overriden (#41372)" This reverts commit 089975417b5819d08d8652525dfbcb044e42b7c2. Closes #41373 Signed-off-by: Martin Bartoš <mabartos@redhat.com> --------- Signed-off-by: Martin Bartoš <mabartos@redhat.com>	2025-09-24 11:07:28 +02:00
rmartinc	9aa21097e2	Do not regenerate the secret key when the size is not explicitly passed Closes #42405 Signed-off-by: rmartinc <rmartinc@redhat.com> (cherry picked from commit 605b51905ca9d991e1656ab875fec22840289761)	2025-09-23 17:29:37 +02:00
Marek Posolda	a775ed3ecb	Missing switch 'ID Token as detached signature' in the admin console client settings (#42807 ) closes #42769 (cherry picked from commit 201ea6d19c92ea91a9943521d486402d55fd1b63) Signed-off-by: mposolda <mposolda@gmail.com>	2025-09-22 12:08:46 +02:00
Alexander Schwartz	a44da52013	Add missing fields for client offline session timeout and lifespan Closes #42369 Signed-off-by: Alexander Schwartz <aschwart@redhat.com>	2025-09-12 14:23:14 +02:00
Alexander Schwartz	cb5a768129	Add openid scope in Allowed Client Scopes options of client registration access policies Closes #42339 Signed-off-by: cgeorgilakis-grnet <cgeorgilakis@admin.grnet.gr> Co-authored-by: KONSTANTINOS GEORGILAKIS <55974447+cgeorgilakis@users.noreply.github.com> Co-authored-by: cgeorgilakis-grnet <cgeorgilakis@admin.grnet.gr>	2025-09-12 14:19:58 +02:00
Alexander Schwartz	d02f6468f0	Handle already existing user session in the store Closes #40374 Signed-off-by: Alexander Schwartz <aschwart@redhat.com>	2025-09-11 17:09:24 +02:00
Pedro Ruivo	bd927edc79	[26.3] ClientSession timestamp not updated in the database Closes #42012 Signed-off-by: Pedro Ruivo <1492066+pruivo@users.noreply.github.com> Co-authored-by: Pedro Ruivo <1492066+pruivo@users.noreply.github.com>	2025-09-10 20:33:50 +02:00
Ricardo Martin	373e99e398	Add User_agent header for documentation links checker Closes #42164 (cherry picked from commit 93791f67fba08c15be229d1acf7f573d305ccc35) Signed-off-by: rmartinc <rmartinc@redhat.com> Signed-off-by: Alexander Schwartz <aschwart@redhat.com> Co-authored-by: Alexander Schwartz <aschwart@redhat.com>	2025-09-10 11:21:24 +02:00
mposolda	2f7ebfddef	Unbounded login_hint parameter Can Corrupt KC_RESTART Cookie closes #40857 Signed-off-by: mposolda <mposolda@gmail.com> (cherry picked from commit 5a05d2123ee14f36b64b6aac08041ef7623734cf)	2025-09-09 14:34:54 +02:00
Alexander Schwartz	3ebeb8144c	Avoid removing client sessions before the user session times out As the client session timeout can be overwritten on a per client level, the realm level timeout can not be used to remove client sessions early. Closes #35825 Signed-off-by: Alexander Schwartz <aschwart@redhat.com>	2025-09-08 16:38:13 -03:00
Alexander Schwartz	9b526b0548	Translate the validation error returned from the backend Closes #42182 Signed-off-by: Alexander Schwartz <aschwart@redhat.com>	2025-09-08 14:48:48 -04:00
Ricardo Martin	9804b53f3b	Use back keycloak-js instead of initiate login in the backend for account (#42035 ) Closes #40463 Signed-off-by: rmartinc <rmartinc@redhat.com> (cherry picked from commit 360ff7050c290939d529e68b461ba61c7c11404a)	2025-09-08 18:57:52 +02:00
Alexander Schwartz	3ff08efd66	Lock the database before doing migrations Closes #41801 Signed-off-by: Alexander Schwartz <aschwart@redhat.com>	2025-09-04 12:29:07 -03:00
Alexander Schwartz	e98651b395	Show length validations in the admin UI Closes #42178 Signed-off-by: Alexander Schwartz <aschwart@redhat.com> Signed-off-by: Alexander Schwartz <alexander.schwartz@gmx.net> Co-authored-by: Jon Koops <jonkoops@gmail.com>	2025-09-04 12:28:33 -03:00
Alexander Schwartz	3a17b0a480	fix: Update to new dash standard Closes #42270 Signed-off-by: Tobias Genannt <tobias.genannt@gmail.com> Co-authored-by: Tobias Genannt <tobias.genannt@gmail.com>	2025-09-04 11:42:11 -03:00
Pedro Igor	0dd0a0210a	Make sure inner transactions are using their own session Closes #41942 Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>	2025-09-04 13:31:41 +02:00
Steven Hawkins	7ef44e5f93	fix: improve handling when expressions are disabled (#42189 ) (#42240 ) closes: #42158 (cherry picked from commit f52421fe4442269be848696e001a4767c7db837f) Signed-off-by: Steve Hawkins <shawkins@redhat.com>	2025-09-02 17:02:22 +02:00
Václav Muzikář	4254f16b6a	Upgrade to Quarkus 3.20.2.2 Closes #42245 Signed-off-by: Václav Muzikář <vmuzikar@redhat.com>	2025-08-29 21:05:48 +02:00
Steven Hawkins	6b45aa0436	fix: adding debug logging for the KeycloakRealmImport (#42102 ) (#42231 ) also simplifying status logic closes: #42019 (cherry picked from commit ec0f64b4cd3cb30bd3cc42a651aba0532663ed43) Signed-off-by: Steve Hawkins <shawkins@redhat.com>	2025-08-29 12:03:37 +00:00
Steven Hawkins	13cf87b9d7	fix: expands our warnings/notes around placeholder usage (#42151 ) (#42232 ) addresses CVE-2025-9162 closes: #42046 (cherry picked from commit e89133616732ba441185813aac7e0279fde6e9d4) Signed-off-by: Steve Hawkins <shawkins@redhat.com>	2025-08-29 13:48:55 +02:00
Alexander Schwartz	8d052f015b	Avoid deleting old client sessions Closes #41427 Signed-off-by: Alexander Schwartz <aschwart@redhat.com>	2025-08-28 09:59:19 -03:00
Steven Hawkins	7767717d17	fix: using volatile for double checked locking closes: #40630 Signed-off-by: Steve Hawkins <shawkins@redhat.com>	2025-08-22 16:01:28 +00:00
Alexander Schwartz	7446299c23	Don't validate duplicate credential label on update if label is unchanged (#41985 ) Closes #41945 Signed-off-by: Alexander Schwartz <alexander.schwartz@gmx.net>	2025-08-20 08:42:20 +02:00
Ricardo Martin	da51e2213f	Check null for new keySize and validity parameters when generating certificates (#41984 ) Closes #41906 (cherry picked from commit 0ff7d551dd2aab42da9cfdb03a5267a73d4e470e) Signed-off-by: rmartinc <rmartinc@redhat.com>	2025-08-20 07:54:56 +02:00
Pedro Igor	08de42a57d	Do not try to lookup the user if the sub claim is missing from the admin bearer token (#41981 ) Closes #41098 Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>	2025-08-19 14:45:44 +00:00
Martin Bartoš	d7e6ccb267	Upgrade to Quarkus 3.20.2.1 (#41964 ) Closes #41963 Signed-off-by: Martin Bartoš <mabartos@redhat.com>	2025-08-19 14:47:21 +02:00
Ricardo Martin	c712e4a388	Allow and control sending UTF-8 emails in the default email sender impl Closes #41023 Signed-off-by: rmartinc <rmartinc@redhat.com> Signed-off-by: Alexander Schwartz <aschwart@redhat.com> Co-authored-by: Alexander Schwartz <aschwart@redhat.com> (cherry picked from commit 949ef35a3bda916b24763c435033258a84ba8596)	2025-08-19 09:46:58 +02:00
Steven Hawkins	4a6a66a449	fix: warn instead of an error if optimized provider timestamps change (#41798 ) (#41946 ) closes: #41268 (cherry picked from commit 02cd3ddfb7ed550cb7c4ac97fb98b4af9f0f1f8d) Signed-off-by: Steve Hawkins <shawkins@redhat.com>	2025-08-18 17:37:38 +02:00
Ryan Emerson	ec6e015dff	Upgrade to Infinispan 15.0.19.Final Closes #41934 Signed-off-by: Ryan Emerson <remerson@ibm.com>	2025-08-18 13:51:01 +02:00
Alexander Schwartz	c1b00ac15a	Adjust the test to dynamically remove all sessions This will handle even those sessions created by other tests. Closes #41545 Signed-off-by: Alexander Schwartz <aschwart@redhat.com>	2025-08-15 16:40:22 -03:00
Alexander Schwartz	e7c98a4714	Fix typo in caching docs: 'Proving' → 'Providing' Closes #41663 Signed-off-by: Ramlah7 <ramlahmunir786@gmail.com> Co-authored-by: RAMLAH MUNIR <ramlahmunir786@gmail.com>	2025-08-15 10:33:16 +02:00
Pedro Igor	56da6c4b7d	memberOf attribute empty or values with a DN that does not match the role base DN fetches all roles Closes #41842 Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>	2025-08-14 17:16:16 +02:00
rmartinc	0e23856dce	Use Optional instead of getOrDefault for settings in testSMTPConnection Closes #41643 Signed-off-by: rmartinc <rmartinc@redhat.com> (cherry picked from commit a58556d761cdee0647bb7293665d99d1770152fb)	2025-08-13 14:22:43 +02:00
Ricardo Martin	75fed7d71d	Upgrade angus mail to 2.0.4 Closes #41808 Signed-off-by: rmartinc <rmartinc@redhat.com> (cherry picked from commit facffa36cc047de214aa025c21b4fdfa71236b67)	2025-08-13 10:00:54 +02:00
Jose Renato Villela Dantas	cc2f76738a	Set client in the session context for logout token encode Closes #40984 Signed-off-by: rmartinc <rmartinc@redhat.com> Co-authored-by: rmartinc <rmartinc@redhat.com>	2025-08-13 04:37:49 +00:00
Stefan Guilhen	16255afa18	Change e-mail verification to perform a find by UUID on LDAP only when the local and imported users are different Closes #41532 (cherry picked from commit 5b4973f0e88d5b6a50dfaf7f5532af9aae6db5b6) Signed-off-by: Stefan Guilhen <sguilhen@redhat.com>	2025-08-08 17:33:32 +02:00
Pedro Ruivo	2ebe03ae2d	Ensure cache configuration has correct number of owners Closes #41558 Signed-off-by: Pedro Ruivo <1492066+pruivo@users.noreply.github.com>	2025-08-06 18:49:18 +01:00
Steven Hawkins	d7630b0cea	fix: correcting how provider default is found (#41678 ) (#41697 ) closes: #41677 (cherry picked from commit 5731cdf6738bc4344d495bd1193fe531f4f7ed7a) Signed-off-by: Steve Hawkins <shawkins@redhat.com>	2025-08-06 12:30:59 +00:00
Alexander Schwartz	1b5e05c8f5	Reduce likelihood of multiple coordinators on concurrent startup Closes #41290 Signed-off-by: Alexander Schwartz <aschwart@redhat.com> Signed-off-by: Alexander Schwartz <alexander.schwartz@gmx.net> Co-authored-by: Pedro Ruivo <pruivo@users.noreply.github.com>	2025-08-04 08:41:46 -03:00
Martin Kanis	4e699e10da	LDAP Import: KERBEROS_PRINCIPAL not updated when UserPrincipal changes and KERBEROS_PRINCIPAL was null on creation Closes #41520 (cherry picked from commit 79fc97056e22ebfd6a8f87a83f9e01a000441ac1) Signed-off-by: Martin Kanis <mkanis@redhat.com>	2025-08-01 10:55:12 +00:00
mposolda	4699ea0662	Getting error 405 'Method Not Allowed' when calling the 'certs' endpoint with HEAD method closes #41537 Signed-off-by: mposolda <mposolda@gmail.com> (cherry picked from commit 2dab73063dd5cc1fdcd5080f8a9f01222ea32d81)	2025-08-01 10:44:46 +02:00
Alexander Schwartz	699f61f168	Making IDs for configuration options unique Closes #41423 Signed-off-by: Alexander Schwartz <aschwart@redhat.com>	2025-07-30 10:11:25 -03:00
Martin Bartoš	55cd851ecc	ExternalLinks are broken in documentation Closes #41491 Signed-off-by: Martin Bartoš <mabartos@redhat.com>	2025-07-30 13:38:42 +02:00
Martin Bartoš	58b69351be	Synchronize Maven surefire plugin with Quarkus Closes #41488 Signed-off-by: Martin Bartoš <mabartos@redhat.com>	2025-07-30 13:38:42 +02:00
Alexander Schwartz	8634cdaa4a	Close spans in the exceptional path Closes #41469 Signed-off-by: Alexander Schwartz <aschwart@redhat.com>	2025-07-29 14:49:16 +02:00
Alexander Schwartz	ff4d4233f4	Fix broken anchor for caching docs Also shorten the docs as KC is now encrypting by default. Closes #41421 Signed-off-by: Alexander Schwartz <aschwart@redhat.com>	2025-07-28 14:57:39 -03:00
Alexander Schwartz	dcba51c0af	Setting 'write_data_on_find' to true to ensure merging of views (#41401 ) Closes #41390 Signed-off-by: Alexander Schwartz <aschwart@redhat.com>	2025-07-25 13:22:15 +02:00
Martin Bartoš	089975417b	MariaDB connector dependency is not properly overriden (#41372 ) Closes #41370 Signed-off-by: Martin Bartoš <mabartos@redhat.com>	2025-07-23 18:29:17 +02:00
Martin Bartoš	7c7ad7946d	Update MariaDB connector to 3.5.3 (#41361 ) Closes #39634 Signed-off-by: Martin Bartoš <mabartos@redhat.com>	2025-07-23 13:16:13 +00:00

1 2 3 4 5 ...

28627 Commits