keycloak

mirror of https://github.com/keycloak/keycloak.git synced 2026-01-10 15:32:05 -03:30

Author	SHA1	Message	Date
rmartinc	ca205272ba	Initial integration of the JWT Authorization Grant in client Policies Using the downscope executor for testing Closes #44201 Signed-off-by: rmartinc <rmartinc@redhat.com>	2025-11-24 19:37:07 +01:00
Giuseppe Graziano	3e8b2f8ab7	New JWT Authorization Grant Identity provider (#44176 ) Closes #43570 Signed-off-by: Giuseppe Graziano <g.graziano94@gmail.com>	2025-11-19 09:18:23 +01:00
Stian Thorgersen	a2c1055f8d	Proposed import order (#43432 ) * Add importOrder to Spotless Closes #43235 Signed-off-by: stianst <stianst@gmail.com> * Re-order imports with Spotless Signed-off-by: stianst <stianst@gmail.com> --------- Signed-off-by: stianst <stianst@gmail.com>	2025-11-14 09:34:49 +01:00
Pedro Igor	ded372a57f	Adding utility class for working with throwables and updating the cause check to limit the number of iterations on the stacktrace Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>	2025-11-11 08:48:26 -03:00
Martin Kanis	c28cde359c	Local user can't login when ldap error Closes #43639 Signed-off-by: Martin Kanis <mkanis@redhat.com>	2025-11-11 08:48:26 -03:00
Stian Thorgersen	d8275fe5df	Remove wildcard imports (#44060 ) Closes #44059 Signed-off-by: stianst <stianst@gmail.com>	2025-11-10 11:46:05 +01:00
Stian Thorgersen	b278dbbb3d	Allow identity provider configuration without defaults for user authentication (#43963 ) Closes #43552 Signed-off-by: stianst <stianst@gmail.com>	2025-11-05 10:13:40 -03:00
Steven Hawkins	27252a14ae	fix: adding a single method to get the base uri (#43333 ) * fix: adding a single method to get the base uri closes: #43330 Signed-off-by: Steve Hawkins <shawkins@redhat.com> * Update server-spi/src/main/java/org/keycloak/urls/HostnameProvider.java Co-authored-by: Václav Muzikář <vaclav@muzikari.cz> Signed-off-by: Steven Hawkins <shawkins@redhat.com> --------- Signed-off-by: Steve Hawkins <shawkins@redhat.com> Signed-off-by: Steven Hawkins <shawkins@redhat.com> Co-authored-by: Václav Muzikář <vaclav@muzikari.cz>	2025-11-05 12:46:09 +00:00
KONSTANTINOS GEORGILAKIS	1c0d4616a5	hide scopes from scopes_supported in discovery endpoint Closes #10388 Signed-off-by: cgeorgilakis-grnet <cgeorgilakis@admin.grnet.gr> Signed-off-by: Alexander Schwartz <alexander.schwartz@ibm.com> Co-authored-by: Alexander Schwartz <alexander.schwartz@ibm.com>	2025-11-03 16:26:12 +00:00
Stian Thorgersen	1048c8d9c9	Filter out non-user authentication IdPs from account and login (#43798 ) Closes #43553 Signed-off-by: stianst <stianst@gmail.com>	2025-10-31 12:40:04 +01:00
Tomáš Kyjovský	4c64b7189c	Deprecate `org.keycloak.common.util.Base64` Closes #43370 Signed-off-by: Alexander Schwartz <alexander.schwartz@ibm.com> Signed-off-by: 1867605+tkyjovsk@users.noreply.github.com Co-authored-by: Pedro Ruivo <1492066+pruivo@users.noreply.github.com> Co-authored-by: Alexander Schwartz <alexander.schwartz@ibm.com>	2025-10-30 09:12:14 +01:00
Marek Posolda	2fc5419676	Avoid using UserCredentialManager from user storage extensions (#43695 ) closes #43694 Signed-off-by: mposolda <mposolda@gmail.com>	2025-10-29 16:26:59 +01:00
Alexander Schwartz	2b51d6f4ac	Avoid holding on to the realm in cached configurations Closes #43744 Signed-off-by: Alexander Schwartz <alexander.schwartz@ibm.com>	2025-10-28 13:10:24 -03:00
Pedro Ruivo	468c063e27	Client session may be lost during session restart Fixes #43349 Signed-off-by: Pedro Ruivo <1492066+pruivo@users.noreply.github.com> Signed-off-by: Alexander Schwartz <alexander.schwartz@ibm.com> Co-authored-by: Pedro Ruivo <1492066+pruivo@users.noreply.github.com> Co-authored-by: Alexander Schwartz <alexander.schwartz@ibm.com>	2025-10-14 11:01:16 +00:00
stianst	aedd7fe5db	Remove unused imports as part of #43233 Signed-off-by: stianst <stianst@gmail.com>	2025-10-13 13:32:01 +02:00
Pedro Igor	d6da849206	Introducing a EMAL_PENDING user attribute to set the email pending verification Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>	2025-09-29 12:41:41 -03:00
Pedro Ruivo	53007546ad	Deprecate AuthenticatedClientSessionModel timestamp Closes #42815 Signed-off-by: Pedro Ruivo <1492066+pruivo@users.noreply.github.com> Signed-off-by: Alexander Schwartz <alexander.schwartz@ibm.com> Co-authored-by: Pedro Ruivo <1492066+pruivo@users.noreply.github.com> Co-authored-by: Alexander Schwartz <alexander.schwartz@ibm.com>	2025-09-29 14:16:39 +00:00
Pedro Igor	6e851ce80e	Only filter default organization related scopes based on dynamic scope format Closes #42877 Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>	2025-09-26 16:28:12 -03:00
Pedro Igor	d65c17ebc7	Do not fail when querying user federation providers and log messages to indicate the problem Closes #42276 Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>	2025-09-24 04:03:13 -03:00
Stian Thorgersen	f9ee040ef0	Add federated subject configuration option to federated-jwt authenticator (#42610 ) Closes #42608 Signed-off-by: stianst <stianst@gmail.com>	2025-09-17 13:39:50 +02:00
Pedro Ruivo	f7ff7e55d8	Replace UUID with composite key for client session cache Closes #42547 Signed-off-by: Pedro Ruivo <1492066+pruivo@users.noreply.github.com> Signed-off-by: Alexander Schwartz <aschwart@redhat.com> Co-authored-by: Pedro Ruivo <1492066+pruivo@users.noreply.github.com> Co-authored-by: Alexander Schwartz <aschwart@redhat.com>	2025-09-17 10:25:51 +00:00
Giuseppe Graziano	fd7f5351ad	Client Authenticator configurable per client Closes #42044 Signed-off-by: Giuseppe Graziano <g.graziano94@gmail.com>	2025-09-16 16:54:39 +02:00
Stian Thorgersen	51465f52a3	Get client by client attribute Closes #42543 Signed-off-by: stianst <stianst@gmail.com>	2025-09-11 12:07:13 +00:00
Pedro Igor	1b17a3c9a6	Add a policy condition based on user roles (#42487 ) Closes #42117 Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>	2025-09-10 03:23:56 +02:00
Pedro Igor	17a053b2af	Add support for generic event-based policies and conditions Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>	2025-09-02 17:45:59 -03:00
Stefan Guilhen	70659ac183	Rework RLM core to schedule action based on events @sguilhen (#42010 ) * Rework RLM core to schedule action based on events Closes #41803 Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com> Signed-off-by: Stefan Guilhen <sguilhen@redhat.com> Co-authored-by: Pedro Igor <pigor.craveiro@gmail.com>	2025-08-20 17:59:52 +00:00
Marek Posolda	dd7ad5b866	Ability to display 'authenticator provider' of the WebAuthn credential (#41615 ) closes #41613 Signed-off-by: mposolda <mposolda@gmail.com> Co-authored-by: Jon Koops <jonkoops@gmail.com> Signed-off-by: Marek Posolda <mposolda@gmail.com>	2025-08-20 11:42:24 +02:00
mposolda	97625173ee	KeycloakSession javadoc should not reference keycloak-server.json closes #41854 Signed-off-by: mposolda <mposolda@gmail.com>	2025-08-15 17:48:22 -03:00
Pedro Igor	3bf46e5421	"linked-accounts" endpoint displays all Identity providers Closes #19732 Signed-off-by: Réda Housni Alaoui <reda-alaoui@hey.com> Co-authored-by: Réda Housni Alaoui <reda-alaoui@hey.com>	2025-08-14 15:21:03 +02:00
Peter Skopek	651d651c30	Add missing artifact descriptions to allow Maven Central Portal Publisher pass validation process. (#40822 ) Signed-off-by: Peter Skopek <pskopek@redhat.com>	2025-08-12 16:50:17 +02:00
vramik	a8225655cf	Initial commit for the RLM feature Closes #40340 Closes #40341 Co-authored-by: Stefan Guilhen <sguilhen@redhat.com> Co-authored-by: Pedro Igor <pigor.craveiro@gmail.com> Signed-off-by: vramik <vramik@redhat.com>	2025-08-11 17:34:41 -03:00
huyenvu2101	5436f9781c	Allow setting default value for userprofile attribute Closes #36160 Signed-off-by: huyenvu2101 <vhuyen2101@gmail.com>	2025-08-06 13:59:54 -03:00
Steven Hawkins	11924e6473	enhance: adding the ability to get the root config from a Scope closes: #36268 Signed-off-by: Steve Hawkins <shawkins@redhat.com>	2025-08-05 18:51:33 +02:00
Pascal Knüppel	f39a37d8d1	[OID4VCI] Move realm attributes to clientScope and protocol-mappers (#39768 ) fixes #39527 Signed-off-by: Pascal Knüppel <pascal.knueppel@governikus.de> Signed-off-by: Captain-P-Goldfish <captain.p.goldfish@gmx.de>	2025-07-10 14:46:36 +02:00
Martin Kanis	5a42390341	Make UPDATE_EMAIL a supported feature Closes #40227 Signed-off-by: Martin Kanis <mkanis@redhat.com>	2025-07-09 10:15:48 -03:00
Pedro Igor	304bcdce88	Do not show update email link if the email attribute is not writable Closes #39669 Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>	2025-06-28 10:19:41 +02:00
Pavuluri Sai Krishna	76ab8bd21d	Implemented validation to ensure each OTP device has a unique label Closes #38465 Signed-off-by: Saikrishna <saikrishnap@optimeyes.ai> Signed-off-by: Alexander Schwartz <aschwart@redhat.com> Co-authored-by: Saikrishna <saikrishnap@optimeyes.ai> Co-authored-by: Alexander Schwartz <aschwart@redhat.com>	2025-06-12 12:08:05 +02:00
Alexander Schwartz	4af3d7cc9d	Redirect requests from outdated theme version to the current theme version Closes #39723 Signed-off-by: Alexander Schwartz <aschwart@redhat.com>	2025-06-11 11:13:55 +02:00
Rutger Lubbers	c9a7a20764	Throw a ProviderConfigPropertyNameNotUniqueException in case of a duplicate ProviderConfigProperty Closes #40233 Signed-off-by: Rutger Lubbers <RutgerLubbers@gmail.com>	2025-06-05 19:47:44 +02:00
Ricardo Martin	41110823c7	Integrate current auth-username-password-form authenticator with passkeys isConditionalMediationAvailable (#38781 ) Closes #29596 Signed-off-by: rmartinc <rmartinc@redhat.com>	2025-06-05 08:53:00 +02:00
Anchels	4fc065aadc	Removed unnecessary boxing/unboxing Closes #39987 Signed-off-by: Anchels <mishtitov@gmail.com>	2025-05-30 13:10:39 +02:00
Giuseppe Graziano	8833c0aa5d	Ignore Accept-Language header for reset email from admin api Closes #36986 Signed-off-by: Giuseppe Graziano <g.graziano94@gmail.com>	2025-05-27 10:14:22 +02:00
Pedro Igor	8f9d02c305	Avoid resolving a client scope if it was requested using the dynamic scope format (#39752 ) Closes #39402 Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>	2025-05-26 16:26:04 +02:00
Erik Jan de Wit	cbd0d18f6a	add description to groups fixes #39172 Signed-off-by: Erik Jan de Wit <erikjan.dewit@gmail.com> Signed-off-by: Alexander Schwartz <aschwart@redhat.com> Co-authored-by: Alexander Schwartz <aschwart@redhat.com>	2025-05-14 06:41:01 -04:00
Pedro Igor	34ad280665	Build user representations when searching based on the user profile settings Closes #39595 Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>	2025-05-14 10:42:25 +02:00
rmartinc	11b032f9cd	Return user session started time when client note is missing for offline Closes #39021 Signed-off-by: rmartinc <rmartinc@redhat.com>	2025-05-06 12:43:18 +02:00
Steven Hawkins	24910d9e1c	addresses slow import/export performance by limiting persistence context size (#37926 ) * fix: addresses slow import/export performance with more batching closes: #37991 Signed-off-by: Steve Hawkins <shawkins@redhat.com> * removing flush/detach manipulation Signed-off-by: Steve Hawkins <shawkins@redhat.com> * refining the doc note about using multiple files for larger user counts Signed-off-by: Steve Hawkins <shawkins@redhat.com> * adding doc note about useExistingSession method removal and expanding javadocs Signed-off-by: Steve Hawkins <shawkins@redhat.com> --------- Signed-off-by: Steve Hawkins <shawkins@redhat.com>	2025-04-29 18:57:45 -04:00
Steven Hawkins	08b5183784	fix: relaxes the admin root redirect check (#39095 ) * fix: relaxes the admin root redirect check also deprecates the usage of local_admin closes: #39085 Signed-off-by: Steve Hawkins <shawkins@redhat.com> * moving deprecation to 26.3 also changing the adminroot test to seem like it's coming from a proxy Signed-off-by: Steve Hawkins <shawkins@redhat.com> --------- Signed-off-by: Steve Hawkins <shawkins@redhat.com>	2025-04-29 11:09:51 -04:00
rmartinc	887c2c2410	Improve metadata for Recovery Codes Closes #39243 Signed-off-by: rmartinc <rmartinc@redhat.com>	2025-04-29 10:23:59 +02:00
mposolda	4e95bde179	Avoid using password policy for configuration of recovery codes warning threshold closes #39214 Signed-off-by: mposolda <mposolda@gmail.com>	2025-04-28 10:06:01 +02:00

1 2 3 4 5 ...

903 Commits