External-Mirrors/keycloak
2
0
Fork 0
mirror of https://github.com/keycloak/keycloak.git synced 2026-01-09 23:12:06 -03:30
Code Issues Packages Projects Releases Wiki Activity
26,566 Commits 26 Branches 288 Tags
Commit Graph

26566 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
github-actions[bot]
ba2566fe5f Set version to 26.0.13 26.0.13 2025-07-15 17:22:26 +00:00
mposolda
f63a870c76 Add option 'Requires short state parameter' to OIDC IDP 
closes #40237

Signed-off-by: mposolda <mposolda@gmail.com>
(cherry picked from commit 274afa88fae0967ab281be93d41ec0ad1e8586cc)
 2025-07-14 08:43:44 +02:00
Ricardo Martin
a404585f47
Remove /etc/system-fips file before executing fips-mode-setup 
Closes #41038


(cherry picked from commit e631ef4f92683b073f9cac9ae0f55ac0a3483187)

Signed-off-by: rmartinc <rmartinc@redhat.com>
 2025-07-10 18:23:52 +02:00
Steven Hawkins
6a6e35bddf
fix: switching to the registry addon for olm testing 
closes: #40099

(cherry picked from commit eb96b4a59f25b0cf0715c21f0b0d8325b4d4c5b9)
(cherry picked from commit 9e6e9e37c4db0d15a22217413de55e1a521a5219)

Signed-off-by: Steve Hawkins <shawkins@redhat.com>
 2025-06-28 10:16:32 +02:00
rmartinc
eab83b40d5 Disable email verification when email manually changed by idp review 
Closes #40446

Signed-off-by: rmartinc <rmartinc@redhat.com>
(cherry picked from commit 86f0a7864f2bdd991d5e24e6844ddabfce0aa6de)
 2025-06-27 16:26:01 +02:00
Ricardo Martin
718505eadb Copy restored maven repo to home folder in Windows 
Closes #40593

Signed-off-by: rmartinc <rmartinc@redhat.com>
 2025-06-26 20:05:21 +02:00
Alexander Schwartz
689265fa94 Removing the Windows optimization as it is currently unstable 
Closs #40583

Signed-off-by: Alexander Schwartz <aschwart@redhat.com>
 2025-06-26 20:05:21 +02:00
Ricardo Martin
0892ba363a
Create the links correctly for the maven repository in windows 
Closes #40339


(cherry picked from commit 6fe14c7044511962195938c7f64d175549c74004)

Signed-off-by: rmartinc <rmartinc@redhat.com>
 2025-06-10 11:01:13 +00:00
Alexander Schwartz
20dcb4f4f7
added DCL pattern implementation for TransformerUtil 
Closes #40030

Signed-off-by: Anchels <mishtitov@gmail.com>
Signed-off-by: Alexander Schwartz <aschwart@redhat.com>
Co-authored-by: Anchels <42744001+Anchels@users.noreply.github.com>
 2025-06-06 10:06:29 -03:00
Martin Bartoš
8cff835c30
Upgrade to Quarkus 3.15.5 (#39842) 
Closes #39839

Signed-off-by: Martin Bartoš <mabartos@redhat.com>
 2025-05-27 15:01:14 +02:00
Pedro Ruivo
28c215a13b
Add example with TCPPING discovery protocol to documentation (#39873) 
Closes #39871

Signed-off-by: Pedro Ruivo <pruivo@redhat.com>
 2025-05-27 10:07:28 +02:00
rmartinc
7ac6096269 Only reuse SMTP authentication data for testing endpoint when the same auth, host, port and user are passed 
Closes #39486

Signed-off-by: rmartinc <rmartinc@redhat.com>
(cherry picked from commit 598154bc5839934569a78d8ee1ec8c1af8fc4142)
 2025-05-22 14:05:56 +02:00
mposolda
0ad29a0844 Fix documentation link to quickstarts to point to 'main' branch instead of 'latest' branch 
closes #39798

Signed-off-by: mposolda <mposolda@gmail.com>
(cherry picked from commit fe2790a09d0e24ea1b22f9d0631ade7d97331672)
 2025-05-19 10:55:22 +02:00
Alexander Schwartz
20d272304b
Lazily process sessions from ISPN to avoid fetching client sessions 
Closes #39638

Signed-off-by: Alexander Schwartz <aschwart@redhat.com>
 2025-05-13 16:54:56 +02:00
Alexander Schwartz
0628eedca1
More eagerly clear references to client sessions from the user session 
Closes #39651

Signed-off-by: Alexander Schwartz <aschwart@redhat.com>
 2025-05-13 16:53:49 +02:00
Alexander Schwartz
21b59abafe
Fix list design (#39601) 
Closes #39600

Signed-off-by: Alexander Schwartz <aschwart@redhat.com>
 2025-05-13 11:43:46 +02:00
Ricardo Martin
2c351a3e7e Disable social links after being clicked (#39031) 
Closes #35278

Signed-off-by: rmartinc <rmartinc@redhat.com>
(cherry picked from commit 3969c40f61040dd100f046856bddaf2e7922df16)
 2025-05-13 09:54:19 +02:00
Pedro Ruivo
1f6851e546
Patch kubernetes stack with port_range=0 
Fixes #39023

Fixes #39454

Signed-off-by: Pedro Ruivo <pruivo@redhat.com>
 2025-05-09 21:46:24 +02:00
rmartinc
a343af90dd Return user session started time when client note is missing for offline 
Closes #39021

Signed-off-by: rmartinc <rmartinc@redhat.com>
(cherry picked from commit 11b032f9cd5b336c1002ccb19e4977b1699f8ffa)
 2025-05-07 11:14:50 +02:00
Michal Hajas
1aa80ab6d1
Fix outdated link to Infinispan docs 
Closes #39225

Signed-off-by: Michal Hajas <mhajas@redhat.com>
 2025-05-05 14:36:01 +02:00
Ricardo Martin
4defcac93f
Partial backport of #34980 to upgrade creaper and https initialization for eap8 and wildfly 
Closes #39319

Signed-off-by: rmartinc <rmartinc@redhat.com>
 2025-04-30 12:50:38 +00:00
Miquel Simon
cb76ceb47b
Added support for Nexus 3 repositories 
Closes #34136


(cherry picked from commit 602604459d13b618c12262c4727f221ebbaa573b)

Signed-off-by: Miquel Simon <msimonma@redhat.com>
 2025-04-30 12:09:25 +00:00
Stian Thorgersen
35b29bb6d2
Adapt fake_fips for kernel 6.11 (#248) 
Closes #39125

Signed-off-by: rmartinc <rmartinc@redhat.com>
Signed-off-by: Alexander Schwartz <aschwart@redhat.com>
Co-authored-by: Ricardo Martin <rmartinc@redhat.com>
Co-authored-by: Alexander Schwartz <alexander.schwartz@gmx.net>
 2025-04-24 14:10:08 +02:00
mposolda
b329e6e79a Make sure Cancel AIA does not remove required action from user 
Signed-off-by: mposolda <mposolda@gmail.com>
(cherry picked from commit 5e0915854348c9cb95519d5d2d04b41ee97605db)
 2025-04-24 11:44:46 +02:00
Steve Hawkins
f835f49065 fix: remove ANY mode modification of truststores 
also note that ANY should not be used in production

closes: CVE-2025-3501

Add a test for the error (#1)

Signed-off-by: Ricardo Martin <rmartinc@redhat.com>

Update docs/guides/server/keycloak-truststore.adoc

Co-authored-by: Marek Posolda <mposolda@gmail.com>
Signed-off-by: Steven Hawkins <shawkins@redhat.com>
 2025-04-24 11:44:33 +02:00
Venelin Cvetkov
4ae7d60784 Add config param disableTypeClaimCheck in order to validate external tokens without typ claim 
Closes #33332

Signed-off-by: Venelin Cvetkov <venelin.tsvetkov@gmail.com>
(cherry picked from commit d388dc79361cd8ba2ace049bd888334faf253552)
 2025-04-17 15:11:25 +02:00
Alexander Schwartz
a2deff172b
Do not terminate persistent sessions worker on exceptions 
Closes #38925

Signed-off-by: Alexander Schwartz <aschwart@redhat.com>
 2025-04-15 13:10:29 +02:00
Martin Bartoš
e2d646ab2c [Docs] Broken link in ExternalLinksTest for importmap 
Closes #38930

Signed-off-by: Martin Bartoš <mabartos@redhat.com>
 2025-04-15 11:08:32 +02:00
Alexander Schwartz
a07561b64e
Sorting the chapters of the HA guide (#38834) 
Closes #38721

Signed-off-by: Alexander Schwartz <aschwart@redhat.com>
 2025-04-15 10:28:40 +02:00
Ricardo Martin
8ca108df23
Add chrome install action in GHA to force a specific version of chrome 
Closes #38817

Signed-off-by: rmartinc <rmartinc@redhat.com>
(cherry picked from commit 4c319aa3fa703054602e347a834f3183b18cfb9a)
 2025-04-14 20:44:30 +02:00
rmartinc
2a845aa2b5 Migrate old recaptcha secret name when used 
Closes #38607

Signed-off-by: rmartinc <rmartinc@redhat.com>
(cherry picked from commit ba91a092ab6a8266a89be254405d3a6d64dcce85)
 2025-04-09 13:56:19 +02:00
Pedro Igor
2caf4ba4aa
Added condition to check offlineSessionMaxLifespanEnabled on clearing 
Closes #38063

Signed-off-by: Saravana <saravanakumar.a@kobil.com>
Co-authored-by: saravanaarh <127546533+saravanaarh@users.noreply.github.com>
Co-authored-by: Saravana <saravanakumar.a@kobil.com>
 2025-04-08 16:29:58 +00:00
Alexander Schwartz
b62e2f3e8e
Set the mail.from to avoid looking up the local hostname 
Closes #38353

Signed-off-by: Alexander Schwartz <aschwart@redhat.com>
 2025-04-03 11:53:38 -03:00
rmartinc
154206c5f3 Define a max expiration window for Signed JWT client authentication 
Closes #38576

Signed-off-by: rmartinc <rmartinc@redhat.com>
(cherry picked from commit a10c8119d4452b866b90a9019b2cc159919276ca)
 2025-04-03 13:24:12 +02:00
Václav Muzikář
4f08adc65d
Upgrade to Quarkus 3.15.4 (#38410) 
Closes #38409
Closes #36482

Signed-off-by: Václav Muzikář <vmuzikar@redhat.com>
 2025-03-25 11:15:52 -03:00
Alexander Schwartz
415f6c89e7
Upgrade to Infinispan 15.0.14 (#38219) 
Closes #37711



Upgrade to latest JGroups patch version to resolve thread pinning

Closes #37285



Upgrade to Infinispan 15.0.13.Final

Closes #37253



Upgrade Infinispan to 15.0.12.Final

Closes #36686

Signed-off-by: Pedro Ruivo <pruivo@redhat.com>
Co-authored-by: Pedro Ruivo <pruivo@redhat.com>
 2025-03-24 09:41:31 +01:00
Ricardo Martin
2adeab3c44
Use clickLink and upgrade arquillian/selenium for chrome 134 (26.0) 
* Use clickLink and upgrade arquillian/selenium for chrome 134
Closes #38041

Signed-off-by: rmartinc <rmartinc@redhat.com>
(cherry picked from commit 4ff2c473ef9a003e53a0752e7d84f42a0c310d6a)

* Update dependency

Signed-off-by: mposolda <mposolda@gmail.com>

* Fix AppInitiatedActionWebAuthnTest compilation

Signed-off-by: mposolda <mposolda@gmail.com>

* More changes in Forms IT for chrome 134 issues in branch 26.0

Signed-off-by: rmartinc <rmartinc@redhat.com>

---------

Signed-off-by: mposolda <mposolda@gmail.com>
Signed-off-by: rmartinc <rmartinc@redhat.com>
Co-authored-by: mposolda <mposolda@gmail.com>
 2025-03-22 15:45:02 +01:00
Alexander Schwartz
fbf1ad2241
Allow a token to be revoked twice 
Closes #37621

Signed-off-by: Alexander Schwartz <aschwart@redhat.com>
 2025-03-05 08:22:14 +01:00
Václav Muzikář
9bf74725df
Upgrade to Quarkus 3.15.3.1 
Closes #37683

Signed-off-by: Václav Muzikář <vmuzikar@redhat.com>
 2025-02-28 10:29:56 +01:00
Marek Posolda
f62acdaa42
Password policies like NoUsername should compare in case-insensitive way 
closes #37431

Signed-off-by: mposolda <mposolda@gmail.com>
(cherry picked from commit 2bcd2dbe74ac038c1b56b51b49087a9818541f2a)
 2025-02-18 13:54:01 +00:00
Jon Koops
8ae5205ae3
Fix broken external link in Gitlab IdP docs (#37435) (#37438) 
Closes #37434

Signed-off-by: Jon Koops <jonkoops@gmail.com>
(cherry picked from commit 3ccc88628fedd60a2b76aadaf0371d6317e53ad7)
 2025-02-18 11:32:48 +00:00
Bruno Oliveira da Silva
3cd5b13df0
CVE-2024-47072 - XStream is vulnerable to a Denial of Service attack due to stack overflow from a manipulated binary input stream [26] 
Closes #37360

Signed-off-by: Bruno Oliveira da Silva <bruno@abstractj.com>
 2025-02-14 16:19:03 +00:00
Pedro Igor
44f18467d5
Only set organization to client session when re-authenticating if user is member of the mapped organization 
Closes #37169

Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>
 2025-02-14 15:38:22 +00:00
Bruno Oliveira da Silva
9bd12dcacd
Trivy workflow is not reporting issues on other branches [26.0] (#37342) 
Trivy workflow is not reporting issues on other branches

Closes #37331

Co-authored-by: Jon Koops <jonkoops@gmail.com>
Signed-off-by: Bruno Oliveira da Silva <bruno@abstractj.com>
 2025-02-14 10:26:08 -03:00
Ricardo Martin
6257cc444e
Show error message only in the username field for the login.ftl (#37350) 
Closes #37229

Signed-off-by: rmartinc <rmartinc@redhat.com>
(cherry picked from commit a121418fe7d247e4e416b45ad79f256c0b24e7b1)
 2025-02-14 12:18:58 +01:00
Bruno Oliveira da Silva
e2f2bb4ba3 Revert "Move Snyk reports from GitHub Security tab to GitHub issues" 
This reverts commit 65a96757bd8a0ca46f536198ab8ac7fec6494aaf.

Signed-off-by: Bruno Oliveira da Silva <bruno@abstractj.com>
 2025-02-13 22:36:48 -03:00
Ricardo Martin
707a556828
Force login in reset-credentials to federated users 
Closes #37207

Signed-off-by: rmartinc <rmartinc@redhat.com>
(cherry picked from commit 6850f410605d79ea1fa98ea20774056e3a210217)
 2025-02-13 08:31:06 +00:00
Yoshikazu Nojima
ace9068f35
Add Network Ports section for Keycloak < 26.1 
Closes #37160

Signed-off-by: Yoshikazu Nojima <mail@ynojima.net>
Signed-off-by: Alexander Schwartz <aschwart@redhat.com>
Signed-off-by: Alexander Schwartz <alexander.schwartz@gmx.net>
Co-authored-by: Alexander Schwartz <aschwart@redhat.com>
Co-authored-by: Alexander Schwartz <alexander.schwartz@gmx.net>
Co-authored-by: andymunro <48995441+andymunro@users.noreply.github.com>
 2025-02-11 15:00:16 +01:00
Martin Bartoš
c5a7155216
Invalid migration export for empty database 
Fixes #32535

Signed-off-by: Martin Bartoš <mabartos@redhat.com>
 2025-02-11 13:23:39 +01:00
Alexander Schwartz
45d16b1c09 Commit proto.lock changes (only needed in release branches) 
Closs #36919

Signed-off-by: Alexander Schwartz <aschwart@redhat.com>
 2025-02-06 08:41:29 -03:00