keycloak

mirror of https://github.com/keycloak/keycloak.git synced 2026-01-09 23:12:06 -03:30

Author	SHA1	Message	Date
Pedro Ruivo	f7ff7e55d8	Replace UUID with composite key for client session cache Closes #42547 Signed-off-by: Pedro Ruivo <1492066+pruivo@users.noreply.github.com> Signed-off-by: Alexander Schwartz <aschwart@redhat.com> Co-authored-by: Pedro Ruivo <1492066+pruivo@users.noreply.github.com> Co-authored-by: Alexander Schwartz <aschwart@redhat.com>	2025-09-17 10:25:51 +00:00
Giuseppe Graziano	fd7f5351ad	Client Authenticator configurable per client Closes #42044 Signed-off-by: Giuseppe Graziano <g.graziano94@gmail.com>	2025-09-16 16:54:39 +02:00
Stian Thorgersen	51465f52a3	Get client by client attribute Closes #42543 Signed-off-by: stianst <stianst@gmail.com>	2025-09-11 12:07:13 +00:00
Pedro Igor	1b17a3c9a6	Add a policy condition based on user roles (#42487 ) Closes #42117 Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>	2025-09-10 03:23:56 +02:00
Pedro Igor	17a053b2af	Add support for generic event-based policies and conditions Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>	2025-09-02 17:45:59 -03:00
Stefan Guilhen	70659ac183	Rework RLM core to schedule action based on events @sguilhen (#42010 ) * Rework RLM core to schedule action based on events Closes #41803 Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com> Signed-off-by: Stefan Guilhen <sguilhen@redhat.com> Co-authored-by: Pedro Igor <pigor.craveiro@gmail.com>	2025-08-20 17:59:52 +00:00
Marek Posolda	dd7ad5b866	Ability to display 'authenticator provider' of the WebAuthn credential (#41615 ) closes #41613 Signed-off-by: mposolda <mposolda@gmail.com> Co-authored-by: Jon Koops <jonkoops@gmail.com> Signed-off-by: Marek Posolda <mposolda@gmail.com>	2025-08-20 11:42:24 +02:00
mposolda	97625173ee	KeycloakSession javadoc should not reference keycloak-server.json closes #41854 Signed-off-by: mposolda <mposolda@gmail.com>	2025-08-15 17:48:22 -03:00
Pedro Igor	3bf46e5421	"linked-accounts" endpoint displays all Identity providers Closes #19732 Signed-off-by: Réda Housni Alaoui <reda-alaoui@hey.com> Co-authored-by: Réda Housni Alaoui <reda-alaoui@hey.com>	2025-08-14 15:21:03 +02:00
Peter Skopek	651d651c30	Add missing artifact descriptions to allow Maven Central Portal Publisher pass validation process. (#40822 ) Signed-off-by: Peter Skopek <pskopek@redhat.com>	2025-08-12 16:50:17 +02:00
vramik	a8225655cf	Initial commit for the RLM feature Closes #40340 Closes #40341 Co-authored-by: Stefan Guilhen <sguilhen@redhat.com> Co-authored-by: Pedro Igor <pigor.craveiro@gmail.com> Signed-off-by: vramik <vramik@redhat.com>	2025-08-11 17:34:41 -03:00
huyenvu2101	5436f9781c	Allow setting default value for userprofile attribute Closes #36160 Signed-off-by: huyenvu2101 <vhuyen2101@gmail.com>	2025-08-06 13:59:54 -03:00
Steven Hawkins	11924e6473	enhance: adding the ability to get the root config from a Scope closes: #36268 Signed-off-by: Steve Hawkins <shawkins@redhat.com>	2025-08-05 18:51:33 +02:00
Pascal Knüppel	f39a37d8d1	[OID4VCI] Move realm attributes to clientScope and protocol-mappers (#39768 ) fixes #39527 Signed-off-by: Pascal Knüppel <pascal.knueppel@governikus.de> Signed-off-by: Captain-P-Goldfish <captain.p.goldfish@gmx.de>	2025-07-10 14:46:36 +02:00
Martin Kanis	5a42390341	Make UPDATE_EMAIL a supported feature Closes #40227 Signed-off-by: Martin Kanis <mkanis@redhat.com>	2025-07-09 10:15:48 -03:00
Pedro Igor	304bcdce88	Do not show update email link if the email attribute is not writable Closes #39669 Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>	2025-06-28 10:19:41 +02:00
Pavuluri Sai Krishna	76ab8bd21d	Implemented validation to ensure each OTP device has a unique label Closes #38465 Signed-off-by: Saikrishna <saikrishnap@optimeyes.ai> Signed-off-by: Alexander Schwartz <aschwart@redhat.com> Co-authored-by: Saikrishna <saikrishnap@optimeyes.ai> Co-authored-by: Alexander Schwartz <aschwart@redhat.com>	2025-06-12 12:08:05 +02:00
Alexander Schwartz	4af3d7cc9d	Redirect requests from outdated theme version to the current theme version Closes #39723 Signed-off-by: Alexander Schwartz <aschwart@redhat.com>	2025-06-11 11:13:55 +02:00
Rutger Lubbers	c9a7a20764	Throw a ProviderConfigPropertyNameNotUniqueException in case of a duplicate ProviderConfigProperty Closes #40233 Signed-off-by: Rutger Lubbers <RutgerLubbers@gmail.com>	2025-06-05 19:47:44 +02:00
Ricardo Martin	41110823c7	Integrate current auth-username-password-form authenticator with passkeys isConditionalMediationAvailable (#38781 ) Closes #29596 Signed-off-by: rmartinc <rmartinc@redhat.com>	2025-06-05 08:53:00 +02:00
Anchels	4fc065aadc	Removed unnecessary boxing/unboxing Closes #39987 Signed-off-by: Anchels <mishtitov@gmail.com>	2025-05-30 13:10:39 +02:00
Giuseppe Graziano	8833c0aa5d	Ignore Accept-Language header for reset email from admin api Closes #36986 Signed-off-by: Giuseppe Graziano <g.graziano94@gmail.com>	2025-05-27 10:14:22 +02:00
Pedro Igor	8f9d02c305	Avoid resolving a client scope if it was requested using the dynamic scope format (#39752 ) Closes #39402 Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>	2025-05-26 16:26:04 +02:00
Erik Jan de Wit	cbd0d18f6a	add description to groups fixes #39172 Signed-off-by: Erik Jan de Wit <erikjan.dewit@gmail.com> Signed-off-by: Alexander Schwartz <aschwart@redhat.com> Co-authored-by: Alexander Schwartz <aschwart@redhat.com>	2025-05-14 06:41:01 -04:00
Pedro Igor	34ad280665	Build user representations when searching based on the user profile settings Closes #39595 Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>	2025-05-14 10:42:25 +02:00
rmartinc	11b032f9cd	Return user session started time when client note is missing for offline Closes #39021 Signed-off-by: rmartinc <rmartinc@redhat.com>	2025-05-06 12:43:18 +02:00
Steven Hawkins	24910d9e1c	addresses slow import/export performance by limiting persistence context size (#37926 ) * fix: addresses slow import/export performance with more batching closes: #37991 Signed-off-by: Steve Hawkins <shawkins@redhat.com> * removing flush/detach manipulation Signed-off-by: Steve Hawkins <shawkins@redhat.com> * refining the doc note about using multiple files for larger user counts Signed-off-by: Steve Hawkins <shawkins@redhat.com> * adding doc note about useExistingSession method removal and expanding javadocs Signed-off-by: Steve Hawkins <shawkins@redhat.com> --------- Signed-off-by: Steve Hawkins <shawkins@redhat.com>	2025-04-29 18:57:45 -04:00
Steven Hawkins	08b5183784	fix: relaxes the admin root redirect check (#39095 ) * fix: relaxes the admin root redirect check also deprecates the usage of local_admin closes: #39085 Signed-off-by: Steve Hawkins <shawkins@redhat.com> * moving deprecation to 26.3 also changing the adminroot test to seem like it's coming from a proxy Signed-off-by: Steve Hawkins <shawkins@redhat.com> --------- Signed-off-by: Steve Hawkins <shawkins@redhat.com>	2025-04-29 11:09:51 -04:00
rmartinc	887c2c2410	Improve metadata for Recovery Codes Closes #39243 Signed-off-by: rmartinc <rmartinc@redhat.com>	2025-04-29 10:23:59 +02:00
mposolda	4e95bde179	Avoid using password policy for configuration of recovery codes warning threshold closes #39214 Signed-off-by: mposolda <mposolda@gmail.com>	2025-04-28 10:06:01 +02:00
Marek Posolda	237d0553ae	Polishing recovery codes closes #39213 Signed-off-by: mposolda <mposolda@gmail.com>	2025-04-25 16:01:10 +02:00
Garth	2c06078484	Added ThemeManagerSpi and ported DefaultThemeManagerFactory to use it. Closes #38433. Signed-off-by: Garth <244253+xgp@users.noreply.github.com> Moved ThemeManagerSpi and ThemeManagerFactory to server-spi-private. Marked internal. Added to org.keycloak.provider.Spi file Signed-off-by: Garth <244253+xgp@users.noreply.github.com>	2025-04-25 09:35:10 +02:00
Michal Hajas	4dc4de7c12	Remove CACHE-EMBEDDED-REMOTE-STORE experimental feature Closes #34160 Signed-off-by: Michal Hajas <mhajas@redhat.com>	2025-04-16 12:01:55 +00:00
Peter Tóth	c6e1878087	Add organizations count endpoint Closes #38262 Signed-off-by: Péter Tóth <tothp@sztaki.hu>	2025-04-14 19:44:44 +00:00
Stefan Guilhen	a4ca92ab4d	Validate realm name for uniqueness before creating a new realm in the DB Signed-off-by: Stefan Guilhen <sguilhen@redhat.com> Closes #38426	2025-04-07 08:49:42 -04:00
Stefan Guilhen	c4c3e2eee6	Allow redirection to idp when user email matches any of the org domains Signed-off-by: Stefan Guilhen <sguilhen@redhat.com> Co-authored-by: Martin Panzer <martin.panzer@active-logistics.com> Closes #33804	2025-04-04 11:28:04 -03:00
rtufisi	134437a5a7	Create recovery keys in user storage or local (#38446 ) closes #38445 Signed-off-by: rtufisi <rtufisi@phasetwo.io>	2025-04-03 10:09:48 +02:00
Steven Hawkins	06e0885f46	fix: adds back reporting of non-ip client addresses (#37797 ) closes: #36843 Signed-off-by: Steve Hawkins <shawkins@redhat.com> # Conflicts: # services/src/main/java/org/keycloak/protocol/oidc/tokenexchange/AbstractTokenExchangeProvider.java # services/src/main/java/org/keycloak/protocol/oidc/tokenexchange/StandardTokenExchangeProvider.java	2025-03-27 19:33:20 +00:00
Sebastian Rose	4fb1c41155	Sending Mails via SMTP and XOAUTH2 authentication mechanism Closes #17432 Signed-off-by: Sebastian Rose <sebastian.rose@gmail.com>	2025-03-21 10:12:18 +01:00
Pedro Igor	a4000575a4	Initial support for partial evaluation Closes #38085 Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>	2025-03-19 13:30:52 -03:00
Steven Hawkins	d9c3511fa5	fix: adding a check if the proxy is trusted prior to using a cert header (#37465 ) closes: #35861 Signed-off-by: Steve Hawkins <shawkins@redhat.com> Signed-off-by: Steven Hawkins <shawkins@redhat.com>	2025-03-12 11:21:33 +01:00
Marek Posolda	92c96033f2	Session type incorrectly set in access-token context when token created with scope=offline_access (#37701 ) closes #37694 Signed-off-by: mposolda <mposolda@gmail.com>	2025-02-27 15:53:23 +01:00
Giuseppe Graziano	fd3a4a3377	Support client policies for token exchange Closes #37122 Signed-off-by: Giuseppe Graziano <g.graziano94@gmail.com>	2025-02-25 14:25:55 +01:00
Pedro Igor	1cb7a4736c	Slow query when checking if a realm has brokers and brokering is enabled Closes #37062 Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com> Co-authored-by: Alexander Schwartz <alexander.schwartz@gmx.net>	2025-02-05 13:49:32 +00:00
Pedro Igor	602df06191	Allows querying credential from user storage providers Closes #35020 Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>	2025-02-05 07:56:05 -03:00
rmartinc	25953f2fbb	Add option to sign the IdP metadata for SAML Closes #34132 Signed-off-by: rmartinc <rmartinc@redhat.com>	2025-01-15 11:50:26 +01:00
Michal Hajas	3839f8e3b5	Add metric for password validations (#36049 ) Closes #36048 Signed-off-by: Michal Hajas <mhajas@redhat.com> Signed-off-by: Alexander Schwartz <aschwart@redhat.com> Co-authored-by: Alexander Schwartz <aschwart@redhat.com>	2025-01-07 10:05:47 +01:00
rmartinc	e7e6185175	Fix expires_in in internal to external token exchange Closes #35704 Signed-off-by: rmartinc <rmartinc@redhat.com>	2024-12-18 09:08:19 +01:00
Thomas Darimont	368c1f5a76	Add ProviderConfigProperty types for numeric values Fixes #29511 Signed-off-by: Thomas Darimont <thomas.darimont@googlemail.com>	2024-12-16 14:53:06 +01:00
vramik	044807f162	[FGAP] Create new internal client which would hold the authorization objects for feature V2 Closes #34565 Signed-off-by: vramik <vramik@redhat.com>	2024-12-05 11:56:13 -03:00

1 2 3 4 5 ...

883 Commits