UNIX.dog
/
keycloak
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
21,676 Commits 1 Branch 0 Tags 434 MiB
Commit Graph

258 Commits

Author SHA1 Message Date
mposolda 709c6b5a47 Regressions in redirect URL verification when redirect_uri has encoded path or default port 
closes #16851
closes #16587
 2023-03-30 14:20:10 +02:00
Konstantinos Georgilakis fd28cd2d4b Service Accounts Client must create the Client ID mapper with Token Claim Name as client_id 
closes #16329
 2023-03-23 11:45:34 +01:00
Jon Koops 972ebb9650
Use a valid SemVer format for the SNAPSHOT version (#17334) 
* Use a valid SemVer format for the SNAPSHOT version

* Update pom.xml

* Update pom.xml

---------

Co-authored-by: Stian Thorgersen <stianst@gmail.com>
Co-authored-by: Stian Thorgersen <stian@redhat.com>
 2023-03-03 11:11:44 +01:00
Cameron James b4050b9fa8
Fix configuration for disabled features throwing errors with disabled dependencies (#17323) 
Closes #17322
 2023-03-02 09:29:08 +01:00
Pedro Igor fbf5541802 Remove duplicated set-cookie header from response when expiring cookies 
Closes #17192
 2023-02-27 14:17:27 -03:00
rmartinc f91ac2970d
Polish fips-mode switch for preview (#17228) 
* Polish fips-mode switch for preview
Closes #17208 #17210 


Co-authored-by: mposolda <mposolda@gmail.com>
 2023-02-22 12:12:52 +01:00
mposolda 4f068fcdcc Make https-trust-store-type set to bcfks by default in strict-mode 
Closes #17119
 2023-02-16 08:00:21 -03:00
rmartinc 5b626231d9 Doublecheck if real FIPS host available in GH actions 
Closes https://github.com/keycloak/keycloak/issues/15069
 2023-02-10 11:56:35 +01:00
Stian Thorgersen 4782a85166
Remove old admin console feature (#16861) 
* Remove old admin console feature

Closes #16860

* Update help txt files for Quarkus tests
 2023-02-07 12:59:35 +01:00
Marek Posolda 33ff9ef17e
Fix remaining failing tests with BCFIPS approved mode (#16699) 
* Fix remaining failing tests with BCFIPS approved mode
Closes #16698
 2023-01-30 16:01:57 +01:00
Khvatov-Alexey a4c78a05d2
Descriptor file release (#16659) 
Closes #16657

Co-authored-by: Khvatov-Alexey <Khvatov-Alexey>
 2023-01-27 10:29:42 +00:00
mposolda a804400c84 Added KERBEROS feature. Disable it when running tests on FIPS 
closes #14966
 2023-01-25 18:38:46 +01:00
mposolda 16888eaeab Only available RSA key sizes should be shown in admin console 
Closes #16437
 2023-01-25 13:15:07 +01:00
Michal Hajas 6566b58be1 Introduce Infinispan GlobalLock implementation 
Closes #14721
 2023-01-05 16:58:44 +01:00
Hynek Mlnarik 071fc03f41 Move transaction processing into session close 
Fixes: #15223
 2023-01-05 16:12:32 +01:00
stianst 1de9c201c6 Refactor Profile 
Closes #15206
 2022-11-07 07:28:11 -03:00
Marek Posolda c0c0d3a6ba
Short passwords with PBKDF2 mode working (#14437) 
* Short passwords with PBKDF2 mode working
Closes #14314

* Add config option to Pbkdf2 provider to control max padding

* Update according to PR review - more testing for padding and for non-fips mode
 2022-11-06 14:49:50 +01:00
Marek Posolda f616495b05
Fixing UserFederationLdapConnectionTest,LDAPUserLoginTest to work with FIPS (#15299) 
closes #14965
 2022-11-03 16:35:57 +01:00
mposolda 55c514ad56 More flexibility in keystore related tests, Make keycloak to notify which keystore types it supports, Support for BCFKS 
Closes #14964
 2022-10-24 08:36:37 +02:00
Stian Thorgersen 97ae90de88
Remove Red Hat Single Sign-On product profile from upstream (#14697) 
* Remove Red Hat Single Sign-On product profile from upstream

Closes #14916

* review suggestions: Remove Red Hat Single Sign-On product profile from upstream

Closes #14916

Co-authored-by: Peter Skopek <pskopek@redhat.com>
 2022-10-18 14:43:04 +02:00
Marek Posolda 0756ef9a75
Initial integration tests with BCFIPS distribution (#14895) 
Closes #14886
 2022-10-17 23:33:22 +02:00
Martin Bartoš 7311e12066 Add features options to Keycloak CR 
Closes #14376
 2022-10-11 15:07:44 +02:00
Stian Thorgersen fda26385ec
Add profile feature for hosting keycloak.js on the server (#14771) 
* Add profile feature for hosting keycloak.js on the server

Closes #14770

* Updated txt files for HelpCommandTest
 2022-10-10 08:00:50 +02:00
Marek Posolda c59660ca86
KEYCLOAK_SESSION not working for some user federation setups when user ID has special chars (#14560) 
closes #14354
 2022-10-05 08:59:30 +02:00
David Anderson a8db79a68c
Introduce crypto module using Wildfly Elytron (#14415) 
Closes #12702
 2022-09-27 08:53:46 +02:00
Hisanobu Okuda 53635e3317 KEYCLOAK-19132 SAML adapter config replacement with environment variables 
Co-authored-by: Martin Bartoš <mabartos@redhat.com>
 2022-09-23 13:15:16 +02:00
Pedro Igor 00e4c3567a Make it possible to switch between BC and BC-FIPS libraries 
Closes #12424
 2022-09-23 07:50:02 -03:00
Thomas Darimont 962a685b7b KEYCLOAK-15773 Control availability of admin api and admin-console via feature flags 
Inline profile checks for enabled admin-console to avoid issues during
static initialization with quarkus.

Potentially Re-enable admin-api feature if admin-console is enabled
via the admin/admin2 feature flag.

Add legacy admin console as deprecated feature flag
Throw exception if admin-api feature is disabled but admin-console is enabled

Adapt ProfileTest

Consider adminConsoleEnabled flag in QuarkusWelcomeResource
Fix check for Admin-Console / Admin-API feature dependency.

Add new features to approved help output files

Co-authored-by: Stian Thorgersen <stian@redhat.com>
Signed-off-by: Thomas Darimont <thomas.darimont@googlemail.com>
 2022-09-09 18:18:51 -03:00
Marek Posolda 19daf2b375
Not possible to login in FIPS enabled RHEL 8.6. Support for parsing PEM private keys in BCFIPS module in both traditional and PKCS8 format (#14008) 
Closes #13994
 2022-08-30 22:33:12 +02:00
David Anderson ce1331f550
Remove bouncycastle dependency from keycloak-services (#13489) 
Closes #12857


Co-authored-by: mposolda <mposolda@gmail.com>
 2022-08-22 15:43:59 +02:00
Marek Posolda 7e925bfbff
Unit tests in "crypto/fips1402" passing on RHEL 8.6 with BC FIPS approved mode. Cleanup (#13406) 
Closes #13128
 2022-07-29 18:03:56 +02:00
Stian Thorgersen ae33af92d9
Promote new admin console to default (#13243) 
Closes #13242
 2022-07-27 10:13:49 +02:00
Marek Posolda 4e4fc16617
Skip adding xmlsec security provider. Adding KeycloakFipsSecurityProvider to workaround 'Security.getInstance("SHA1PRNG")' (#12786) 
Closes #12425 #12853
 2022-07-26 16:40:36 +02:00
David Anderson ee0c67c0c8
Remove BC dependancy from keycloak-core (#13235) 
Closes #12856
 2022-07-23 12:07:16 +02:00
Stian Thorgersen a251d785db
Remove text based login flows (#13249) 
* Remove text based login flows

Closes #8752

* Add display param back in case it's used by some custom authenticators
 2022-07-22 15:15:25 +02:00
David Anderson 8ce10df6da
Extract BC from keycloak-common (#13064) 
Closes #12855
 2022-07-16 09:36:07 +02:00
Marcelo Daniel Silva Sales f7a80409a9
Add flow to generate secret length based on signature algorithm (#13107) 
Closes #9376
 2022-07-15 11:06:07 +02:00
Pedro Igor 605b51890e Enables the new store and the concurrenthashmap provider 
Closes #12651
 2022-06-30 10:55:22 -03:00
Clara Fang 4643fd09e3 Replace occurrences of getParameterTypes().length and getParameters().length with getParameterCount() 
This should reduce GC pressure.

Closes #12644
 2022-06-29 08:53:09 +02:00
Marek Posolda be1e31dc68
Introduce crypto/default module. Refactoring BouncyIntegration (#12692) 
Closes #12625
 2022-06-29 07:17:09 +02:00
rmartinc 711440e513 [#11036] Identity Providers: Add support for elliptic curve signatures (ES256/ES384/ES512) using JWKS URL 2022-06-21 10:52:25 -03:00
Alexander Schwartz 850af55edc Ensure that only JDK 8 APIs are used where JDK 8 is still required. 
Closes #10842
 2022-06-20 14:44:33 -03:00
Marek Posolda e856a62fb2
Make CertificateUtils class to work with both fips and non-fips (#12499) 
Closes #12498
 2022-06-15 09:39:03 +02:00
Stian Thorgersen e49e8335e0
Refactor BouncyIntegration (#12244) 
Closes #12243
 2022-06-07 09:02:00 +02:00
Réda Housni Alaoui 5d87cdf1c6
KEYCLOAK-6455 Ability to require email to be verified before changing (#7943) 
Closes #11875
 2022-05-09 18:52:22 +02:00
Stian Thorgersen e3f3e65ac5
Remove JDK7 support for adapters (#11607) 
Closes #11606
 2022-04-27 08:33:23 +02:00
Pedro Igor 2cb5d8d972
Removing upload scripts feature (#11117) 
Closes #9865

Co-authored-by: Michal Hajas <mhajas@redhat.com>

Co-authored-by: Michal Hajas <mhajas@redhat.com>
 2022-04-20 14:25:16 +02:00
Stian Thorgersen 96419e7c20
Graduate new Admin Console to preview (#11165) 
Closes #11000
 2022-04-07 13:16:37 +02:00
Alexander Schwartz fb92b95c33 Revert from getParameterCount() to getParameterTypes().length to be Java 1.7 compatible. 
This reverts commit bc27c7c464.

Closes #10840
 2022-03-22 10:23:25 +01:00
keycloak-bot c71aa8b711
Set version to 999-SNAPSHOT (#10784) 2022-03-22 09:22:48 +01:00