14a369a8cc
Added LegacySessionSupport SPI
...
While some methods around onCache() are still called from the legacy code, all other methods log a warning with a stacktrace.
2022-06-21 08:53:06 +02:00
6f287e7ded
Avoid using methods on UserCredentialStoreManager
2022-06-21 08:53:06 +02:00
bc8fd21dc6
SingleUserCredentialManager moving in
...
- UserStorageManager now handles authentication for old Kerberos+LDAP style
- new getUserByCredential method in MapUserProvider would eventually do the same.
2022-06-21 08:53:06 +02:00
82094d113e
Move User Storage SPI, introduce ExportImportManager
2022-06-21 08:53:06 +02:00
703e868a51
Preparation for moving User Storage SPI
...
- Introduction of new AdminRealmResource SPI
- Moving handler of /realm/{realm}/user-storage into model/legacy-service
- session.users() and userStorageManager() moved refers legacy module
IMPORTANT: Broken as UserStorageSyncManager is not yet moved
2022-06-21 08:53:06 +02:00
36f76a37ad
Move realms, clients, groups, roles, clientscopes into legacy module
...
- Introduces Datastore SPI for isolating data store methods
- Introduces implementation of the datastore for legacy storage
- Updates DefaultKeycloakSession to leverage Datastore SPI instead
of direct creating of area providers by the session
2022-06-21 08:53:06 +02:00
247ff52187
Introduce legacy datastore module and update dependencies
2022-06-21 08:53:06 +02:00
0719d3e49b
Remove EXPIRATION fields and add expired entities filtering to all queries automatically
...
Closes #12563
2022-06-20 21:45:32 +02:00
22f9b0fee3
Unify expiration handling for SingleUseObjects
...
Closes #12205
2022-06-20 21:45:32 +02:00
781183e551
Enable indexing for ResourceServerEntity
...
Closes #12533
2022-06-20 10:17:19 +02:00
1b3a76d0af
Do not persist client sessions of transient user sessions
...
Closes #12357
2022-06-15 10:54:23 +02:00
df41f233d5
Introduce unique index for enums stored by storages
...
Closes #12277
2022-06-15 09:12:10 +02:00
361a813d81
Keep a list of model instances in the JPA map session.
...
This allows removing them from the persistence context on bulk delete.
Closes #12384
2022-06-09 12:39:04 -03:00
df72cf72f2
Hot Rod map storage: Single-use (action token) no-downtime store
2022-06-06 16:01:18 +02:00
5332a7d435
Issue #9194 : Client authentication fails when using signed JWT, if the JWA signing algorithm is not RS256
2022-06-06 12:07:09 +02:00
c31d37ddf1
Each JpaRootEntity should have its own current schema version
...
Closes #12272
2022-06-02 17:16:34 +02:00
09c0a69a8f
Add HotRod no downtime store for events
...
Closes #9676
2022-06-02 13:30:19 +02:00
75754eca6b
Extract timestamp from Expirable entity
2022-06-01 13:03:31 +02:00
be28e866b9
JPA map storage: Authorization services no-downtime store
...
Closes #9669
2022-05-30 21:05:34 +02:00
9b36ea0269
Add cascade removal of client session on user session removal for HotRod
...
Closes #12096
2022-05-30 09:58:54 +02:00
1a98765fb7
Fix cascade removal of client session on user session removal for CHM
...
Closes #12146
2022-05-30 09:58:54 +02:00
063960aaa3
Deferred indexes are not available on CockroachDB, therefore, only use them on PostgreSQL
...
Closes #12176
2022-05-27 08:51:20 -03:00
eed944292b
Make script providers working on JDK 17 ( #11322 )
...
Closes #9945
2022-05-27 12:28:50 +02:00
bc59fad85b
Unify way how expirable entities are handled in the new store
...
Closes #11947
2022-05-26 13:17:27 +02:00
0cb3c95ed5
Map storage: Single-use objects (action token)
2022-05-25 16:47:10 +02:00
26c87af9f4
Avoiding unnecessary roundtrips to the database when evaluating permissions
...
Closes #12148
Co-authored-by: Vlasta Ramik <vramik@users.noreply.github.com>
2022-05-25 12:23:15 +02:00
ad3da7f5e4
JPA map storage: disable failing on unknown properties when deserializing the object
...
Closes #12173
2022-05-25 09:31:40 +02:00
24171d2e47
Rename providers from jpa-map-storage to jpa
...
Closes #12098
2022-05-23 16:47:51 +02:00
0c3aa597f9
JPA map storage: test failures after cache was disabled
...
Closes #12118
2022-05-23 13:01:30 +02:00
d1a92680f5
Optimize querying sub-groups of groups
...
Closes #12080
2022-05-19 14:46:53 +02:00
0e9f2badff
Make all fields in HotRod store optional
2022-05-18 20:50:47 +02:00
1a95a58893
Graceful handling if composite roles have been removed concurrently.
...
Closes #12003
2022-05-17 13:29:15 +02:00
0bda7e6038
Introduce map event store with CHM implementation
...
Closes #11189
2022-05-17 12:57:35 +02:00
e1eb9d6d64
Replace equals with == when comparing SearchableFields in Jpa*ModelCriteriaBuilder and Ldap*ModelCriteriaBuilder
...
Closes #11843
2022-05-16 21:51:38 +02:00
b86f205cda
Make KeycloakServer runnable with external Infinispan server
...
Closes #12011
Closes #12014
2022-05-16 21:50:35 +02:00
0d6bbd437f
Merge single-use token providers into one
...
Fixes first part of: #11173
* Merge single-use token providers into one
* Remove PushedAuthzRequestStoreProvider
* Remove OAuth2DeviceTokenStoreProvider
* Delete SamlArtifactSessionMappingStoreProvider
* SingleUseTokenStoreProvider cleanup
* Addressing Michal's comments
* Add contains method
* Add revoked suffix
* Rename to SingleUseObjectProvider
2022-05-11 13:58:58 +02:00
d3b43a9f59
Make sure there is always Realm or ResourceServer when searching for authz entities
...
Closes #11817
2022-05-11 07:20:01 -03:00
bfab03b837
Throw an IllegalArgumentException once a ClassCastException occurs.
...
Closes #11775
2022-05-11 09:19:09 +02:00
6b5c417742
Add HotRod store for authorization services
...
Closes #9679
2022-05-06 15:31:38 +02:00
00ccc78360
Add index to entityVersion for all HotRod entities
2022-05-05 17:42:13 +02:00
fc974fc019
Update composite roles on child role removal
...
Closes #11769
2022-05-05 15:18:18 +02:00
e0d7ad1be5
Leverage the equal() method on the wrapped entity instead of creating a string.
...
Closes #11764
2022-05-03 13:29:12 +02:00
0d83b51b20
Enhance Map authz entities with REALM_ID (ResourceServer with CLIENT_ID) searchable field
...
Co-authored-by Michal Hajas <mhajas@redhat.com>
Closes #10883
2022-05-03 12:56:27 +02:00
0efa4afd49
Evaluate composite roles for hardcoded LDAP roles/groups
...
Closes: 11771
see also KEYCLOAK-18308
2022-05-02 14:13:37 +02:00
cd20f45b8a
Ensure that values of attributes are unique in the database
...
While this is already ensured on the Java level when using a Set, database inconsistencies as occurred with Hibernate could lead to follow-up problems that are hard to analyze (as seen in #11666 ).
Closes #11671
2022-04-28 12:04:05 +02:00
2ecf250e37
Deletion of all objects when realm is being removed
...
Closes #11076
2022-04-28 11:09:17 +02:00
5248815091
Disable infinispan realm and user cache for map storage tests
...
Closes #11213
2022-04-25 09:38:49 +02:00
0f147ccdc0
Enlist JPA transaction in JpaMapStorageProvider.getStorage
...
Closes #11230
Co-authored-by: Alexander Schwartz <aschwart@redhat.com>
2022-04-23 08:19:33 +02:00
0ce5dfc09c
Remove dependency of map on services
...
Fixes: 8903
2022-04-22 17:27:21 +02:00
90155862f3
LdapMapStorageProvider to use a full inline class for MapStorage
...
Closes #11373
2022-04-22 17:25:33 +02:00
0c7a8c8684
Login Failures Map JPA implementation
...
Closes #9664
2022-04-22 10:47:04 +02:00
3d1118223b
New Storage: Testsuite fails when JPA Map storage is enabled for groups
...
Closes #11369
2022-04-21 11:14:35 +02:00
f48d468641
Increase column size for keys that refer to entities that can be stored in different storages (foreign keys)
...
Closes #11329
2022-04-21 08:50:37 +02:00
b29b27d731
Ensure code does not rely on a particular format for the realm id or component id
2022-04-20 14:40:38 +02:00
ae90b232ff
Realms Map JPA implementation
...
Closes #9661
2022-04-20 14:40:38 +02:00
c5e4dc8cec
Associated permissions should only add resource type permissions if the resource is an instance ( #11220 )
...
Closes #11148
2022-04-19 09:10:14 +02:00
52d205ca91
Allow exposing some initial provider config options via web site ( #10572 )
...
* Allow exposing some initial provider config options via web site
Co-authored-by: Stian Thorgersen <stian@redhat.com>
Closes #10571
* Include type to provider options, and hide build-icon column as it's not relevant
Co-authored-by: stianst <stianst@gmail.com>
2022-04-19 08:01:42 +02:00
f9d4566723
Replace the cryptographic algorithm by SHA-2
...
The static code scanning analysis detected the usage of MD5 as part of [
MapDeploymentStateProviderFactory](a6dd9dc0f1/model/map/src/main/java/org/keycloak/models/map/deploymentState/MapDeploymentStateProviderFactory.java (L58-L58)Resolves #11290
2022-04-18 07:10:04 -03:00
a2d7cd7a5c
Hot Rod map storage: User / client session no-downtime store
2022-04-14 15:34:22 +02:00
820ab52dce
Add support for filtering by enabled attribute on users count endpoint ( #9842 )
...
Resolves #10896
2022-04-13 13:57:22 -03:00
5c1a8d401d
Store time as seconds as a long in map store
...
This avoids overflowing the value in 2038.
Closes #10960
2022-04-12 14:22:44 +02:00
a6dd9dc0f1
Avoiding AvlPartitionFactory and using JdbmPartitionFactory for the embedded LDAP to work around unstable tests.
...
Fix for #11171 didn't turn out to cover the root cause. Also improved transaction handling in LDAP Map storage.
Closes #11211
2022-04-12 09:12:21 +02:00
6e181a51d5
Add test-jar dependency only if maven.test.skip property is false
...
Closes #11192
2022-04-11 10:37:18 -03:00
5c810ad0e5
Avoid short-lived connections for ApacheDS to avoid messages around "ignoring the message MessageType UNBIND_REQUEST"
...
The comment in LdapRequestHandler.java in ApacheDS notes just before discarding an unbind request: "in some cases the session is becoming null though the client is sending the UnbindRequest before closing".
Also implementing a retry logic for all remaining errors regarding LDAP.
Closes #11171
2022-04-11 10:03:15 +02:00
834a276767
NPE when caching policies based on scopes without a resource
...
Closes #11180
2022-04-08 08:43:08 -03:00
d952669f69
Add clearUpdatedFlag so the flag in associated protocol mappers can be cleared as well
...
Closes #11118
2022-04-08 09:36:55 +02:00
1f2ebf4cba
Add HotRod no downtime store for Realms
...
Closes #9670
2022-04-08 09:36:01 +02:00
3bb4081bd1
Convert user / client session entities into interface
2022-04-08 09:34:01 +02:00
f4f5928727
Add type to filters in MapResourceStore
...
Closes #11154
2022-04-07 15:10:20 -03:00
235f0f3963
Add index to admin events table to improve performance of admin event view
...
Closes #10625
2022-04-06 09:12:35 +02:00
395bd447f2
Hot Rod map storage: Login failure no-downtime store
2022-04-01 20:43:18 +02:00
8ff768b33b
JPA map storage: Authentication session no-downtime store
...
Closes #9665
2022-03-30 13:43:35 +02:00
3356e8b098
Convert login failure entities into interface
2022-03-29 18:40:53 +02:00
d8bee26ec8
Implement AbstractClientEntity.isUpdated to account for changes in associated protocol mappers.
...
Closes #10927
2022-03-29 18:35:28 +02:00
e493b08fa7
Add expiration field to root authentication session
2022-03-23 07:47:47 +01:00
99c06d1102
Authorization services refactoring
...
Closes : #10447
* Prepare logical layer to distinguish between ResourceServer id and client.id
* Reorder Authz methods: For entities outside of Authz we use RealmModel as first parameter for each method, to be consistent with this we move ResourceServer to the first place for each method in authz
* Prepare Logical (Models/Adapters) layer for returning other models instead of ids
* Replace resourceServerId with resourceServer model in PermissionTicketStore
* Replace resourceServerId with resourceServer model in PolicyStore
* Replace resourceServerId with resourceServer model in ScopeStore
* Replace resourceServerId with resourceServer model in ResourceStore
* Fix PermissionTicketStore bug
* Fix NPEs in caching layer
* Replace primitive int with Integer for pagination parameters
2022-03-22 20:49:40 +01:00
c71aa8b711
Set version to 999-SNAPSHOT ( #10784 )
2022-03-22 09:22:48 +01:00
0faf3987f6
Hot Rod map storage: Authentication session no-downtime store
2022-03-22 09:05:52 +01:00
2394855f48
Add merge tasks optimization to ConcurrentHashMapKeycloakTransaction.delete
2022-03-21 16:45:48 +01:00
c18a682f50
Do not store undefined values in store
...
Closes #10744
2022-03-17 16:44:33 +01:00
8aa394ca6b
Update to Liquibase 4.8.0
...
Closes #10678
Co-authored-by: Stefan Guilhen <sguilhen@redhat.com>
Co-authored-by: Martin Kanis <mkanis@redhat.com>
2022-03-16 13:46:31 -03:00
8d1a47f768
adding missing log4j configuration to prevent errors in the log
...
Closes #10613
2022-03-14 10:12:49 -03:00
ad865e75c1
Change the flush mode to auto and fixing how entities are checked if they are loaded in the EM
...
Closes #10411
2022-03-11 12:21:52 -03:00
1a4d7c297a
Change authentication sessions map to set ( #10596 )
2022-03-10 08:45:24 +01:00
18f391d8c4
Fix spelling error in field and classname
...
It's always a converter, unless electricity is involved.
Closes #10573
2022-03-09 08:28:52 -03:00
3c3f003a38
LDAP Map storage support to support read/write for roles
...
Closes #9929
2022-03-08 12:03:10 +01:00
f77ce315bb
Disable Authz caching for new storage tests
...
Closes #10500
2022-03-07 10:22:55 -03:00
722ce950bf
Improve user search performance
...
Removes bulder.lower() from user search queries on email and username.
Closes #8893
2022-03-04 14:15:14 +01:00
6c64d465ea
Convert authentication session entities into interface
2022-03-04 10:50:18 +01:00
ebfc24d6c1
Ensure that Infinispan shutdowns correctly at the end of the tests. Report any exceptions within another thread as a test failure.
...
Adding additional information like a thread dump when it doesn't shutdown as expected.
Closes #10016
2022-03-04 10:47:01 +01:00
91d37b5686
Single offlineSession imported in Infinispan with correctly calculated lifespan and maxIdle parameters
...
Close #8776
2022-03-01 14:51:29 +01:00
af7a040d54
Ensure Liquibase validation is performed once per area
...
Closes #10132
2022-02-25 08:48:34 +01:00
6249e34177
Hot Rod map storage: Client scope no-downtime store
2022-02-24 13:30:27 +01:00
b4281468d0
Convert Map Realm Entities into interfaces
...
Closes #9736
2022-02-24 13:23:19 +01:00
aa6a131b73
Change String client.id to ClientModel client in ResourceServerStore
...
Closes #10442
2022-02-24 12:46:26 +01:00
febb447919
KEYCLOAK-19297 Use real 'external' client object id to store AuthenticatedClientSession in UserSession object, so that the client session can be looked by the client object id in further requests.
2022-02-18 12:42:59 +01:00
589606b1c1
JPA map storage: Groups no-downtime store
...
Closes #9660
2022-02-15 08:54:41 +01:00
d9f1a9b207
Set version to 18.0.0-SNAPSHOT ( #10165 )
2022-02-11 21:28:06 +01:00
442d9bae2e
Add CockroachDB support in the new JPA storage
...
Closes #10039
2022-02-11 18:04:02 +01:00
26ac142b99
Hot Rod map storage: Roles no-downtime store
2022-02-11 14:31:34 +01:00
b50b8f883b
Implement HotRod storage for Users
...
Closes #9671
2022-02-11 10:20:36 +01:00
8a8d59a124
Add prefix "kc_" to all existing tables
...
Closes #10101
2022-02-11 08:59:23 +01:00
de7be3d65d
Handling JPA Map storage case when parent has been deleted
...
Closes #10033
2022-02-09 14:43:50 +01:00
7c1d6eae43
Upgrade to Liquibase 4.6.2
...
* Upgrade to Liquibase 4.6.2
* Add valid checksums to changesets to allow migration to newest liquibase
* Update liquibase licenses
Co-authored-by: Martin Kanis <mkanis@redhat.com>
2022-02-09 12:56:46 +01:00
5701c6c85a
JPA delegates can throw NoResultException when entity doesn't have any attributes
...
Closes #10067
2022-02-09 09:18:54 +01:00
844c210d86
Create common parent for Jpa*AttributeEntity
...
Closes #10071
2022-02-08 22:09:21 +01:00
45df1adba9
Update generics in JPA Map storage to avoid casting and compiler warnings
...
Closes #10060
2022-02-08 17:38:53 +01:00
de2c1fbb45
Update the entityVersion also for downgrades, as it needs to match the JSON and auxiliary tables.
...
Will trigger also when changes to a child occur, like for example when attributes change.
Closes #9716
2022-02-07 12:14:05 +01:00
0471ec4941
Cross-site validation for lazy loading of offline sessions & Switch default offline sessions to lazy loaded
2022-02-03 21:43:47 +01:00
7bd0dbb3ce
Client Scopes: Added ModelIllegalStateException to handle lazy loading exception.
...
Closes #9645
2022-02-02 21:49:40 +01:00
165791b1d7
Client Scopes: Ensure that parent's version ID is incremented when an attribute changes
...
Closes #9874
2022-02-02 21:49:22 +01:00
9d46b45a9c
Ensure that parent's version ID is incremented when an attribute changes.
...
This is necessary to allow the optimistic locking functionality to work as expected when changing only attributes on an entity.
Closes #9874
2022-02-01 20:33:10 +01:00
13e02d5f09
JPA map storage: Client scope no-downtime store
...
Closes #9663
2022-02-01 20:26:00 +01:00
c648e121ed
Convert authz entities into interfaces
...
Closes #9740
2022-01-31 13:51:56 +01:00
df7ddbf9b3
Added ModelIllegalStateException to handle lazy loading exception.
...
Closes #9645
2022-01-31 10:10:41 +01:00
2b81e62b6b
Adding workaround for deadlock in tests for Infinispan 12.1.7
...
Closes #9648
2022-01-28 15:29:50 +01:00
9621d513b5
KEYCLOAK-18727 Improve user search query
2022-01-26 17:03:05 +01:00
9e257d4a01
Added warning when storage contains multi-valued attributes and Keycloak model doesn't support them.
...
Closes #9714
2022-01-26 15:40:00 +01:00
de161d02b9
Store updated flag in the entity, not in the delegate
...
Closes #9774
2022-01-26 15:24:42 +01:00
e2ac7b38f4
Adding missing database constraints for clients in JPA map storage.
...
This should ensure consistency for the store even in the event of concurrent creation of clients by multiple callers.
Closes #9610
2022-01-23 20:34:28 +01:00
873a44459a
Convert MapClientScopeEntity to interface
...
Closes #9657
2022-01-23 16:56:25 +01:00
ddcabe61b2
KEYCLOAK-19571 Add indices to HotRodClientEntity fields
2022-01-20 17:46:47 +01:00
7b89d151c1
KEYCLOAK-18565 JPA roles no-downtime store
2022-01-20 12:02:35 +01:00
213b1f5042
Closes #9562 : Add DB index for UserEntity getRealmUserByServiceAccount
2022-01-20 09:52:54 +01:00
61fbb2fb2e
JPA-Map storage might loose writes due to missing locking mechanism
...
Closes #9411
2022-01-20 09:06:14 +01:00
22bcdcb630
MapRoleProvider could return also client roles when searching for realm roles
...
Closes #9587
2022-01-19 16:39:59 +01:00
db0b36460f
KEYCLOAK-19148 correct getGroupsCountByNameContaining of MapGroupProvider
2022-01-15 20:15:27 +01:00
2fd1593abf
Set order of LiquibaseDBLockProviderFactory to 1
...
- makes it the default provider when no provider is explicitly configured
- avoid NPE at server startup when other providers are present and none is set as default
2022-01-13 08:30:25 +01:00
93419a1797
KEYCLOAK-19289 check if values to set is not null ( #8426 )
...
Closes #9529
2022-01-12 09:22:01 +01:00
ab9413b48c
Store user nested entities in Set instead of Map
2022-01-10 15:57:45 +01:00
9849df3757
Convert MapUserEntity to interface
2022-01-10 15:57:45 +01:00
9b18688ce2
fixes #9427 regex pattern is now pre-compiled
2022-01-08 17:30:54 +01:00
9d5355b7ad
Upgrade Infinispan to 12.1.7.Final
2022-01-08 17:29:09 +01:00
d39eb95705
Introduce per-field delegation of entities
2022-01-05 14:06:45 +01:00
dd3d7be2b4
Make JpaClientMapStorage generic
...
Closes #9244
2022-01-05 07:04:05 +01:00
4817e152e3
[ref: 8889] Annotation processor support for Java > 11
2022-01-04 21:26:07 +01:00
b12830ae4f
8947 - Add liquibase extension to handle JSON operations
2022-01-04 20:58:32 +01:00
96b2669a00
Refactoring of constructors for generated entities
2021-12-22 16:00:10 +01:00
009ca27a38
Make JsonbType generic
...
Closes #9165
2021-12-20 17:40:23 +01:00
9f3d4a7d42
Set version to 17.0.0-SNAPSHOT
2021-12-20 10:50:39 +01:00
44184ab0cb
MapRoleProvider uses ILIKE operator when EQ operator should be used
...
Closes #9130
2021-12-16 10:31:43 +01:00
b4d720d615
Fix DB Migration Script to 13.0.0
...
Closes #9138
2021-12-15 14:00:29 +01:00
c6312e3308
KEYCLOAK-18717 KEYCLOAK-18716 KEYCLOAK-18715 KEYCLOAK-18713 KEYCLOAK-18712 KEYCLOAK-18711 JPA clients no-downtime store
2021-12-15 13:32:49 +01:00
848b170a96
Use DeepCloner.Builder().constructorDC in cases when possible
...
Closes #9141
2021-12-15 10:28:08 +01:00
e61da278ba
When ternary conditional operator uses primitive type it could throw NPE in some cases
...
Closes #9137
2021-12-15 10:25:54 +01:00
5aa9a09b20
Closes #8969 - Add Groups HotRod storage
2021-12-13 18:12:19 +01:00
8e03942e87
Enhance available tree operations
...
Fixes #9022
2021-12-13 18:05:45 +01:00
3c7e5c8440
Create delegates and empty instances in DeepCloner
...
Fixes : #9030
2021-12-13 18:04:48 +01:00
fc237a8b63
Introduce ancestor interface for entities with attributes
2021-12-10 10:54:44 +01:00
7aaa33739b
KEYCLOAK-19570 Add annotation processing for HotRod clients
2021-12-08 10:00:00 +01:00
3602873df2
Introduce model-entity util methods
...
Fixes : #9025
2021-12-07 16:51:56 +01:00
783eecf612
Closes #8808 - Convert MapRoleEntity to interface
2021-12-01 15:50:26 +01:00
d9bf511406
KEYCLOAK-19052: Optimised (split) the clearExpiredEvents query to reduce execution time
2021-11-30 22:25:55 +01:00
a5c3b83443
Closes #8807 - Make MapGroupEntity generated
2021-11-30 21:44:18 +01:00
158640d1f3
Closes #8954 - move Hot Rod classes to hotRod package
2021-11-30 11:52:16 +01:00
1adce39e1d
8886 Add alwaysDisplayInConsole searchable client field
2021-11-24 13:15:17 +01:00
6b8890f5dd
KEYCLOAK-19525 Inconsistent creation of default-roles-<realm>
2021-11-23 21:30:12 +01:00
1e1a6779be
Issue 8814: Replace deprecated hamcrest-all dependencies
2021-11-23 13:56:28 +01:00
4291caff3c
Fix Delegate bug
2021-11-16 19:47:59 +01:00
2f9a5aae0f
KEYCLOAK-19028 Add HotRod Map storage implementation
2021-11-11 14:10:00 +01:00
cec6a8a884
KEYCLOAK-19700: Attempt to reuse denied device authorization code results in server error
2021-11-08 11:37:51 +01:00
58d403cf24
KEYCLOAK-19726 Fix return types of ModelCriteriaBuilder methods
2021-11-05 16:39:40 +01:00
439e2e4288
KEYCLOAK-19763 fix MapClientProvider.getClientByClientId
2021-11-04 11:48:07 +01:00
9c287aff1f
KEYCLOAK-19709 Remove MapStorage.createCriteriaBuilder
2021-11-03 20:05:29 +01:00
6966e0cfe9
KEYCLOAK-19749 Optimize DefaultModelCriteria creation
2021-11-03 17:42:26 +01:00
877ae96590
KEYCLOAK-18854 Introduce storage-independent ModelCriteriaBuilder
2021-10-29 19:21:45 +02:00
af97849feb
KEYCLOAK-19030 Implement HotRodConnectionProvider
2021-10-27 14:07:19 +02:00
53f02a50f6
KEYCLOAK-19562 Introduce generic trees
2021-10-25 13:28:48 +02:00
cfbb7f5553
KEYCLOAK-19593 Remove CRUD operations from MapStorage interface
...
Signed-off-by: Michal Hajas <mhajas@redhat.com>
2021-10-21 17:01:33 +02:00
8ee992e638
KEYCLOAK-19482 Generate map entity cloners
2021-10-18 13:14:14 +02:00
d069ec7949
KEYCLOAK-18737 Show sessions functionality does not work consistently
...
Co-authored-by: Pavel Bezdienezhnykh
Co-authored-by: Martin Kanis <mkanis@redhat.com>
2021-10-13 14:04:14 +02:00
dacf28af84
KEYCLOAK-19536 Removal of client creates new instance of provider for each client role
2021-10-13 13:05:18 +02:00
675e1b0941
KEYCLOAK-19505 Generate map entity delegates
2021-10-12 14:04:21 +02:00
5b0986e490
[KEYCLOAK-18891] Add support for searching users by custom user attributes
...
Users can now be searched by custom attributes using 'q' in the query parameters. The implementation is roughly the same as search clients by custom attributes.
2021-10-12 13:08:47 +02:00
576292a662
KEYCLOAK-19480 Introduce MapProtocolMapperEntity
2021-10-11 14:05:32 +02:00
6e591305f9
KEYCLOAK-19481 Make Id and RealmId mutable fields
2021-10-08 20:18:58 +02:00
3abf9283a8
KEYCLOAK-19374 Create implementation based on annotation processor
...
Use of boxed types as started in 009d4ca445
2021-10-07 10:54:25 +02:00
30b3caee9f
KEYCLOAK-18445 Add support for cross-site model tests
2021-10-06 14:37:06 +02:00
da0c945475
KEYCLOAK-18940 Add support for searching composite roles
2021-10-01 12:41:19 +02:00
0a2f8f5b63
KEYCLOAK-17887 fix endpoint for creating or updating realm localization texts for a given locale (UnsupportedOperation was thrown because RealmAdapter tried to change unmodifiable map):
...
- fix RealmAdapter to create a new map instead of trying to change unmodifiable map
- only provide POST endpoints for creating or updating the texts (to have the endpoints consistent with other Admin API endpoints)
- add tests
2021-09-30 15:07:56 +02:00
f471a110cd
KEYCLOAK-19408 Better client secrets
2021-09-29 18:19:43 +02:00
d606da9065
KEYCLOAK-18981 Infinispan: prevent fetching all sessions from remotes
2021-09-29 14:53:07 +02:00
7c0d10130e
KEYCLOAK-18981 Infinispan: prevent fetching all sessions from remotes
2021-09-24 17:34:01 +02:00
10e425315f
[KEYCLOAK-19274] - Avoid loading queries from properties at runtime for Dist.X
2021-09-24 09:26:43 +02:00
339224578e
KEYCLOAK-10603 adjust assignments to roles (user-role and group-role assignments, client-scope and client "scope mappings"): allow assignments of roles which are already indirectly assigned (e.g. by composite role)
...
- extend RoleMapperModel with method hasDirectRole(RoleModel), which only checks for direct assignment in contrast to the existing method hasRole(RoleModel)
- extend ScopeContainerModel with method hasDirectScope(RoleModel), which only checks for direct scope mapping in contrast to the existing method hasScope(RoleModel)
- use the new hasDirectRole and hasDirectScope methods to check whether a role is in the "available" list and whether it can be assigned (previously, the hasRole method was used for this purpose)
- add hint to UI that available roles contain effectively assigned roles which are not directly assigned
- adjust and extend tests
2021-09-22 13:56:29 +02:00
2c22ccbf97
KEYCLOAK-19286 Use client storage provider id to construct client StorageId, so that a valid 'external' client id will be generated.
2021-09-20 19:43:20 +02:00
4090114398
KEYCLOAK-16246 Revert changes from workaround made in KEYCLOAK-16244 after upgrading to quarkus 2
...
Also fixed a small type in testclass.
This reverts commit 9b2f2015f7
2021-09-16 15:42:48 -03:00
47484c1aed
KEYCLOAK-18842: deleteExpiredClientSessions very slow on MariaDB
2021-09-10 08:25:33 +02:00
d216f8f748
KEYCLOAK-19104 Add custom ForeignKeySnapshotGenerator
2021-09-02 09:59:26 +02:00
6886bd6651
KEYCLOAK-18941 ExecutionException when computed future - InfinispanCacheInitializer
2021-08-05 18:28:27 +02:00
2acb43a627
KEYCLOAK-18617 Fix index on client attributes
2021-08-05 15:35:55 +02:00
262ec3d031
Set version to 16.0.0-SNAPSHOT
2021-07-30 14:56:10 +02:00
0cdce1340d
KEYCLOAK-18680 Always close result stream
2021-07-30 09:40:39 +02:00
8889122dc1
KEYCLOAK-18845 Remove key type in map storage (simplify generics)
2021-07-23 17:04:20 +02:00
07402d9aac
KEYCLOAK-18845 Remove key type in map storage (move StringKeyConvertor to CHM)
2021-07-23 17:04:20 +02:00
44cd6cd5fb
KEYCLOAK-18824 Simplify MapStorageTransaction and move registerEntityForChanges to CHM transaction
2021-07-21 20:58:26 +02:00
d29d945cc4
[KEYCLOAK-18857] - Do not force default to RS256 when verifying tokens sent by clients and JWK does not hold an algorithm
2021-07-21 11:09:02 +02:00
1f3650dcd9
KEYCLOAK-18815 Update MapKeycloakTransaction return types to match MapStorage
2021-07-20 21:48:27 +02:00
009d4ca445
KEYCLOAK-18747 Turn MapClientEntity into interface + introduce delegates
...
Given that the Map*Entity is turned into an interface, it makes more sense
to use non-primitive types to allow for null values. This enables signalizing
that an entity does not define a particular value, and builds a base for definition
of instances with defaults: If a value is not present in the queried instance
(i.e. is `null`), the value would be obtained from a delegate containing
the defaults.
2021-07-17 15:45:46 +02:00
fbaeb18a5f
KEYCLOAK-18471 Added ID to admin event object.
2021-07-16 12:46:07 +02:00
dc1c9b944f
KEYCLOAK-18370 Introduce QueryParameters
2021-07-15 13:25:31 +02:00
a25c70784c
KEYCLOAK-18467 support unicode for realm localization texts
2021-07-15 10:30:42 +02:00
a8fdd79d1b
KEYCLOAK-17763 Inefficient call to ClientProvider.getClientsStream()
2021-07-12 11:51:15 +02:00
2803685cd7
KEYCLOAK-18353 Implement Pushed Authorization Request inside the Keycloak
...
Co-authored-by: Takashi Norimatsu <takashi.norimatsu.ws@hitachi.com>
Co-authored-by: mposolda <mposolda@gmail.com>
2021-07-03 08:47:42 +02:00
f15536a88c
KEYCLOAK-18635 Move classes specific to ConcurrentHashMap to chm package
2021-07-02 06:55:19 +02:00
4db2c3f570
KEYCLOAK-15572 make attributes multi-valued for map storage entities
2021-07-01 12:21:33 +02:00
2b9b50d50a
KEYCLOAK-18194 fix migration of default role when realm id contains apostrophe
2021-07-01 11:22:11 +02:00
f0e777c592
KEYCLOAK-18414 Remove unnecessary id parameter from update operation
2021-07-01 11:18:53 +02:00
0523dad4d5
KEYCLOAK-18414 Remove unnecessary id parameter from create operation
2021-07-01 11:18:53 +02:00
164f3df080
KEYCLOAK-18502 - Support for additional parameters from the backchannel authentication request and backchannel authentication callback.
2021-07-01 00:31:26 +02:00
8a83ec83ac
KEYCLOAK-18589 map-storage profile for KeycloakServer
2021-06-30 20:47:17 +02:00
b8565408ca
KEYCLOAK-17781 Make exists and notExists collection aware
2021-06-30 10:48:39 +02:00
ca6b78b730
KEYCLOAK-18390 GroupProvider search implementation of JPA and Map delivers different results
2021-06-29 14:59:01 +02:00
bfb134a6ce
KEYCLOAK-18091 Fail session loading when interrupted
2021-06-22 08:50:08 +02:00
13f7831a77
Set version to 15.0.0-SNAPSHOT
2021-06-18 10:42:27 +02:00
e3c76035b2
KEYCLOAK-18359 Default role migration is not performed correctly when empty realm id
2021-06-14 20:54:37 +02:00
d2a8a95d79
KEYCLOAK-18369 Create MapKeycloakTransaction interface
2021-06-14 08:31:59 +02:00
9854f21ace
KEYCLOAK-18332 Client Scopes are reset to realm's default when Client is updated
2021-06-11 07:41:18 +02:00
91865fa93e
KEYCLOAK-18368 Invalidate client session after refresh token re-use
2021-06-09 14:43:29 +02:00
95bf912dc9
KEYCLOAK-18035 Fix update client with default default scope assigned as optional
2021-06-07 16:22:55 +02:00
2bf727d408
KEYCLOAK-17753 remove KeycloakModelUtils.isClientScopeUsed method
2021-05-28 21:07:14 +02:00
4dcb69596b
KEYCLOAK-18146 Search for clients by client attribute when doing saml artifact resolution
2021-05-27 23:02:22 +02:00
3d8f152787
KEYCLOAK-17747 KEYCLOAK-17754 Optimize getClients() calls
2021-05-27 22:12:56 +02:00
23aee6c210
KEYCLOAK-16616 Limit number of authSessios per rootAuthSession
2021-05-27 22:10:36 +02:00
94f676cb95
KEYCLOAK-18286 Add index to client_attributes
2021-05-27 13:31:33 +02:00
1ab0d585a9
KEYCLOAK-11019 Initial support for lazy offline user-session loading
...
Co-authored-by: Thomas Darimont <thomas.darimont@googlemail.com>
Co-authored-by: Thomas Darimont <thomas.darimont@gmail.com>
2021-05-26 09:54:28 +02:00
860fc4c06c
KEYCLOAK-17756 KEYCLOAK-17757 Optimize IdP-first lookup
2021-05-20 14:44:55 +02:00
a0f8d2bc0e
[KEYCLOAK-17399] - Review User Profile SPI
...
Co-Authored-By: Vlastimil Elias <vlastimil.elias@worldonline.cz>
2021-05-20 08:44:24 -03:00
1c283cdebc
KEYCLOAK-14301 OTP secrets migrated incorrectly
2021-05-20 13:19:27 +02:00
3913526934
KEYCLOAK-18031 Update to 13.0.0 fails due to liquibase error
2021-05-20 11:29:02 +02:00
e609949264
KEYCLOAK-17267 Add index to user attribute name and value to support user sync from ldap
2021-05-19 13:38:11 +02:00
c02a706a86
KEYCLOAK-17748 Optimize validation of redirect URIs in logout endpoint
...
Reimplementation of KEYCLOAK-17718
2021-05-18 20:31:21 +02:00
4d776cd780
KEYCLOAK-18137 Fix introduced SPI name
2021-05-18 20:30:21 +02:00
62e6883524
KEYCLOAK-17084 KEYCLOAK-17434 Support querying clients by client attributes
2021-05-14 13:58:53 +02:00
919899b994
KEYCLOAK-18039: Optimise offline session load on startup
...
Co-authored-by: Hynek Mlnarik <hmlnarik@redhat.com>
2021-05-13 16:26:26 +02:00
8feefe94ac
KEYCLOAK-18074 Ignore server version for MySQL in ChangeLogHistoryService
2021-05-12 15:01:30 +02:00
6397671c88
[KEYCLOAK-17885] - Delete user-managed policies when removing groups
2021-05-10 16:33:23 -03:00
4b44f7d566
Set version to 14.0.0-SNAPSHOT
2021-05-06 14:55:01 +02:00
98a88e3e8b
KEYCLOAK-17991 Introduce preview feature for map storage
2021-05-06 11:38:41 +02:00
253dee077e
KEYCLOAK-17830 Fix realm Map*Entity to/fromModel
2021-05-06 11:38:41 +02:00
93feae104b
KEYCLOAK-16127 Unify registerEntityForChanges
2021-05-06 11:38:41 +02:00
6d97a573e6
KEYCLOAK-17696 Make MapStorageFactory amphibian
2021-05-06 11:38:41 +02:00
e46a5484c5
KEYCLOAK-17695 Split MapStorage provider and provider factory
2021-05-06 11:38:41 +02:00
020dd530b9
KEYCLOAK-18009 Invalid role creation with oracle database
2021-05-06 09:01:42 +02:00
20fc430be0
KEYCLOAK-17874 Server cannot be started with oracle19cRAC
2021-05-05 13:12:07 +02:00
0cecd0f33f
KEYCLOAK-17992 MSSQL not updatable
2021-05-05 13:12:07 +02:00
96501760e0
KEYCLOAK-17501 Add support for map storage in WildFly
2021-05-03 16:00:30 +02:00
ee315ecab1
KEYCLOAK-17934 * fixed cache inconsistency when cache limit is exceeded
2021-05-03 15:50:23 +02:00
32fb45eb5b
KEYCLOAK-17774 Implement equals method for work cache events
...
Co-Authored-By: stianst <stianst@gmail.com>
Co-Authored-By: Michal Hajas <mhajas@redhat.com>
2021-05-03 10:47:15 +02:00
7d4255b2a1
KEYCLOAK-17871 Add support for running parallel model tests
2021-04-30 16:13:57 +02:00
Alexander Schwartz
Hynek Mlnarik
Michal Hajas
vramik
Martin Kanis
rmartinc
Marek Posolda
Pedro Igor
Martin Kanis
Sven-Torben Janus
Stefan Guilhen
Bruno Oliveira da Silva
msvechla
Joerg Matysiak
keycloak-bot
Michael Parlee
giacomo.altiero
Vlasta Ramik
Luca Graf
bal1imb
Guus der Kinderen
Konstantinos Georgilakis
Dominik DS
Hynek Mlnařík
andreaTP
Kashif Saadat
Martin Bartoš
Alec Henninger
Bart Monhemius
Daniel Fesenmeyer
stianst
Dominik
Hryhorii Hevorkian
lbortoli
Sebastian Rose
Václav Muzikář
Peter Flintholm