UNIX.dog
/
keycloak
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
21,676 Commits 1 Branch 0 Tags 434 MiB
Commit Graph

4009 Commits

Author SHA1 Message Date
Citlali del Rey b04e0bc2c1
Fix URLBean common location 2023-04-11 12:50:55 -07:00
Citlali del Rey 5d9b49b47d
Add UNIX.dog theme, no-JS account console 2023-04-11 12:50:55 -07:00
eatikrh 396e2ba931
Allow users with 'view-users' permission to see the 'credentials' tab (#19587) 
Closes #17174
 2023-04-07 14:13:43 +02:00
alwibrm 9f15cf432b
Respecting key use of EC keys in JWKS 2023-04-03 19:06:25 -03:00
rmartinc 99330dbb6d Manage JsonProcessingException to not return error 500 when json data is wrong 
Closes https://github.com/keycloak/keycloak/issues/11517
 2023-04-03 18:07:34 +02:00
Hynek Mlnarik 0d5363d0d5 Throw an exception rather than returning response 
Closes: #17644
 2023-04-03 14:43:50 +02:00
Stan Silvert c595e3430e
Add access to full group tree. Fix access for members tab. Add missing (#19423) 
props to Access object.
Fixes #17589
 2023-03-31 15:11:13 -04:00
mposolda 17c1b853e0 Custom implemention of OIDC Login Protocol doesn't get executed 
closes #19335
 2023-03-31 11:54:32 -03:00
rmartinc c6a1820a47 Use SimpleHttp for SOAP calls 
Closes https://github.com/keycloak/keycloak/issues/17139
 2023-03-31 10:57:47 -03:00
Pedro Igor 6086201fe0 Do not verify identity cookie when processing required actions 
Closes #17539
 2023-03-31 09:56:27 +02:00
Robert Dey 044aca0863 Use replacePath() instead of path() 2023-03-30 12:03:43 -03:00
Robert Dey 4df73714e0 Fix totp manual link for proxy mode 
Closes #11774
 2023-03-30 12:03:43 -03:00
mposolda 709c6b5a47 Regressions in redirect URL verification when redirect_uri has encoded path or default port 
closes #16851
closes #16587
 2023-03-30 14:20:10 +02:00
Pedro Igor 48082d08ec Email visible on registration page when edit username is not allowed 
Closes #17439
 2023-03-30 08:11:30 +02:00
Michal Hajas e49dfe534e Fix missing migration when reading TERMS_AND_CONDITIONS required action in legacy store 
Closes #17277
 2023-03-29 16:43:01 +02:00
Daniel Kobras a45b5dcd90 Prefer cert over pubkey in SAML metadata 
If SAML key material was given as a certificate, consistently
expose the certificate rather than just the public key when
presenting SAML metadata info. This change ensures that the
client obtains sufficient information (eg. issuer) to close
the trust chain.

Closes: #17549

Signed-off-by: Daniel Kobras <kobras@puzzle-itc.de>
 2023-03-29 11:17:24 +02:00
Marek Posolda 032ece9f7b
Clarify user session limits documentation and test SSO scenario (#19372) 
Closes #17374


Co-authored-by: andymunro <48995441+andymunro@users.noreply.github.com>
 2023-03-29 10:08:45 +02:00
rmartinc 2bb9de1a8c Allow application/jwt media type for userinfo endpoint 
Closes: https://github.com/keycloak/keycloak/issues/19346
 2023-03-28 08:47:35 -03:00
Pedro Igor a9c605750d Returning email as username setting for admins 
Fixes #17591
 2023-03-27 16:33:44 -03:00
Alexander Schwartz ccec3639ff Update provider to create documentation entries for its properties 
Closes #17565
 2023-03-27 09:03:41 -03:00
Alexander Schwartz 251f6151e8 Rework the Import SPI to be configurable via the Config API 
Also rework the export/import CLI for Quarkus, so that runtime options are available.

Closes #17663
 2023-03-24 15:28:55 -03:00
Klajdi Paja cf61a65198 Return a user friendly message when a group name already exists on the same level. 
Closes #16888
 2023-03-24 08:13:49 +01:00
Douglas Palmer a48db930fe Theme resource common path is always /keycloak/common 
Closes #17569
 2023-03-24 08:11:21 +01:00
Ayrat Hudaygulov f578f91a0b Fix ID token not being sent after expiration for OIDC logout 
Closes #10164
 2023-03-23 13:01:02 +01:00
Konstantinos Georgilakis fd28cd2d4b Service Accounts Client must create the Client ID mapper with Token Claim Name as client_id 
closes #16329
 2023-03-23 11:45:34 +01:00
tomjo 705d20d4a2 AllowAllDockerProtocolMapper now allows multiple resourceScopes delimited by spaces as specified by the docker auth token spec. 
Closes #17187
 2023-03-23 09:43:43 +01:00
rmartinc bef0a4a6f1 Check frontendUrl in the hostname providers 
Closes https://github.com/keycloak/keycloak/issues/17686
 2023-03-20 18:54:58 -03:00
rmartinc cab7e50410 Better handling for SAML signatures in POST and REDIRECT bindings 
Closes https://github.com/keycloak/keycloak/issues/17456
 2023-03-15 09:06:59 -03:00
vramik 25d6161ebd Remove `ClearExpiredUserSessions`, `ClearExpiredClientInitialAccessTokens` and `ClearExpiredEvents` from services module 
Closes #13835
 2023-03-10 09:09:51 +01:00
Douglas Palmer 4a382752aa Reverted back to Parser from CachingParser due to thread safety concerns 
closes #16729
 2023-03-09 17:50:39 +01:00
Douglas Palmer 181e1b914f Update to UA Parser 1.5.4 and use CachingParser 
closes #16729
 2023-03-08 11:46:39 +01:00
Tero Saarni 9052ec2b02
Add admin events for realm create/delete. (#10831) 
Closes #10733
 2023-03-07 15:57:06 +01:00
Simon Levermann 96c1cf3c49 Allow mapping of UserSessionNotes into UserInfo 
Fixes #15369
 2023-03-07 15:25:14 +01:00
rmartinc a56b38c5a6 Don't remove session and don't reset restart cookie if passive check error 
Closes https://github.com/keycloak/keycloak/issues/11340
 2023-03-07 15:10:09 +01:00
rmartinc 06ff8b016c Don't set REMEMBER_ME if it's disabled at realm level 
Closes https://github.com/keycloak/keycloak/issues/11330
 2023-03-07 15:01:58 +01:00
Alexander Schwartz f6f179eaca Rework the export to use CLI options and property mappers 
Also, adding the wiring to support Model tests for the export.

Closes #13613
 2023-03-07 08:22:12 +01:00
mposolda a0192d61cc Redirect loop with authentication success but access denied at default identity provider 
closes #17441
 2023-03-06 10:45:01 +01:00
Michal Hajas 465019bec4 Extract attachDevice outside of storage layer 
Closes #17336
 2023-03-03 17:58:34 +01:00
Zakaria Amine fb5a7f654b
trigger IDENTITY_PROVIDER_FIRST_LOGIN (and UPDATE_PROFILE ) event when identity provider flow succeeds (#15100) 
closes #15098
 2023-03-03 17:49:27 +01:00
Jon Koops 972ebb9650
Use a valid SemVer format for the SNAPSHOT version (#17334) 
* Use a valid SemVer format for the SNAPSHOT version

* Update pom.xml

* Update pom.xml

---------

Co-authored-by: Stian Thorgersen <stianst@gmail.com>
Co-authored-by: Stian Thorgersen <stian@redhat.com>
 2023-03-03 11:11:44 +01:00
mposolda b28bde542f referrer_url is not correctly computed in account console 
closes #16484
 2023-03-01 20:49:15 +01:00
Marek Posolda 59f4fe1c60
NPE on Theme after upgrade to 21 when parent or import theme not exists (#17350) 
* NPE on Theme after upgrade to 21 when parent or import theme not exists
closes #17313

* Update per review
 2023-03-01 15:46:37 +00:00
mghalbi e19e7bef2d fix error in check mediaType 2023-02-27 14:34:32 -03:00
mghalbi 116b2fed0c Added check for the presence of Content-Type header in the request 2023-02-27 14:34:32 -03:00
Pedro Igor fbf5541802 Remove duplicated set-cookie header from response when expiring cookies 
Closes #17192
 2023-02-27 14:17:27 -03:00
lpa 3cd413dee1 SOAP backchannel logout for SAML protocol 
Closes #16293
 2023-02-27 14:24:12 +01:00
rmartinc 38a46726e4 Implement UserInfoTokenMapper in HardcodedRole and RoleNameMapper mappers 
Closes https://github.com/keycloak/keycloak/issues/15624
 2023-02-27 10:14:48 -03:00
mposolda f180115d27 Log some details if error happens in CIBA authentication request 
Closes #14650
 2023-02-23 14:36:28 +01:00
Yohan Siguret 82423f38a1 Add user id to TOKEN_EXCHANGE events 
Co-authored-by: thaDude <ogdude@googlemail.com>
 2023-02-22 17:13:48 -03:00
Hynek Mlnarik 878debd2ab Forbid changing ID 
Closes: #16881
 2023-02-22 17:19:22 +01:00