Commit Graph

243 Commits

Author SHA1 Message Date
Stian Thorgersen
c1c147cb17 Restrict access to environment variables when at the server runtime (#36472)
Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>
Co-authored-by: Pedro Igor <pigor.craveiro@gmail.com>
2025-01-15 09:36:19 +01:00
Selvi
db5a8466ad Remove duplicate "the" in documentation (#36329)
Signed-off-by: Selvi <SelviA@users.noreply.github.com>
2025-01-09 16:12:30 +01:00
Marek Posolda
4ab34f4816 Updating release notes with core-clients contributions and features (#36066)
closes #35953

Signed-off-by: mposolda <mposolda@gmail.com>


Co-authored-by: andymunro <48995441+andymunro@users.noreply.github.com>
Signed-off-by: Marek Posolda <mposolda@gmail.com>
2024-12-20 10:15:55 +01:00
Jan Verhaeghe
56246096e0 Align on one realm-name placeholder
Closes #36047

Signed-off-by: Jan Verhaeghe <jan@hwfaq.be>
2024-12-19 13:48:18 +00:00
Steven Hawkins
cb1d28d043 fix: deprecating the default db value in production mode (#35674)
closes: #23805



Fix typo in docs, some improvements



adding a negative assertion



Update docs/documentation/upgrading/topics/changes/changes-26_1_0.adoc

Signed-off-by: Steven Hawkins <shawkins@redhat.com>
Co-authored-by: Václav Muzikář <vaclav@muzikari.cz>
2024-12-13 11:59:55 +01:00
Marek Posolda
0265cb6254 Update upgrading notes with the changes related to core clients (#35860)
closes #35859

Signed-off-by: mposolda <mposolda@gmail.com>


Co-authored-by: andymunro <48995441+andymunro@users.noreply.github.com>
Signed-off-by: Marek Posolda <mposolda@gmail.com>
2024-12-13 10:12:37 +01:00
Alexander Schwartz
7c4a5aed77 Restructuring the migration guide (#35724)
Closes #35487

Signed-off-by: Alexander Schwartz <aschwart@redhat.com>
2024-12-10 12:07:32 +01:00
Alexander Schwartz
13e3439246 Upgrading guide 26.0.6 is missing in the upgrading guide (#35545)
Closes #35544

Signed-off-by: Alexander Schwartz <aschwart@redhat.com>
2024-12-03 11:58:32 +01:00
Stefan Guilhen
9861acc2aa UserSessionProvider.removeUserSessions now removes all user sessions (both regular and offline)
Closes #31359

Signed-off-by: Stefan Guilhen <sguilhen@redhat.com>
2024-11-29 12:35:15 -03:00
Giuseppe Graziano
a659c8d1cb Sign AUTH_SESSION_ID cookie (#35297)
closes #34027

Signed-off-by: Giuseppe Graziano <g.graziano94@gmail.com>
2024-11-28 17:28:52 +01:00
Martin Kanis
20770d8aaa Fix upgrading guide about deprecation of getAll() methods in the organization APIs
Closes #34975

Signed-off-by: Martin Kanis <mkanis@redhat.com>
2024-11-25 10:10:02 +01:00
rmartinc
b0b247f1f1 Passivate imported keys if the associate certificate is expired
Closes #34973

Signed-off-by: rmartinc <rmartinc@redhat.com>
2024-11-25 09:40:59 +01:00
Cornelius Roemer
29abfd3e89 Fix typos in *.md and *.adoc files using codespell interactive mode
Closes #35256

This PR fixes a bunch of typos in docs files.

I ran codespell on `*.adoc` and `*.md` files in the repo in interactive mode
carefully checking each identified typo and proposed fix for false positives.

The most widely read file with typos identified is likely the changelog/migration guide.

Signed-off-by: Cornelius Roemer <cornelius.roemer@gmail.com>
2024-11-25 08:21:26 +01:00
Cornelius Roemer
e11db03d76 fix(doc): v24 changelog grammar typo "longer" -> "no longer" ()
Closes #35163

The missing "no" makes this really confusing to read

Signed-off-by: Cornelius Roemer <cornelius.roemer@gmail.com>
2024-11-22 11:56:48 +01:00
Václav Muzikář
d60cb9aaef fix: prevent inclusion of characters that could lead to FileVault path traversal (#35223)
Closes: #35215

Signed-off-by: Peter Zaoral <pzaoral@redhat.com>
Co-authored-by: Peter Zaoral <pepo48@gmail.com>
2024-11-22 10:18:00 +01:00
Marek Posolda
a56378e989 Remove upgrading client libraries from the server documentation (#35101)
closes #34949

Signed-off-by: mposolda <mposolda@gmail.com>


Co-authored-by: andymunro <48995441+andymunro@users.noreply.github.com>
Signed-off-by: Marek Posolda <mposolda@gmail.com>
2024-11-20 16:14:42 +01:00
michielpeeters
cec081961b Update upgrade guide docs 25.0.0 cache options
Closes #34987

Signed-off-by: michielpeeters <michielpeeters@users.noreply.github.com>
Signed-off-by: Alexander Schwartz <aschwart@redhat.com>
Co-authored-by: Alexander Schwartz <aschwart@redhat.com>
2024-11-15 14:27:57 +01:00
Marek Posolda
92d9ac6621 Update KEYCLOAK_SESSION cookie to not have sessionId in plaintext (#34551)
closes #34026

Signed-off-by: mposolda <mposolda@gmail.com>
2024-11-11 18:47:18 +01:00
Pedro Ruivo
d7e5319f70 Document network ports for Keycloak clustering
Also switch the default to jdbc-ping as this  should be a drop-in replacement looking at the networking behavior of udp.

Closes #34658

Signed-off-by: Pedro Ruivo <pruivo@redhat.com>
Signed-off-by: Alexander Schwartz <aschwart@redhat.com>
Co-authored-by: Alexander Schwartz <aschwart@redhat.com>
2024-11-11 13:28:15 +01:00
Pedro Igor
0a05ba49d1 Adding a details map to admin events to store additional contextual data when the event is fired
Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>
2024-11-07 17:19:43 -03:00
Pedro Ruivo
33cae33ae4 Remove JGroups thread pool docs from HA Guide
Clustering is disabled with multi-site deployment and there is no
JGroups thread pool to configure.

Closes #34715

Signed-off-by: Pedro Ruivo <pruivo@redhat.com>
Signed-off-by: Alexander Schwartz <aschwart@redhat.com>
Co-authored-by: Alexander Schwartz <aschwart@redhat.com>
2024-11-07 09:00:48 +00:00
Ricardo Martin
226daa41c7 Add service account mappers via client scope instead of dedicated scope (#34664)
Closes #10417

Signed-off-by: rmartinc <rmartinc@redhat.com>


Co-authored-by: andymunro <48995441+andymunro@users.noreply.github.com>
Signed-off-by: Ricardo Martin <rmartinc@redhat.com>
2024-11-07 08:45:11 +01:00
Ricardo Martin
ce454bda47 Remove online session when offline access is requested as the first request (#34346)
Closes #34001

Signed-off-by: rmartinc <rmartinc@redhat.com>


Co-authored-by: andymunro <48995441+andymunro@users.noreply.github.com>
Signed-off-by: Marek Posolda <mposolda@gmail.com>

---------

Signed-off-by: rmartinc <rmartinc@redhat.com>
Signed-off-by: Marek Posolda <mposolda@gmail.com>
Co-authored-by: Marek Posolda <mposolda@gmail.com>
Co-authored-by: andymunro <48995441+andymunro@users.noreply.github.com>
2024-11-06 08:33:12 +01:00
Ryan Emerson
a79b67cac8 Deprecate other transport stacks (ec2, azure, google)
Closes #34253

Signed-off-by: Ryan Emerson <remerson@redhat.com>
2024-10-31 11:47:13 +01:00
Andy
f994cc54d5 Remove robots.txt entirely
* remove robots.txt entirely, as blocking page-
crawling prevents the `X-Robots-Tag` headers
(and similar meta tags) from working as intended.

Closes #17433

Signed-off-by: Andy <andy@slice.is>
Signed-off-by: Alexander Schwartz <aschwart@redhat.com>
Co-authored-by: Alexander Schwartz <aschwart@redhat.com>
2024-10-25 12:09:50 +00:00
Ryan Emerson
902abfdae4 JDBC_PING as default discovery protocol
Closes #29399

- Add ProviderFactory#dependsOn to allow dependencies between
  ProviderFactories to be explicitly defined
- Disable Infinispan default shutdownhook disabled to ensure lifecycle
  is managed exclusively by Keycloak
- Remove Infinispan shutdown hook in KeycloakRecorder and manage
  EmbeddedCacheManager lifecycle only in DefaultInfinispanConnectionProviderFactory#close

Signed-off-by: Ryan Emerson <remerson@redhat.com>
Signed-off-by: Alexander Schwartz <aschwart@redhat.com>
Co-authored-by: Alexander Schwartz <aschwart@redhat.com>
2024-10-22 20:19:19 +00:00
Pedro Ruivo
fffa9aa72e Enable virtual threads in Infinispan and JGroups by default
Closes #33939

Signed-off-by: Pedro Ruivo <pruivo@redhat.com>
Signed-off-by: Alexander Schwartz <aschwart@redhat.com>
Co-authored-by: Alexander Schwartz <aschwart@redhat.com>
2024-10-21 16:02:28 +00:00
Jon Koops
7657e71be1 Automatically retrieve configuration for authorization
Closes #14562

Signed-off-by: Jon Koops <jonkoops@gmail.com>
2024-10-18 14:03:36 +02:00
Pedro Ruivo
464fc90519 Fail to start if work cache is not replicated
Keycloak will now fail to start if the work cache is replicated.
Listeners require the data to be local.

Closes #33702

Signed-off-by: Pedro Ruivo <pruivo@redhat.com>
Signed-off-by: Alexander Schwartz <aschwart@redhat.com>
Co-authored-by: Alexander Schwartz <aschwart@redhat.com>
2024-10-09 19:40:24 +00:00
Pedro Ruivo
0e3554934e Read cache-ispn.xml from conf/ by default
Fixed #31492

Signed-off-by: Pedro Ruivo <pruivo@redhat.com>
Signed-off-by: Alexander Schwartz <aschwart@redhat.com>
Co-authored-by: Alexander Schwartz <aschwart@redhat.com>
2024-10-09 16:40:17 +00:00
Alexander Schwartz
d8c8c6a0be Fixing broken links after KC26 docs changes (#33577)
Closes #33576

Signed-off-by: Alexander Schwartz <aschwart@redhat.com>
2024-10-04 13:59:47 +02:00
Jon Koops
b475f936d5 Use crypto.randomUUID() to generate UUIDs for Keycloak JS (#33518)
Closes #33515

Signed-off-by: Jon Koops <jonkoops@gmail.com>
2024-10-03 12:07:57 -03:00
Stian Thorgersen
2be2b2ffe5 Upgrade guide updates for renaming account, admin, and login features (#33521)
* Upgrade guide updates for renaming account, admin, and login features

Signed-off-by: stianst <stianst@gmail.com>

* Update docs/documentation/upgrading/topics/changes/changes-26_0_0.adoc

Signed-off-by: Stian Thorgersen <stian@redhat.com>

---------

Signed-off-by: stianst <stianst@gmail.com>
Signed-off-by: Stian Thorgersen <stian@redhat.com>
2024-10-03 15:05:48 +02:00
Jon Koops
aacdf80664 Add shim for Web Crypto API to admin and account console (#33480)
Closes #33330

Signed-off-by: Jon Koops <jonkoops@gmail.com>
2024-10-03 10:51:23 +00:00
Alexander Schwartz
cb12f03003 Rework AWS Lambda doc to show it is required (#33462)
Closes #33461
Signed-off-by: Alexander Schwartz <aschwart@redhat.com>
2024-10-02 12:42:11 +02:00
Jon Koops
21704a70c1 Update documentation and release notes for Keycloak JS (#33409)
Closes #32843

Signed-off-by: Jon Koops <jonkoops@gmail.com>
2024-10-01 10:29:23 +02:00
Peter Zaoral
d5d6390b1c Make Keycloak fail with an error when the persisted build options differs from those provided (#33241)
* PropertyException is now thrown instead of a warning
* Operator guides clarification around health and metrics options

Closes: #32717

Signed-off-by: Peter Zaoral <pzaoral@redhat.com>
2024-09-30 19:28:23 +02:00
Steven Hawkins
5d99d91818 fix: allows for the detection of a master realm with --import-realms (#32914)
also moving initial bootstrapping after import

closes: #32689

Signed-off-by: Steven Hawkins <shawkins@redhat.com>
Co-authored-by: Martin Bartoš <mabartos@redhat.com>
2024-09-30 14:40:16 +02:00
Steven Hawkins
53102521d2 fix: correcting the recovery upgrade note (#33356)
closes: #33307

Signed-off-by: Steve Hawkins <shawkins@redhat.com>
2024-09-30 08:22:29 -04:00
mposolda
8f038f19dd Upgrade BCFIPS to 2.0
closes #30415

Signed-off-by: mposolda <mposolda@gmail.com>
2024-09-26 06:52:21 +02:00
Jon Koops
021a2af2fd Compute SHA-256 digest for PKCE using the Web Crypto API (#33251)
Closes #33250

Signed-off-by: Jon Koops <jonkoops@gmail.com>
2024-09-25 16:19:16 +02:00
Martin Bartoš
84564f080a Redirect to relative-path from the root path (#32868)
Closes #32863

Signed-off-by: Martin Bartoš <mabartos@redhat.com>
2024-09-18 16:37:28 +02:00
mposolda
f1ec0a9bb6 Release notes and upgrading guide for the client libraries
closes #30815

Signed-off-by: mposolda <mposolda@gmail.com>

Co-authored-by: andymunro <48995441+andymunro@users.noreply.github.com>
Signed-off-by: Marek Posolda <mposolda@gmail.com>
2024-09-18 14:52:11 +02:00
Jon Koops
8bb3598129 Remove deprecated setOrCreateChild() method from Admin Client (#33022)
Closes #33021

Signed-off-by: Jon Koops <jonkoops@gmail.com>
2024-09-18 09:33:54 +02:00
Václav Muzikář
83c00731c3 Upgrade to Quarkus 3.14.2 (#32519)
Closes #32517

Signed-off-by: Václav Muzikář <vmuzikar@redhat.com>
2024-09-13 20:18:48 +02:00
Jon Koops
188893222f Remove references of statically served Keycloak JS from documentation
Closes #32821

Signed-off-by: Jon Koops <jonkoops@gmail.com>
2024-09-12 09:38:00 +02:00
Pedro Ruivo
24fce87a8e Deprecate old remote store (feedback)
Closes #32577

Signed-off-by: Pedro Ruivo <pruivo@redhat.com>
Signed-off-by: Alexander Schwartz <aschwart@redhat.com>
Co-authored-by: Alexander Schwartz <aschwart@redhat.com>
2024-09-11 14:08:53 +00:00
Alexander Schwartz
b88ecc0237 Removing the extra two-minute Window for persistent user sessions (#32660)
Closes #28418

Signed-off-by: Alexander Schwartz <aschwart@redhat.com>
Signed-off-by: Michal Hajas <mhajas@redhat.com>
Co-authored-by: Michal Hajas <mhajas@redhat.com>
2024-09-09 09:28:48 +02:00
Pedro Ruivo
3274591fe1 Deprecate old remote store
Closes #32577

Signed-off-by: Pedro Ruivo <pruivo@redhat.com>
Signed-off-by: Alexander Schwartz <aschwart@redhat.com>
Co-authored-by: Alexander Schwartz <aschwart@redhat.com>
2024-09-04 10:25:51 +00:00
rmartinc
cce9ae94c7 Move documentation to keycloak-client
Closes #31870

Signed-off-by: rmartinc <rmartinc@redhat.com>
2024-09-04 10:55:46 +02:00