Miguel C
ffa85cdd59
Add primary key to avoid issues in some mysql 8 server but still keep compatibility with others
...
Closes #35827
Signed-off-by: mike-pt <mike-pt@users.noreply.github.com >
2025-01-07 22:26:28 +01:00
Alexander Schwartz
c651323b7d
Trace validation of users to see contribution of external timing ( #36060 )
...
Closes #36059
Signed-off-by: Alexander Schwartz <aschwart@redhat.com >
2025-01-07 12:35:48 +01:00
Pedro Igor
761e9fb729
Make sure brokers are managed within the scope of the realm model object
...
Closes #34356
Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com >
2025-01-02 20:55:53 +01:00
Rungsikorn Rungsikavanich
41696b964b
Add client ID length validation ( #35725 )
...
Closes #35723
Signed-off-by: Rungsikorn Rungsikavarnich <rungsikorn@me.com >
2024-12-19 11:19:59 +01:00
rmartinc
bac5ec8858
Better caching for federated users
...
Closes #35637
Signed-off-by: rmartinc <rmartinc@redhat.com >
2024-12-12 09:22:58 -03:00
Pedro Igor
ad679b8729
Exact searches should be the default when querying user by attributes
...
Closes #35822
Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com >
2024-12-12 12:46:51 +01:00
Sven-Torben Janus
7531f97e54
Fix potential NPE in migration script for KC 26 ( #35794 )
...
Closes #35793
Signed-off-by: Sven-Torben Janus <sven-torben.janus@conciso.de >
2024-12-11 11:36:00 +01:00
Alexander Schwartz
cde8f25cc2
Group persistent session work activities in parent span or link them
...
Closes #35430
Signed-off-by: Alexander Schwartz <aschwart@redhat.com >
2024-12-10 13:55:35 +01:00
vramik
044807f162
[FGAP] Create new internal client which would hold the authorization objects for feature V2
...
Closes #34565
Signed-off-by: vramik <vramik@redhat.com >
2024-12-05 11:56:13 -03:00
Pedro Ruivo
86c475b9fc
Invoking BaseUpdater.markDeleted() more than once cause the transient status to be lost
...
Fixes #35570
Signed-off-by: Pedro Ruivo <pruivo@redhat.com >
2024-12-03 18:06:07 +01:00
Pedro Igor
7a35d4970d
Do not run changeset if comlumn already exists
...
Closes #35290
Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com >
2024-12-03 09:32:14 +01:00
Pedro Igor
a4d70ad6d2
Avoid creating ObjectMapper but using JsonSerialization utility class when managing event details
...
Closes #35457
Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com >
2024-12-02 13:54:14 +01:00
Pedro Igor
e5f1c9a6de
Make sure event details are not stored if they are null
...
Closes #35288
Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com >
2024-12-02 12:49:43 +01:00
Stefan Guilhen
88cfe426d8
Fix migration for MySQL database
...
- MariaDB and MySQL now use the same statement
- prevents a possible illegal mix of collations
Closes #34995
Signed-off-by: Stefan Guilhen <sguilhen@redhat.com >
2024-12-02 08:37:57 -03:00
Stefan Guilhen
9861acc2aa
UserSessionProvider.removeUserSessions now removes all user sessions (both regular and offline)
...
Closes #31359
Signed-off-by: Stefan Guilhen <sguilhen@redhat.com >
2024-11-29 12:35:15 -03:00
kanwhoa
85c582bb73
Aligned call flags for addDefaultRequiredActions
...
Closes #34769
Signed-off-by: kanwhoa <kano@kano.org.uk >
2024-11-29 10:14:01 +01:00
Miguel C
195ace8cb8
Use regular CREATE TABLE instead of CREATE TEMPORARY
...
Some hosted/managed environments like google CloudSQL, might not support this type of statement (i.e. when using replication and GTID)
Since we are dropping the table anyway it seems a regular CREATE statement should work fine here.
Signed-off-by: mike-pt <mike-pt@users.noreply.github.com >
2024-11-28 10:17:04 -03:00
Pedro Ruivo
a65fd34bbf
Make PermissionTicket events marshallable
...
Fixes #35328
Signed-off-by: Pedro Ruivo <pruivo@redhat.com >
2024-11-28 10:14:54 +01:00
Thomas Darimont
f61937f3d9
Prefer usage of StandardCharsets.UTF_8 over "UTF-8" charset reference
...
Fixes #35080
Signed-off-by: Thomas Darimont <thomas.darimont@googlemail.com >
Signed-off-by: Alexander Schwartz <aschwart@redhat.com >
Co-authored-by: Alexander Schwartz <aschwart@redhat.com >
2024-11-25 10:45:37 +00:00
rmartinc
9c348562b5
Drop old table USERNAME_LOGIN_FAILURE used before by UserSessionProvider
...
Closes #34380
Signed-off-by: rmartinc <rmartinc@redhat.com >
2024-11-19 17:13:16 +01:00
vramik
440e81c8b9
Add a realm-level setting to enable FGAP to a realm
...
Closes #34920
Signed-off-by: vramik <vramik@redhat.com >
2024-11-19 09:59:34 -03:00
Giuseppe Graziano
05adf19848
Authentication session with changelog transaction
...
Closes #23881
Closes #32658
Signed-off-by: Giuseppe Graziano <g.graziano94@gmail.com >
2024-11-15 14:10:15 +01:00
vramik
ebd411b93d
Upgrade 24 to 25 fails because db jpa changes drop nonexisting indexes.
...
Closes #34899
Signed-off-by: vramik <vramik@redhat.com >
2024-11-14 13:18:39 +01:00
Steven Hawkins
f8c1b6e779
fix: liquibase update summary to log only ( #34836 )
...
closes : #34818
Signed-off-by: Steve Hawkins <shawkins@redhat.com >
2024-11-14 11:28:08 +01:00
Pedro Igor
d04f7900f5
added membershipType to members list and membership type filter
...
Signed-off-by: Agnieszka Gancarczyk <agagancarczyk@gmail.com >
Co-authored-by: Pedro Igor <pigor.craveiro@gmail.com >
Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com >
Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com >
2024-11-12 09:13:18 -03:00
Pedro Igor
d3c5082244
Better message when updating users when import is disabled
...
Closes #31456
Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com >
2024-11-07 21:21:56 +01:00
Pedro Igor
b70303f293
Adding organization membership provider events
...
Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com >
2024-11-07 17:19:43 -03:00
Pedro Igor
0a05ba49d1
Adding a details map to admin events to store additional contextual data when the event is fired
...
Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com >
2024-11-07 17:19:43 -03:00
Stefan Guilhen
e28b88bc02
Guard against NPE by checking if caches are null in InfinispanOrganizationProvider
...
- caches can be disabled and the provider has to check if they are set when using them
Closes #34603
Signed-off-by: Stefan Guilhen <sguilhen@redhat.com >
2024-11-07 10:11:54 -03:00
Ricardo Martin
226daa41c7
Add service account mappers via client scope instead of dedicated scope ( #34664 )
...
Closes #10417
Signed-off-by: rmartinc <rmartinc@redhat.com >
Co-authored-by: andymunro <48995441+andymunro@users.noreply.github.com >
Signed-off-by: Ricardo Martin <rmartinc@redhat.com >
2024-11-07 08:45:11 +01:00
Thomas Darimont
3315ea718a
Add ability to enable OID4VCI Verifiable Credentials per realm ( #34524 )
...
- Added new realm property verifiableCredentialsEnabled
- Updated RealmRepresentation
- Guarded route to Oid4VCI page
- Add boolean switch to Realm settings page to control Verifiable Credentials enablement
- We now only show the Verifiable Credentials page in the nave if the "Verifiable Credentials" realm setting is enabled.
Fixes #34524
Signed-off-by: Thomas Darimont <thomas.darimont@googlemail.com >
2024-11-04 14:58:30 +01:00
Stefan Guilhen
9c50813bf4
Add validChecksum to jpa-changelog-26.0.0.xml
...
Closes #34450
Signed-off-by: Stefan Guilhen <sguilhen@redhat.com >
2024-10-31 07:54:27 -03:00
Stefan Guilhen
ac25844731
Ensure hide_on_login has the default value set to 0 on MSSQL
...
Closes #34450
Signed-off-by: Stefan Guilhen <sguilhen@redhat.com >
2024-10-30 12:46:17 -03:00
Marek Posolda
3784fd1f67
Attempt to run snapshot Keycloak server against production DB should fail during migration
...
closes #30364
Signed-off-by: mposolda <mposolda@gmail.com >
Signed-off-by: Alexander Schwartz <aschwart@redhat.com >
Co-authored-by: Alexander Schwartz <aschwart@redhat.com >
2024-10-28 15:02:26 +00:00
Pedro Ruivo
84f4bd8af1
Client Scope updates are not replicated between Keycloak nodes
...
Fixes #33731
Signed-off-by: Pedro Ruivo <pruivo@redhat.com >
2024-10-25 11:22:15 +02:00
Martin Kanis
4f3ced9560
ConcurrentModificationException when restarting user sessions
...
Closes #34093
Signed-off-by: Martin Kanis <mkanis@redhat.com >
2024-10-24 21:26:50 +02:00
Erik Jan de Wit
cc5b8dfd38
reset first when selecting subgroup ( #34200 )
...
fixes : #34149
Signed-off-by: Erik Jan de Wit <erikjan.dewit@gmail.com >
2024-10-23 14:34:09 -04:00
Pedro Ruivo
f507caae6c
Deleting a user leads to ISPN marshalling exception
...
Fixes #34224
Signed-off-by: Pedro Ruivo <pruivo@redhat.com >
2024-10-23 11:53:25 +02:00
Ryan Emerson
902abfdae4
JDBC_PING as default discovery protocol
...
Closes #29399
- Add ProviderFactory#dependsOn to allow dependencies between
ProviderFactories to be explicitly defined
- Disable Infinispan default shutdownhook disabled to ensure lifecycle
is managed exclusively by Keycloak
- Remove Infinispan shutdown hook in KeycloakRecorder and manage
EmbeddedCacheManager lifecycle only in DefaultInfinispanConnectionProviderFactory#close
Signed-off-by: Ryan Emerson <remerson@redhat.com >
Signed-off-by: Alexander Schwartz <aschwart@redhat.com >
Co-authored-by: Alexander Schwartz <aschwart@redhat.com >
2024-10-22 20:19:19 +00:00
Gilvan Filho
c4005d29f0
add linear strategy to brute force
...
closes #25917
Signed-off-by: Gilvan Filho <gilvan.sfilho@gmail.com >
2024-10-22 10:33:22 -03:00
Pedro Hos
91026d6713
NPE when Default Role is not present on CachedRealm
...
closes : #33817
Signed-off-by: Pedro Hos <pedro-hos@outlook.com >
2024-10-15 09:23:18 +02:00
Kevin Köllmann
23a6822715
Don't fail on drop index IDX_US_SESS_ID_ON_CL_SESS
...
Closes #33780
Signed-off-by: Kevin Köllmann <kevin@kllmnn.de >
Signed-off-by: Alexander Schwartz <alexander.schwartz@gmx.net >
Co-authored-by: Alexander Schwartz <alexander.schwartz@gmx.net >
2024-10-10 15:37:40 +00:00
Pedro Igor
f4f3a7de4a
The event should also support user invalidation events
...
Closes #33777
Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com >
2024-10-10 11:41:50 -03:00
Pedro Ruivo
464fc90519
Fail to start if work cache is not replicated
...
Keycloak will now fail to start if the work cache is replicated.
Listeners require the data to be local.
Closes #33702
Signed-off-by: Pedro Ruivo <pruivo@redhat.com >
Signed-off-by: Alexander Schwartz <aschwart@redhat.com >
Co-authored-by: Alexander Schwartz <aschwart@redhat.com >
2024-10-09 19:40:24 +00:00
Ryan Emerson
42484bd884
Allow proto-schema-compatibility-maven-plugin to be skipped with property ( #33693 )
...
Closes #33692
Signed-off-by: Ryan Emerson <remerson@redhat.com >
2024-10-08 14:22:41 +00:00
mposolda
07cf71e818
Better logging when error happens during transaction commit
...
closes #33275
Signed-off-by: mposolda <mposolda@gmail.com >
2024-10-08 11:14:10 +02:00
Ryan Emerson
e7ad9ff2d6
Add proto-schema-compatibility-maven-plugin check against release/26.0 branch to main
...
Closes #33565
Signed-off-by: Ryan Emerson <remerson@redhat.com >
2024-10-04 15:55:12 +02:00
Pedro Igor
13111daceb
Move organization membership cache entries to the user cache
...
Closes #33412
Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com >
2024-10-03 10:31:26 -03:00
vramik
b7eaa9b0cb
Wildcard search not working for custom user attributes
...
Closes #32451
Signed-off-by: vramik <vramik@redhat.com >
2024-10-03 08:48:36 -03:00
vramik
c1653448f3
[Organizations] Allow orgs to define the redirect URL after user registers or accepts invitation link
...
Closes #33201
Signed-off-by: vramik <vramik@redhat.com >
2024-10-02 07:37:48 -03:00