Alexander Schwartz
df42e9140d
Fix nesting of argon2 semaphore acquisition and release
...
Closes #45564
Signed-off-by: Alexander Schwartz <alexander.schwartz@ibm.com>
2026-01-20 11:16:30 +01:00
Alexander Schwartz
dd0214bc78
Do not use whitelist/blacklist in the UI
...
Closes #45539
Signed-off-by: Alexander Schwartz <alexander.schwartz@ibm.com>
2026-01-20 11:12:23 +01:00
Pedro Igor
a1e9e63f06
Drop IDX_IDP_FOR_LOGIN index before changing columns
...
Closes #45396
Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>
2026-01-20 09:41:41 +01:00
Alexander Schwartz
5724ae1534
Updating specifications list to show DPoP as supported
...
Closes #45584
Signed-off-by: Alexander Schwartz <alexander.schwartz@ibm.com>
2026-01-20 09:35:26 +01:00
Peter Zaoral
654a819dca
Enable HelpCommandDistTest on Windows runners ( #45197 )
...
* Enable HelpCommandDistTest on Windows runners
Closes : #45044
Signed-off-by: Peter Zaoral <pepo48@gmail.com>
* Enable HelpCommandDistTest on Windows runners
Closes : #45044
Signed-off-by: Peter Zaoral <pepo48@gmail.com>
* Enable HelpCommandDistTest on Windows runners
Closes : #45044
Signed-off-by: Peter Zaoral <pepo48@gmail.com>
---------
Signed-off-by: Peter Zaoral <pepo48@gmail.com>
2026-01-19 22:05:08 -05:00
Martin Bartoš
137a35c110
Mask certain HTTP headers and cookies in the HTTP access log ( #45400 )
...
* Mask certain HTTP headers and cookies in the HTTP access log
Closes #43811
Signed-off-by: Martin Bartoš <mabartos@redhat.com>
Co-authored-by: Václav Muzikář <vaclav@muzikari.cz>
* Improve tests, Improve docs
Signed-off-by: Martin Bartoš <mabartos@redhat.com>
* Fix test
Signed-off-by: Martin Bartoš <mabartos@redhat.com>
---------
Signed-off-by: Martin Bartoš <mabartos@redhat.com>
Co-authored-by: Václav Muzikář <vaclav@muzikari.cz>
2026-01-19 19:01:45 +01:00
vramik
13a5a92a92
Fix ORG_DOMAIN.ORG_ID charset and collation on mysql and mariadb
...
Closes #45526
Signed-off-by: vramik <vramik@redhat.com>
2026-01-19 11:35:31 -03:00
Martin Bartoš
581880dfa3
Add comment on why it is used
...
Signed-off-by: Martin Bartoš <mabartos@redhat.com>
2026-01-19 14:18:40 +01:00
Martin Bartoš
27a2fe6862
ConcurrentModificationException in KeycloakProcessor#configureProfile
...
Closes #45501
Signed-off-by: Martin Bartoš <mabartos@redhat.com>
2026-01-19 14:18:40 +01:00
forkimenjeckayang
fa28ddddb2
[OID4VCI] Disable OID4VCI functionality when Verified Credentials switch is off ( #44995 )
...
closes #44622
Signed-off-by: forkimenjeckayang <forkimenjeckayang@gmail.com>
Signed-off-by: mposolda <mposolda@gmail.com>
Co-authored-by: mposolda <mposolda@gmail.com>
2026-01-19 14:09:42 +01:00
Pedro Igor
c8a41dea99
Reverting format changes, updating docs, and only exposing the method to fetch first-factor credentials
...
Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>
2026-01-19 08:30:47 -03:00
Nikita Bohuslavskyi
348670ae32
Align organization broker redirect after OTP setup
...
Closes #40510
Signed-off-by: Nikita Bohuslavskyi <nikita.bohuslavskyi@student.tuke.sk>
2026-01-19 08:30:47 -03:00
Steve Hawkins
eff97618ef
fix: moving nonserver defaults out of application.properties
...
closes : #42332
Signed-off-by: Steve Hawkins <shawkins@redhat.com>
2026-01-19 12:11:12 +01:00
Pedro Ruivo
6ceaa2d391
Skip required runtime properties during build stage
...
Fixes #45415
Signed-off-by: Pedro Ruivo <1492066+pruivo@users.noreply.github.com>
Co-authored-by: Pedro Ruivo <1492066+pruivo@users.noreply.github.com>
2026-01-16 20:53:43 +01:00
Pedro Ruivo
9e75e586e1
Remove duplicated maven-javadoc-plugin
...
Closes #45471
Signed-off-by: Pedro Ruivo <1492066+pruivo@users.noreply.github.com>
Co-authored-by: Pedro Ruivo <1492066+pruivo@users.noreply.github.com>
2026-01-16 17:23:11 +00:00
jschae23
91ba06bca5
fix(admin-ui): fix setFileUpload implementation to correctly display filename
...
Weblate Sync / Trigger Weblate to pull the latest changes (push) Has been cancelled
Closes #45488
Signed-off-by: jschae23 <56294075+jschae23@users.noreply.github.com>
Signed-off-by: Alexander Schwartz <alexander.schwartz@ibm.com>
Co-authored-by: Alexander Schwartz <alexander.schwartz@ibm.com>
2026-01-16 17:23:39 +01:00
Steven Hawkins
c3739efaa6
fix: making cert lookup spi public ( #45010 )
...
closes : #33818
Signed-off-by: Steve Hawkins <shawkins@redhat.com>
2026-01-16 15:57:39 +01:00
rmartinc
07b9b9656b
Allow client_id as an audience in the JWT Authorization Grant and Client Assertions
...
Closes #45178
Signed-off-by: rmartinc <rmartinc@redhat.com>
2026-01-16 15:48:28 +01:00
Roni Saha
fccd46f7ba
Fix Federation Cache Policy details not shown when editing provider ( #42222 ) ( #45375 )
...
When the SelectControl component was refactored to use ui-shared controls,
the comparison logic for cache policy values was not updated correctly.
The refactored SelectControl returns string values ('EVICT_WEEKLY', 'EVICT_DAILY', etc.)
when using string options, but the code was still comparing against arrays (['EVICT_WEEKLY']).
This caused the conditional rendering of cache policy detail fields (evictionDay,
evictionHour, evictionMinute, maxLifespan) to always fail when editing an existing
federation provider.
Changes:
- Changed direct string comparisons instead of array comparisons
- Updated defaultValue from array to string format
- Removed array indexing from field names (e.g., 'config.evictionDay[0]' to 'config.evictionDay')
- Removed unused isEqual import from lodash-es
Signed-off-by: Roni Saha <roni.cse@gmail.com>
2026-01-16 09:25:09 -05:00
Weblate (bot)
1547386f4f
Translations update from Hosted Weblate ( #45199 )
...
* Updated translation for Turkish
Language: tr
Updated translation for Turkish
Language: tr
Updated translation for Turkish
Language: tr
Updated translation for Turkish
Language: tr
Updated translation for Turkish
Language: tr
Updated translation for Turkish
Language: tr
Co-authored-by: Alpertunga <a_ertin@msn.com>
Co-authored-by: Arif EROL <arif.erol16@gmail.com>
Co-authored-by: Hosted Weblate <hosted@weblate.org>
Signed-off-by: Alpertunga <a_ertin@msn.com>
Signed-off-by: Arif EROL <arif.erol16@gmail.com>
Signed-off-by: Hosted Weblate <hosted@weblate.org>
* Updated translation for German
Language: de
Co-authored-by: Hosted Weblate <hosted@weblate.org>
Co-authored-by: mwllgr <zadolux@inscomers.net>
Signed-off-by: Hosted Weblate <hosted@weblate.org>
Signed-off-by: mwllgr <zadolux@inscomers.net>
* Updated translation for Japanese
Language: ja
Updated translation for Japanese
Language: ja
Co-authored-by: Hosted Weblate <hosted@weblate.org>
Co-authored-by: Kohei Tamura <ktamura.biz.80@gmail.com>
Signed-off-by: Hosted Weblate <hosted@weblate.org>
Signed-off-by: Kohei Tamura <ktamura.biz.80@gmail.com>
* Updated translation for French
Language: fr
Updated translation for French
Language: fr
Updated translation for French
Language: fr
Updated translation for French
Language: fr
Updated translation for French
Language: fr
Updated translation for French
Language: fr
Updated translation for French
Language: fr
Updated translation for French
Language: fr
Co-authored-by: Alexander Schwartz <alexander.schwartz@gmx.net>
Co-authored-by: Dodouce <marin.pau22@gmail.com>
Co-authored-by: Hosted Weblate <hosted@weblate.org>
Co-authored-by: Sylvain Pichon <service@spichon.fr>
Signed-off-by: Alexander Schwartz <alexander.schwartz@gmx.net>
Signed-off-by: Dodouce <marin.pau22@gmail.com>
Signed-off-by: Hosted Weblate <hosted@weblate.org>
Signed-off-by: Sylvain Pichon <service@spichon.fr>
* Updated translation for Chinese (Traditional Han script)
Language: zh_Hant
Co-authored-by: Hosted Weblate <hosted@weblate.org>
Co-authored-by: 秉虎 <s96016641@gmail.com>
Signed-off-by: Hosted Weblate <hosted@weblate.org>
Signed-off-by: 秉虎 <s96016641@gmail.com>
---------
Signed-off-by: Alpertunga <a_ertin@msn.com>
Signed-off-by: Arif EROL <arif.erol16@gmail.com>
Signed-off-by: Hosted Weblate <hosted@weblate.org>
Signed-off-by: mwllgr <zadolux@inscomers.net>
Signed-off-by: Kohei Tamura <ktamura.biz.80@gmail.com>
Signed-off-by: Alexander Schwartz <alexander.schwartz@gmx.net>
Signed-off-by: Dodouce <marin.pau22@gmail.com>
Signed-off-by: Sylvain Pichon <service@spichon.fr>
Signed-off-by: 秉虎 <s96016641@gmail.com>
Co-authored-by: Alpertunga <a_ertin@msn.com>
Co-authored-by: Arif EROL <arif.erol16@gmail.com>
Co-authored-by: mwllgr <zadolux@inscomers.net>
Co-authored-by: Kohei Tamura <ktamura.biz.80@gmail.com>
Co-authored-by: Alexander Schwartz <alexander.schwartz@gmx.net>
Co-authored-by: Dodouce <marin.pau22@gmail.com>
Co-authored-by: Sylvain Pichon <service@spichon.fr>
Co-authored-by: 秉虎 <s96016641@gmail.com>
2026-01-16 15:14:31 +01:00
Steve Hawkins
967180b024
fix: moving event enum expected values to quarkus logic
...
closes : #44679
Signed-off-by: Steve Hawkins <shawkins@redhat.com>
2026-01-16 13:52:50 +01:00
Steve Hawkins
aa5022aaf6
fix: removing references to shaded testcontainer classes
...
closes : #45188
Signed-off-by: Steve Hawkins <shawkins@redhat.com>
2026-01-16 13:52:50 +01:00
Martin Bartoš
27b1ab93f8
Ignore OpenAPI artifacts when disabled ( #45499 )
...
Closes #45498
Signed-off-by: Martin Bartoš <mabartos@redhat.com>
2026-01-16 13:27:06 +01:00
stianst
8aaf3e4606
Allow re-using server when running tests with the new framework
...
Closes #44101
Signed-off-by: stianst <stianst@gmail.com>
2026-01-16 09:11:43 -03:00
Martin Kanis
4f91b5246e
User REST Admin API - count and search returns different amount of users
...
Closes #45219
Signed-off-by: Martin Kanis <mkanis@redhat.com>
2026-01-16 07:29:42 -03:00
mposolda
fcc9ade022
Not able to find key for credential signature if client scope was saved from admin console
...
Weblate Sync / Trigger Weblate to pull the latest changes (push) Waiting to run
closes #44699
Signed-off-by: mposolda <mposolda@gmail.com>
2026-01-16 08:51:51 +01:00
Tomohiko Ozawa
131131a003
include OrganizationInvitationResource to the admin REST API document
...
Closes #45474
Signed-off-by: Tomohiko Ozawa <kota65535@gmail.com>
2026-01-15 21:11:14 +00:00
Stefan Guilhen
c63a8aa087
Step provider factories cleanup
...
- adds default init, postInit, close, getConfigProperties methods to WorkflowStepProviderFactory
Closes #45398
Signed-off-by: Stefan Guilhen <sguilhen@redhat.com>
2026-01-15 15:32:45 -03:00
Stefan Guilhen
5ed7894502
Add step implementation to remove user attributes
...
Closes #44650
Signed-off-by: Stefan Guilhen <sguilhen@redhat.com>
2026-01-15 14:28:35 -03:00
Stefan Guilhen
744dfd0468
Allow ISO-8601 time formats for the workflows step-runner-task-interval config
...
Closes #45172
Signed-off-by: Stefan Guilhen <sguilhen@redhat.com>
2026-01-15 14:27:20 -03:00
Sebastian Schuster
c5c83d6604
Fix test failures
...
Signed-off-by: Sebastian Schuster <sebastian.schuster@bosch.com>
2026-01-15 14:06:54 -03:00
Sebastian Schuster
9d0f679ece
45417 fixed unmanaged attributes to not allow writing when only admin can view policy is enabled
...
Signed-off-by: Sebastian Schuster <sebastian.schuster@bosch.com>
2026-01-15 14:06:54 -03:00
Ruchika Jha
e2e11a3b8e
Hide Remember Me session settings when Remember Me is disabled in realm settings edit page in UI
...
Closes #44973
Signed-off-by: Ruchika <ruchika.jha1@ibm.com>
Signed-off-by: Ruchika Jha <Ruchika.Jha1@ibm.com>
Signed-off-by: Alexander Schwartz <alexander.schwartz@ibm.com>
Co-authored-by: Alexander Schwartz <alexander.schwartz@ibm.com>
2026-01-15 16:46:50 +00:00
Pedro Ruivo
e4bb53a743
Update maven-javadoc-plugin version to 3.2.0
...
Weblate Sync / Trigger Weblate to pull the latest changes (push) Waiting to run
Closes #45471
Signed-off-by: Pedro Ruivo <1492066+pruivo@users.noreply.github.com>
Co-authored-by: Pedro Ruivo <1492066+pruivo@users.noreply.github.com>
2026-01-15 15:11:33 +00:00
Pedro Igor
ab351170b4
Support aggregated policies during partial evaluation
...
Closes #45324
Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>
2026-01-15 15:20:52 +01:00
Pedro Igor
37ff64446b
Allow hide organization brokers when the user does not map to any organization during login
...
Closes #45422
Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>
2026-01-15 15:19:43 +01:00
Martin Bartoš
45e59d8181
Management interface endpoint lists available endpoints ( #45438 )
...
Closes #45467
Signed-off-by: Martin Bartoš <mabartos@redhat.com>
2026-01-15 13:31:23 +01:00
Alexander Schwartz
391593cfa7
Implement asynchronous logging when called from nonblocking threads
...
Closes #45015
Signed-off-by: Alexander Schwartz <alexander.schwartz@gmx.net>
Signed-off-by: Alexander Schwartz <alexander.schwartz@ibm.com>
Signed-off-by: Martin Bartoš <mabartos@redhat.com>
Co-authored-by: Martin Bartoš <mabartos@redhat.com>
2026-01-15 09:20:34 -03:00
Thomas Diesler
8f0ec215b2
[OID4VCI] Issuer metadata contains unwanted 'id' for credential_configurations_supported ( #45210 )
...
closes #45209
Signed-off-by: Thomas Diesler <tdiesler@ibm.com>
2026-01-15 12:56:13 +01:00
Awambeng Rodrick
07b2cbd33d
Make OID4VC credential offer storage cluster-aware and rename provider
...
- Replace InMemoryCredentialOfferStorage with DefaultCredentialOfferStorage backed by singleUseObjects (Infinispan)
- Fix expiration handling by converting absolute expiration timestamps to lifespan seconds and skipping already-expired entries
- Rename factory to DefaultCredentialOfferStorageFactory and change provider id to default
- Update SPI service registration and add JavaDoc clarifying cluster/cross-DC behavior
Closes #44674
Signed-off-by: Awambeng Rodrick <awambengrodrick@gmail.com>
2026-01-15 12:35:30 +01:00
Thomas Diesler
d8b74e77ab
OID4VCI credentials have invalid subject id value ( #45004 )
...
closes #43854
Signed-off-by: Thomas Diesler <tdiesler@ibm.com>
2026-01-15 12:28:30 +01:00
Martin Bartoš
ab25c8e059
Fix link to OpenTelemetry guide in logging
...
Closes keycloak/keycloak-web#692
Co-authored-by: Ryan Emerson <remerson@ibm.com>
Signed-off-by: Martin Bartoš <mabartos@redhat.com>
2026-01-15 11:05:21 +01:00
Giuseppe Graziano
db1f75a1cf
Fix duplicate address claim in IDToken ( #45423 )
...
Closes #45250
Signed-off-by: Giuseppe Graziano <g.graziano94@gmail.com>
2026-01-15 08:48:31 +01:00
Peter Skopek
87acc63f99
Determine root distribution directory properly from ZIP file itself. ( #43406 )
...
* Determine root distribution directory properly from ZIP file itself.
Closes #43356
Signed-off-by: Peter Skopek <pskopek@redhat.com>
* Apply suggestions from code review
Co-authored-by: Martin Bartoš <mabartos@redhat.com>
Signed-off-by: Peter Skopek <skpeter@gmail.com>
Signed-off-by: Peter Skopek <pskopek@redhat.com>
---------
Signed-off-by: Peter Skopek <pskopek@redhat.com>
Signed-off-by: Peter Skopek <skpeter@gmail.com>
Co-authored-by: Martin Bartoš <mabartos@redhat.com>
2026-01-15 08:36:18 +01:00
Steven Hawkins
a4df602f62
fix: refining arg handling ( #44579 )
...
relying on picocli parsing as much as possible
closes : #44578
Signed-off-by: Steve Hawkins <shawkins@redhat.com>
2026-01-14 10:57:48 -05:00
Martin Bartoš
f09c906f87
OpenApiDistTest fails in CI ( #45426 )
...
Closes #45425
Signed-off-by: Martin Bartoš <mabartos@redhat.com>
2026-01-14 08:52:11 -05:00
Björn Eickvonder
7e32e10b27
fix(admin-ui): admin events for dedicated user now show all user related events ( #45333 ) ( #45414 )
...
Signed-off-by: Björn Eickvonder <bjoern.eickvonder@inform-software.com>
2026-01-14 08:12:20 -05:00
Ryan Emerson
349c722ed9
Update multi-cluster documentation for zero-downtime upgrades
...
Closes #45338
Parts of the Infinispan docs for the in-place update of patch releases rely on ISPN16 behavior.
Signed-off-by: Ryan Emerson <remerson@ibm.com>
2026-01-14 12:35:03 +01:00
Stian Thorgersen
198730cd0d
Allow absolute path for cache-config-file ( #45416 )
...
Closes #19374
Signed-off-by: stianst <stianst@gmail.com>
2026-01-14 11:05:50 +00:00
Martin Bartoš
b61a00cbba
[admin-api-v2] Every distinct Admin API should be versioned ( #44527 )
...
Closes #44527
Signed-off-by: Martin Bartoš <mabartos@redhat.com>
2026-01-14 12:05:33 +01:00
