upstream/keycloak
1
0
Fork 0
mirror of https://github.com/keycloak/keycloak.git synced 2026-04-08 18:50:36 -04:00
Code Issues Projects Releases Packages Wiki Activity Actions 27
30693 commits 28 branches 303 tags 883 MiB
Commit graph

29 commits

Author SHA1 Message Date
Pedro Igor
6a4f865013
Support for managing members via group resource type 
Closes #46216

Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>
 2026-04-02 20:06:12 +02:00
Pedro Igor
c965fcffc4
Review error responses
Some checks failed
Weblate Sync / Trigger Weblate to pull the latest changes (push) Has been cancelled
Details 
Closes #47643

Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>
 2026-04-02 12:19:23 +02:00
vramik
cb8b6e3e18 SCIM Authorization Bypass in User Group Management 
Closes #47536

Signed-off-by: vramik <vramik@redhat.com>
 2026-04-01 07:36:34 -03:00
Pedro Igor
e285560033 Add externalId attribute to group resource type 
Closes #47481

Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>

# Conflicts:
#	scim/core/src/main/java/org/keycloak/scim/resource/schema/attribute/Attribute.java
#	scim/model/src/main/java/org/keycloak/scim/model/schema/SchemaResourceTypeProvider.java
 2026-03-31 11:17:24 +02:00
Stefan Guilhen
9584b9296c Add a new SCIM filter evaluator to be used in remove PATCH filters 
Closes #47606

Signed-off-by: Stefan Guilhen <sguilhen@redhat.com>
 2026-03-30 17:56:46 -03:00
Pedro Igor
ed5a2e0f00 Request and exclude attributes based on the parent or schema extension
Some checks failed
Weblate Sync / Trigger Weblate to pull the latest changes (push) Has been cancelled
Details 
Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>
 2026-03-27 17:11:37 -03:00
Martin Kanis
ea89f8a492 Add additional tests 
Closes #47268

Signed-off-by: Martin Kanis <mkanis@redhat.com>
 2026-03-27 17:11:37 -03:00
Pedro Igor
a99482be22 Case-insensitive attribute matching 
Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>
 2026-03-27 17:11:37 -03:00
Martin Kanis
1829caccc8 Add support for attribute filtering in SCIM 
Closes #47268

Signed-off-by: Martin Kanis <mkanis@redhat.com>
 2026-03-27 17:11:37 -03:00
vramik
a4796fe801 Add view-realm admin role check to SCIM discovery endpoints 
Closes #46859

Signed-off-by: vramik <vramik@redhat.com>
 2026-03-24 08:56:43 -03:00
Pedro Igor
aba0b71ea2
Enforce realm admin roles and permission when managing resources
Some checks are pending
Weblate Sync / Trigger Weblate to pull the latest changes (push) Waiting to run
Details 
Closes #47072

Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>
 2026-03-17 20:30:25 +01:00
Stefan Guilhen
a420190942 Add suppor for complex attribute notation in SCIM filters 
Closes #47222

Signed-off-by: Stefan Guilhen <sguilhen@redhat.com>
 2026-03-17 12:43:18 -03:00
Pedro Igor
7f6b7a85f6
Minor improvements to scim 
Closes #47059

Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>
 2026-03-13 11:06:25 +01:00
vramik
9cc536d14c Expose supported schemas through the Schemas endpoint 
Closes #46217

Signed-off-by: vramik <vramik@redhat.com>
 2026-03-12 09:12:22 -03:00
Martin Kanis
89d58997ce SCIM Make sure admin events are fired when managing resource types
Some checks failed
Weblate Sync / Trigger Weblate to pull the latest changes (push) Has been cancelled
Details 
Closes #46295

Signed-off-by: Martin Kanis <mkanis@redhat.com>
 2026-03-11 11:32:21 -03:00
Pedro Igor
fcb9bdd3e9
Support for querying group members through the User API 
Closes #46226

Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>
 2026-03-11 13:39:17 +01:00
Stefan Guilhen
d710c6a4b9 Refactor ScimJPAPredicateProvider 
- remove duplicate code in createPresencePredicate and createComparisonPredicate

Signed-off-by: Stefan Guilhen <sguilhen@redhat.com>
 2026-03-10 11:26:53 -03:00
Martin Kanis
a6b31e879f
SCIM Track the last time a resource was modified 
Closes #46223

Signed-off-by: Martin Kanis <mkanis@redhat.com>
 2026-03-10 14:41:07 +01:00
Pedro Igor
623f942070 Support for groups attribute from User core schema 
Closes #46215

Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>
 2026-03-06 04:33:17 -03:00
Stefan Guilhen
83578f8a73 Add default maxResults of 100 when searching SCIM resources 
- also introduce count methods to return correct totalResults in search responses

Closes #46684

Signed-off-by: Stefan Guilhen <sguilhen@redhat.com>
 2026-03-04 08:50:54 -03:00
Stefan Guilhen
b93e249fc9 Fix GroupResourceTypeProvider to exclude organization groups 
- also order by name to be consistent with no-filter searches

Closes #46684

Signed-off-by: Stefan Guilhen <sguilhen@redhat.com>
 2026-03-04 08:50:54 -03:00
Stefan Guilhen
2e1f3625e0 Fix UserResourceTypeProvider to exclude service accounts 
- also order by username to be consistent with no-filter searches
- further enhancements to FilterTest

Closes #46684

Signed-off-by: Stefan Guilhen <sguilhen@redhat.com>
 2026-03-04 08:50:54 -03:00
Stefan Guilhen
df80c10fce Enhancements to FilterTest 
- increased coverage to all filter operators
- tests problematic expressions

Closes #46684

Signed-off-by: Stefan Guilhen <sguilhen@redhat.com>
 2026-03-04 08:50:54 -03:00
Stefan Guilhen
505471c9a6 Refactor ScimJPAPredicateProvider to better detect invalid filter expressions 
- also fixes issue with query.where() being erroneously called by the provider

Closes #46684

Signed-off-by: Stefan Guilhen <sguilhen@redhat.com>
 2026-03-04 08:50:54 -03:00
Pedro Igor
6cab34e441
Make sure ids match when performing a PUT 
Closes #46658

Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>
 2026-03-03 13:36:16 +01:00
Pedro Igor
884e46d125
Enable and disable SCIM API to a realm through the administration console 
Closes #46755

Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>
 2026-03-03 10:16:30 +01:00
Pedro Igor
d52e5a1234
Support for PATCH operations (#46561) 
Closes #46214

Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>
 2026-03-03 09:00:28 +01:00
Stefan Guilhen
857b0e6925
Add support for filtering on SCIM endpoints 
Closes #46221

Signed-off-by: Stefan Guilhen <sguilhen@redhat.com>
 2026-02-27 12:20:01 -03:00
Pedro Igor
3e3a7befd1
Initial code for SCIM core and testsuite (#45978) 
Closes #45712

Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>
 2026-02-23 18:22:25 +01:00