keycloak

upstream/keycloak

Fork 0

mirror of https://github.com/keycloak/keycloak.git synced 2026-04-08 02:35:22 -04:00

History

Thomas Darimont 2a7495b4f5 Some checks failed Weblate Sync / Trigger Weblate to pull the latest changes (push) Has been cancelled Details Allow specifying max allowed expiration of federated client assertion in the Identity Provider settings (#46629 ) * Add support to specify max expiration time for client assertions in Identity Provider settings (#46304, #46626, #46627) We now support the configuration of max client assertion expiration time for the following providers: - OIDC Identity Provider - SPIFFE Identity Provider - Kubernetes Identity Provider Added testFederatedClientAssertionMaxExpiration test. Added UI test for saving and retrieving fedClientAssertionMaxExp for Kubernetes Identity Provider. Fixes #46304 (SPIFFE) Fixes #46626 (Kubernetes) Fixes #46627 (OIDC) Signed-off-by: Thomas Darimont <thomas.darimont@googlemail.com> * Move client auth tests to AbstractBaseClientAuthTest This allows testing base, Kubernetes and Spiffe implementations. Fixes #46630 Signed-off-by: Thomas Darimont <thomas.darimont@googlemail.com> --------- Signed-off-by: Thomas Darimont <thomas.darimont@googlemail.com>	2026-02-27 07:05:10 +00:00
..
java/org/keycloak/tests	Allow specifying max allowed expiration of federated client assertion in the Identity Provider settings (#46629 )	2026-02-27 07:05:10 +00:00
resources	Add support for looking up client secrets via Vault SPI (#39650 )	2026-01-28 16:45:30 +01:00

Thomas Darimont 2a7495b4f5

Weblate Sync / Trigger Weblate to pull the latest changes (push) Has been cancelled

Details

Allow specifying max allowed expiration of federated client assertion in the Identity Provider settings (#46629 )

* Add support to specify max expiration time for client assertions in Identity Provider settings (#46304, #46626, #46627)

We now support the configuration of max client assertion expiration time for the following providers:
- OIDC Identity Provider
- SPIFFE Identity Provider
- Kubernetes Identity Provider

Added testFederatedClientAssertionMaxExpiration test.
Added UI test for saving and retrieving fedClientAssertionMaxExp for Kubernetes Identity Provider.

Fixes #46304 (SPIFFE)
Fixes #46626 (Kubernetes)
Fixes #46627 (OIDC)

Signed-off-by: Thomas Darimont <thomas.darimont@googlemail.com>

* Move client auth tests to AbstractBaseClientAuthTest

This allows testing base, Kubernetes and Spiffe implementations.

Fixes #46630

Signed-off-by: Thomas Darimont <thomas.darimont@googlemail.com>

---------

Signed-off-by: Thomas Darimont <thomas.darimont@googlemail.com>

2026-02-27 07:05:10 +00:00

java/org/keycloak/tests

Allow specifying max allowed expiration of federated client assertion in the Identity Provider settings (#46629 )

2026-02-27 07:05:10 +00:00

resources

Add support for looking up client secrets via Vault SPI (#39650 )

2026-01-28 16:45:30 +01:00