feat(jans-keycloak-integration): enhancements to keycloak integration #8614 #8747
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
* updated the keycloak configuration file to reflect the configuration for the storage-spi Signed-off-by: Rolain Djeumen <uprightech@gmail.com>
Signed-off-by: Rolain Djeumen <uprightech@gmail.com>
Signed-off-by: Rolain Djeumen <uprightech@gmail.com>
Signed-off-by: Rolain Djeumen <uprightech@gmail.com>
… persistence layer Signed-off-by: Rolain Djeumen <uprightech@gmail.com>
…8614 * added persistence manager configuration for protocol mapper Signed-off-by: Rolain Djeumen <uprightech@gmail.com>
#8614 Signed-off-by: Rolain Djeumen <uprightech@gmail.com>
* added dependencies to protocol mapper * added protocol mapper main class Signed-off-by: Rolain Djeumen <uprightech@gmail.com>
* added relevant models to fetch user attributes * refactored the db configuration classes Signed-off-by: Rolain Djeumen <uprightech@gmail.com>
* created maven project for janssen spi bundle Signed-off-by: Rolain Djeumen <uprightech@gmail.com>
* added dependencies xml Signed-off-by: Rolain Djeumen <uprightech@gmail.com>
* added support for new protocol mapper in job scheduler * fixed typo in application shutdown log message Signed-off-by: Rolain Djeumen <uprightech@gmail.com>
* additions to the spi bundle pom file Signed-off-by: Rolain Djeumen <uprightech@gmail.com>
…ation #8614 * added thin bridge spi provider * added models for thin bridge provider Signed-off-by: Rolain Djeumen <uprightech@gmail.com>
…ation #8614 * moved authenticator spi to spi module * minor refactoring to the authenticator spi Signed-off-by: Rolain Djeumen <uprightech@gmail.com>
…ation #8614 * moved authenticator rest service spi to spi module Signed-off-by: Rolain Djeumen <uprightech@gmail.com>
…ation #8614 * added new storage provider implementation Signed-off-by: Rolain Djeumen <uprightech@gmail.com>
…ation #8614 * added missing files to spi Signed-off-by: Rolain Djeumen <uprightech@gmail.com>
…ation #8614 * added resource files to spi module Signed-off-by: Rolain Djeumen <uprightech@gmail.com>
…ation #8614 * bump spi version to 1.1.3-SNAPSHOT * removed protocol-mapper PoC from build modules Signed-off-by: Rolain Djeumen <uprightech@gmail.com>
…ation #8614 * minor bugfix to scheduler. did not show fatal startup errors in log file Signed-off-by: Rolain Djeumen <uprightech@gmail.com>
…ation #8614 *fix for fatal errors which don't still appear in the logs Signed-off-by: Rolain Djeumen <uprightech@gmail.com>
…ation #8614 * further housekeeping in job-scheduler Signed-off-by: Rolain Djeumen <uprightech@gmail.com>
…ation #8614 * fixed bug in user storage spi preventing authentication in new version of keycloak Signed-off-by: Rolain Djeumen <uprightech@gmail.com>
…ation #8614 * have scheduler create saml clients with document and assertion signing as default configuration Signed-off-by: Rolain Djeumen <uprightech@gmail.com>
|
Hi there 👋, @DryRunSecurity here, below is a summary of our analysis and findings.
Note 🟢 Risk threshold not exceeded. Change Summary (click to expand)The following is a summary of changes in this pull request made by me, your security buddy 🤖. Note that this summary is auto-generated and not meant to be a definitive list of security issues but rather a helpful summary from a security perspective. Summary: The provided code changes cover various aspects of the Jans Keycloak integration, including updates to the SAML client configuration, error handling and logging improvements, attribute mapping management, and package refactoring. From an application security perspective, the changes generally appear to be positive and focused on improving the security and reliability of the integration. Key security-related improvements include:
While the changes do not introduce any obvious security vulnerabilities, it's important to consider the broader context and ensure that the application's security practices are consistently applied across all components of the Keycloak integration. This includes thorough input validation, secure data handling, and ongoing monitoring and testing to identify and address any potential security risks. Files Changed:
Powered by DryRun Security |
…tion #8614 * removed reference to protocol-mapper poc submodule Signed-off-by: Rolain Djeumen <uprightech@gmail.com>
moabu
previously approved these changes
Jun 20, 2024
|
…ation #8614 * fixes suggested by static analyser Signed-off-by: Rolain Djeumen <uprightech@gmail.com>
…ation #8614 Signed-off-by: Rolain Djeumen <uprightech@gmail.com>
…ation #8614 Signed-off-by: Rolain Djeumen <uprightech@gmail.com>
…ation #8614 Signed-off-by: Rolain Djeumen <uprightech@gmail.com>
|
moabu
approved these changes
Jun 24, 2024
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Various bugfixes , enhancements and refactorings to do for keycloak integration