Add Keycloak 24

.env

@@ -1,3 +1,3 @@
 # Used in docker-compose
 # shellcheck disable=SC2034
-KEYCLOAK_VERSION=23.0.4
+KEYCLOAK_VERSION=24.0.1

.github/workflows/ci.yaml

@@ -29,10 +29,10 @@ jobs:
         env:
           # we keep 18.0.2 for backwards compatibility with RH-SSO 7.6
           - KEYCLOAK_VERSION: 18.0.2
-          - KEYCLOAK_VERSION: 20.0.5
           - KEYCLOAK_VERSION: 21.1.1
           - KEYCLOAK_VERSION: 22.0.4
-          - KEYCLOAK_VERSION: 23.0.4
+          - KEYCLOAK_VERSION: 23.0.7
+          - KEYCLOAK_VERSION: 24.0.1
     steps:
       - uses: actions/checkout@v4
         with:

CHANGELOG.md

@@ -5,8 +5,10 @@ All notable changes to this project will be documented in this file.
 The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/), and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html).
 
 ## [Unreleased]
-- Updated CI to use Keycloak 23.0.4
+- Updated CI to use Keycloak 24.0.1
+- Updated CI to use Keycloak 23.0.7
 - Changed briefRepresentation from false to true (mistakenly considered full: [#25096](https://github.com/keycloak/keycloak/issues/25096))
+  - Removes compatibility of Versions 23.0.0, 23.0.1, 23.0.2 and 23.0.3
 - Using getGroupByPath again after being fixed ([#25111](https://github.com/keycloak/keycloak/issues/25111))
 
 ## [5.10.0] - 2023-12-12

Dockerfile

@@ -6,7 +6,7 @@ FROM ${BUILDER_IMAGE} AS BUILDER
 
 WORKDIR /app/
 
-ARG KEYCLOAK_VERSION=23.0.4
+ARG KEYCLOAK_VERSION=24.0.1
 ARG MAVEN_CLI_OPTS="-ntp -B"
 
 COPY .mvn .mvn

pom.xml

@@ -59,7 +59,7 @@
         <project.build.sourceEncoding>UTF-8</project.build.sourceEncoding>
         <project.reporting.outputEncoding>UTF-8</project.reporting.outputEncoding>
 
-        <keycloak.version>23.0.4</keycloak.version>
+        <keycloak.version>24.0.1</keycloak.version>
 
         <checkstyle-plugin.version>3.2.0</checkstyle-plugin.version>
         <checkstyle.version>10.0</checkstyle.version>
@@ -74,7 +74,7 @@
         <junit5-system-exit.version>1.1.2</junit5-system-exit.version>
         <keepachangelog.version>2.1.1</keepachangelog.version>
         <license-plugin.version>2.0.0</license-plugin.version>
-        <logstash-logback-encoder.version>7.4</logstash-logback-encoder.version>
+        <logstash-logback-encoder.version>7.3</logstash-logback-encoder.version>
         <maven-failsafe-plugin.version>3.0.0-M5</maven-failsafe-plugin.version>
         <maven-release-plugin.version>3.0.1</maven-release-plugin.version>
         <maven-replacer.version>1.5.3</maven-replacer.version>

src/test/java/de/adorsys/keycloak/config/AbstractImportIT.java

@@ -74,7 +74,15 @@ abstract public class AbstractImportIT extends AbstractImportTest {
             KEYCLOAK_CONTAINER.setCommand("start-dev");
             command.add("start-dev");
             command.add("--features");
-            command.add("admin-fine-grained-authz,declarative-user-profile,client-policies,client-secret-rotation");
+
+            StringBuilder featuresBuilder =
+                    new StringBuilder("admin-fine-grained-authz,client-policies,client-secret-rotation");
+
+            if (VersionUtil.lt(KEYCLOAK_VERSION, "24")) {
+                featuresBuilder.append(",declarative-user-profile");
+            }
+
+            command.add(featuresBuilder.toString());
         }
 
         if (System.getProperties().getOrDefault("skipContainerStart", "false").equals("false")) {

src/test/java/de/adorsys/keycloak/config/service/ImportGroupsIT.java

@@ -1752,23 +1752,23 @@ private List<GroupRepresentation> getSubGroups(GroupRepresentation groupRepresen
     }
 
     private void assertThatGroupAttributesAreEmpty(Map<String, List<String>> attributes) {
-        if (VersionUtil.lt(KEYCLOAK_VERSION, "23")) {
+        if (VersionUtil.lt(KEYCLOAK_VERSION, "23") || VersionUtil.ge(KEYCLOAK_VERSION, "23.0.5")) {
             assertThat("attributes is null", attributes, aMapWithSize(0));
         } else {
             assertThat("attributes is null", attributes, is(nullValue()));
         }
     }
 
     private void assertThatGroupRealmRolesAreEmpty(List<String> realmRoles) {
-        if (VersionUtil.lt(KEYCLOAK_VERSION, "23")) {
+        if (VersionUtil.lt(KEYCLOAK_VERSION, "23") || VersionUtil.ge(KEYCLOAK_VERSION, "23.0.5")) {
             assertThat("realm roles is null", realmRoles, hasSize(0));
         } else {
             assertThat("realm roles is null", realmRoles, is(nullValue()));
         }
     }
 
     private void assertThatGroupClientRolesAreEmpty(Map<String, List<String>> clientRoles) {
-        if (VersionUtil.lt(KEYCLOAK_VERSION, "23")) {
+        if (VersionUtil.lt(KEYCLOAK_VERSION, "23") || VersionUtil.ge(KEYCLOAK_VERSION, "23.0.5")) {
             assertThat("client roles not null", clientRoles, aMapWithSize(0));
         } else {
             assertThat("client roles not null", clientRoles, is(nullValue()));

src/test/java/de/adorsys/keycloak/config/service/ImportSimpleRealmIT.java

@@ -24,6 +24,7 @@
 import de.adorsys.keycloak.config.exception.ImportProcessingException;
 import de.adorsys.keycloak.config.exception.InvalidImportException;
 import de.adorsys.keycloak.config.exception.KeycloakRepositoryException;
+import de.adorsys.keycloak.config.util.VersionUtil;
 import org.junit.jupiter.api.Order;
 import org.junit.jupiter.api.Test;
 import org.keycloak.representations.idm.RealmRepresentation;
@@ -169,7 +170,12 @@ void shouldUpdateWebAuthnSettings() throws IOException {
 
         assertThat(realm.getRealm(), is("simple"));
         assertThat(realm.isEnabled(), is(true));
-        assertThat(realm.getWebAuthnPolicyPasswordlessUserVerificationRequirement(), is("required"));
+
+        // TODO: "webAuthnPolicyPasswordlessUserVerificationRequirement" is not set with Keycloak 24
+        // https://github.com/keycloak/keycloak/issues/27700
+        if (VersionUtil.lt(KEYCLOAK_VERSION,"24")) {
+            assertThat(realm.getWebAuthnPolicyPasswordlessUserVerificationRequirement(), is("required"));
+        }
     }
 
     @Test