adorsys
Added support for x509 client authentication
What this PR does / why we need it:
This PR adds support for X.509 certificate-based client authentication to keycloak-config-cli. Users can now authenticate to Keycloak using mutual TLS (mTLS) with client certificates instead of only username/password or client credentials (client_id/client_secret).
Key Features:
- New RestClientX509TokenManager for managing token acquisition via certificate authentication
- Configuration support for keystore and truststore with certificate credentials
- Automatic SSL context configuration for client certificate authentication
Use Cases:
- Enhanced security in production environments requiring certificate-based authentication
- Compliance with security policies mandating mTLS
- Integration with PKI infrastructure
- Zero-trust security models
Which issue this PR fixes (optional, in fixes #<issue number>(, fixes #<issue_number>, ...) format, will close that issue when PR gets merged): fixes #959
Special notes for your reviewer:
PR Readiness Checklist:
Complete these before marking the PR as ready to review:
- [ ] the
CHANGELOG.mdrelease notes have been updated to reflect any significant (and particularly user-facing) changes introduced by this PR
Quality Gate passed
Issues
1 New issue
0 Accepted issues
Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code
See analysis details on SonarQube Cloud
![sonarqubecloud[bot] avatar](https://avatars.githubusercontent.com/in/12526?v=4 "Published by a pub.dev verified publisher"){kind=small}