[keycloak-user] Bug in AbstractClaimMapper class
Lohitha Chiranjeewa
kalc04 at gmail.com
Sun Nov 8 06:36:06 EST 2015
Created here: https://issues.jboss.org/browse/KEYCLOAK-2044
On Fri, Nov 6, 2015 at 1:27 AM, Stian Thorgersen <sthorger at redhat.com>
wrote:
> JIRA please
>
> On 3 November 2015 at 07:50, Lohitha Chiranjeewa <kalc04 at gmail.com> wrote:
>
>> We came across an issue when integrating a custom OIDC IDP and mapping
>> roles into it. When we have a list of external roles to map into Keycloak
>> roles, the process fails.
>>
>> The issue is at the bottom of the valueEquals(String, Object) method in
>> the AbstractClaimMapper class. When the incoming Object is a list, it just
>> performs the comparison with the first element and returns...
>>
>> ...
>> } else if (value instanceof List) {
>> List list = (List)value;
>> for (Object val : list) {
>> return valueEquals(desiredValue, val);
>> }
>> }
>> ...
>>
>> Instead the code should be something like this:
>> ...
>> } else if (value instanceof List) {
>> List list = (List)value;
>> for (Object val : list) {
>> if (valueEquals(desiredValue, val)) return true;
>> }
>> }
>> ...
>>
>>
>> Regards,
>> Lohitha
>>
>> _______________________________________________
>> keycloak-user mailing list
>> keycloak-user at lists.jboss.org
>> https://lists.jboss.org/mailman/listinfo/keycloak-user
>>
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.jboss.org/pipermail/keycloak-user/attachments/20151108/b2bf5657/attachment.html
More information about the keycloak-user
mailing list