[keycloak-user] Re : Setting authentication execution requirement via kcadm.sh?
Craig Setera
craig at baseventure.com
Fri Dec 28 15:36:05 EST 2018
I spent way more time on this than I'd like to admit, but finally came up
with a "general" solution.
#
# Set the requirement value for a particular flow's
# execution
#
# Expected parameters:
# $1 - The authentication flow alias
# $2 - The execution identifier
# $3 - The required value
#
function setAuthFlowExecutionRequirement {
echo "Setting execution with id $2 in flow $1 to $3..."
${KCADM} get authentication/flows/$1/executions -r ${REALM_NAME} | \
jq --arg exec_id $2 --arg requirement $3 'map(select(.id |
contains($exec_id))) | .[0] | .requirement |= $requirement' | \
${KCADM} update authentication/flows/$1/executions -r ${REALM_NAME}
-n -f -
}
After a lot of poking around, there were a couple of things that lead to
this difficulty:
- The administration service explicitly ignores the incoming requirement
on the create/POST and always sets the requirement to DISABLED. I'm not
really sure why that might be the case. but significantly complicates
things.
- The only place I could find that I could change it was via the
authentication/flows/$flow_id/executions endpoint. That endpoint expects a
single JSON object containing the fields, including the execution ID
- However, a GET of the same endpoint, returns an array of execution
objects which cannot be used immediately to call the update
Thus, this solution depends on "jq" for a bit of help to take the array of
execution definitions, capture the specific object definition associated
with the execution ID, and update the requirement field of that object
before using it for the update/PUT.
Hopefully this may be useful to others.
Craig
=================================
*Craig Setera*
*Chief Technology Officer*
On Mon, Oct 15, 2018 at 10:02 AM triton oidc <triton.oidc at gmail.com> wrote:
> Hi Craig,
>
> i'm not an expert, but here is what i did to set my execution value to
> REQUIRED :
> create a json with
> {"id":[ID_OF_YOUR_EXECUTION],"requirement":"REQUIRED"}
> put it in a file my_file.json
>
> you can have the id of you execution using this command
> ./kcadm.sh get authentication/flows/[your_flow]/executions --format csv -r
> $keycloak_new_realm --fields id | tr -d '\n'
>
> and you can import the file using this command :
> ./kcadm.sh update authentication/flows/[your_flow]/executions -r
> $keycloak_new_realm -f my_file.json
>
> There is probably a better way but i didn't found it
>
> hope it helps
>
> Amaury
>
> On Mon, Oct 15, 2018 at 1:07 PM <keycloak-user-request at lists.jboss.org>
> wrote:
>
>> Send keycloak-user mailing list submissions to
>> keycloak-user at lists.jboss.org
>>
>> To subscribe or unsubscribe via the World Wide Web, visit
>> https://lists.jboss.org/mailman/listinfo/keycloak-user
>> or, via email, send a message with subject or body 'help' to
>> keycloak-user-request at lists.jboss.org
>>
>> You can reach the person managing the list at
>> keycloak-user-owner at lists.jboss.org
>>
>> When replying, please edit your Subject line so it is more specific
>> than "Re: Contents of keycloak-user digest..."
>>
>>
>> Today's Topics:
>>
>> 1. Setting authentication execution requirement via kcadm.sh?
>> (Craig Setera)
>> 2. org.keycloak.broker.oidc.mappers.ClaimToRoleMapper does not
>> update user roles (Philippe Gauthier)
>> 3. Re: Unrecognized field "authenticationFlowBindingOverrides"
>> (Fabio Ebner)
>>
>>
>> ----------------------------------------------------------------------
>>
>> Message: 1
>> Date: Mon, 15 Oct 2018 07:21:30 -0500
>> From: Craig Setera <craig at baseventure.com>
>> Subject: [keycloak-user] Setting authentication execution requirement
>> via kcadm.sh?
>> To: keycloak-user at lists.jboss.org
>> Message-ID:
>> <
>> CAPVdwjq1oyjCom4_A0TBJ8m3KBCgit5nOqMCGqKP4t2RU6zb5Q at mail.gmail.com>
>> Content-Type: text/plain; charset="UTF-8"
>>
>> I'm trying to figure out if it is possible to set the "requirement" level
>> of an execution that is created for an authentication flow via the kcadm
>> tool. I have a shell script that I'm using to set up the Keycloak
>> configuration that looks like the following:
>>
>>
>> *echo "Creating new authentication flow..."AUTO_LINK_FLOW_ID=`${KCADM}
>> create authentication/flows --id -r ${REALM_NAME} -s
>> alias="FirstBrokerLoginAutoLink" -s providerId="basic-flow" -s
>> topLevel=true`*
>>
>>
>>
>> *echo "Adding unique authenticator..."${KCADM} create
>> authentication/flows/FirstBrokerLoginAutoLink/executions/execution --id -r
>> ${REALM_NAME} \ -s provider=idp-create-user-if-unique -s
>> requirement=ALTERNATIVE -s priority=10*
>>
>>
>>
>>
>> *echo "Adding auto link authenticator..."${KCADM} create
>> authentication/flows/FirstBrokerLoginAutoLink/executions/execution -r
>> ${REALM_NAME} \ -s provider=idp-auto-link -s requirement=ALTERNATIVE -s
>> priority=20*
>> With this script, I'm seeing the flow and executions created, but the
>> requirement seems to be ignored. In this case, the executions are always
>> set to DISABLED. I've tried to follow that up with an update call that
>> looks like this:
>>
>>
>>
>>
>>
>>
>> *echo "Adding unique authenticator..."EXECUTION_ID=`${KCADM} create
>> authentication/flows/FirstBrokerLoginAutoLink/executions/execution --id -r
>> ${REALM_NAME} \ -s provider=idp-create-user-if-unique -s
>> requirement=ALTERNATIVE -s priority=10`${KCADM} update
>> authentication/flows/FirstBrokerLoginAutoLink/executions -r ${REALM_NAME}
>> \ -s id=${EXECUTION_ID} -s requirement=ALTERNATIVE*
>>
>> However, that is failing with the following error:
>>
>>
>>
>> *HTTP request error: Can not deserialize instance of
>> com.fasterxml.jackson.databind.node.ObjectNode out of START_ARRAY tokenat
>> [Source: [B at 527ee8a7; line: 1, column: 1]*
>> Can anyone offer any suggestions on how to get this authentication flow
>> properly configured so that the executions are set to ALTERNATIVE?
>>
>> Thanks!
>> Craig
>>
>> =================================
>> *Craig Setera*
>>
>> *Chief Technology Officer*
>>
>>
>> ------------------------------
>>
>> Message: 2
>> Date: Mon, 15 Oct 2018 12:45:04 +0000
>> From: Philippe Gauthier <philippe.gauthier at inspq.qc.ca>
>> Subject: [keycloak-user]
>> org.keycloak.broker.oidc.mappers.ClaimToRoleMapper does not update
>> user roles
>> To: "keycloak-user at lists.jboss.org" <keycloak-user at lists.jboss.org>
>> Cc: ?tienne Sadio <etienne.sadio at inspq.qc.ca>
>> Message-ID:
>> <
>> YTOPR0101MB141798E50DFEF73BB8C32857B1FD0 at YTOPR0101MB1417.CANPRD01.PROD.OUTLOOK.COM
>> >
>>
>> Content-Type: text/plain; charset="iso-8859-1"
>>
>> Hi
>>
>>
>> I saw a 2017 post from Simon Payne about ClaimToRoleMapper and I cannot
>> find any answers for his question.
>>
>> http://lists.jboss.org/pipermail/keycloak-user/2017-October/012129.html
>>
>>
>> This post was about ClaimToRoleMapper class of the OIDC broker component.
>> This class search for a claim, check for its value and grant a role if the
>> value is equals to the value specified in the configuration.
>>
>>
>> If the user from the IdP is not known by Keycloak, it will be created by
>> the First Broker Login Flow and the role will be granted.
>>
>>
>> If the user is already known by Keycloak, he have the role specified by
>> the mapper and he don't have the claim anymore, the role will be revocated.
>>
>>
>> But. If the user is known by Keycloak, he don't have the role specified
>> by the mapper and he have the claim, Keycloak does not grant him the role.
>>
>>
>> It is clear why it does this in the code but it is not clear why this
>> have been done that way:
>>
>>
>> Here is the code.
>>
>> @Override
>> public void importNewUser(KeycloakSession session, RealmModel realm,
>> UserModel user, IdentityProviderMapperModel mapperModel,
>> BrokeredIdentityContext context) {
>> String roleName = mapperModel.getConfig().get(ConfigConstants.ROLE);
>> if (hasClaimValue(mapperModel, context)) {
>> RoleModel role = KeycloakModelUtils.getRoleFromString(realm,
>> roleName);
>> if (role == null) throw new IdentityBrokerException("Unable to
>> find role: " + roleName);
>> user.grantRole(role);
>> }
>> }
>>
>> @Override
>> public void updateBrokeredUser(KeycloakSession session, RealmModel
>> realm, UserModel user, IdentityProviderMapperModel mapperModel,
>> BrokeredIdentityContext context) {
>> String roleName = mapperModel.getConfig().get(ConfigConstants.ROLE);
>> if (!hasClaimValue(mapperModel, context)) {
>> RoleModel role = KeycloakModelUtils.getRoleFromString(realm,
>> roleName);
>> if (role == null) throw new IdentityBrokerException("Unable to
>> find role: " + roleName);
>> user.deleteRoleMapping(role);
>> }
>> /* Maybe we should add an else here that does what the importNewUser
>> does.
>> }
>> Thankyou
>>
>> Philippe Gauthier.
>>
>>
>>
>> ------------------------------
>>
>> Message: 3
>> Date: Mon, 15 Oct 2018 09:53:48 -0300
>> From: Fabio Ebner <fabio.ebner at lumera.com.br>
>> Subject: Re: [keycloak-user] Unrecognized field
>> "authenticationFlowBindingOverrides"
>> To: Marek Posolda <mposolda at redhat.com>
>> Cc: keycloak-user at lists.jboss.org
>> Message-ID:
>> <
>> CAFxMZba+qwDnfkrggWXn6U+iY_hZYpMJ0CzMYvrtYgMmL3rQ9g at mail.gmail.com>
>> Content-Type: text/plain; charset="UTF-8"
>>
>> Marek tks I was using a old version in my pom. but after I put the correct
>> 4.5.0.Final when I try to start my project throw an exception:
>>
>> Caused by: java.lang.NoClassDefFoundError:
>> org/springframework/boot/web/server/WebServerFactoryCustomizer
>>
>> Look in the google say that class are only in springboot > 2 so I update
>> my
>> project to Springboot 2.0.5.Final, now my project start but when I try to
>> access any url I got the error:
>>
>> in a loop:
>>
>>
>>
>> at
>>
>> org.keycloak.adapters.springboot.KeycloakSpringBootConfigResolver.resolve(KeycloakSpringBootConfigResolver.java:45)
>> ~[keycloak-spring-boot-adapter-core-4.5.0.Final.jar:4.5.0.Final]
>> at
>>
>> org.keycloak.adapters.springboot.KeycloakSpringBootConfigResolver.resolve(KeycloakSpringBootConfigResolver.java:45)
>> ~[keycloak-spring-boot-adapter-core-4.5.0.Final.jar:4.5.0.Final]
>> at
>>
>> org.keycloak.adapters.springboot.KeycloakSpringBootConfigResolver.resolve(KeycloakSpringBootConfigResolver.java:45)
>> ~[keycloak-spring-boot-adapter-core-4.5.0.Final.jar:4.5.0.Final]
>> at
>>
>> org.keycloak.adapters.springboot.KeycloakSpringBootConfigResolver.resolve(KeycloakSpringBootConfigResolver.java:45)
>> ~[keycloak-spring-boot-adapter-core-4.5.0.Final.jar:4.5.0.Final]
>>
>> 2018-10-15 09:50:12.363 ERROR 20936 --- [nio-8081-exec-2]
>> o.a.c.c.C.[Tomcat].[localhost] : Exception Processing
>> /favicon.ico
>>
>> java.lang.StackOverflowError: null
>> at
>>
>> org.keycloak.adapters.springboot.KeycloakSpringBootConfigResolver.resolve(KeycloakSpringBootConfigResolver.java:45)
>> ~[keycloak-spring-boot-adapter-core-4.5.0.Final.jar:4.5.0.Final]
>> at
>>
>> org.keycloak.adapters.springboot.KeycloakSpringBootConfigResolver.resolve(KeycloakSpringBootConfigResolver.java:45)
>> ~[keycloak-spring-boot-adapter-core-4.5.0.Final.jar:4.5.0.Final]
>> at or
>>
>> .....
>> at
>>
>> org.keycloak.adapters.springboot.KeycloakSpringBootConfigResolver.resolve(KeycloakSpringBootConfigResolver.java:45)
>> ~[keycloak-spring-boot-adapter-core-4.5.0.Final.jar:4.5.0.Final]
>> at
>>
>> org.keycloak.adapters.springboot.KeycloakSpringBootConfigResolver.resolve(KeycloakSpringBootConfigResolver.java:45)
>> ~[keycloak-spring-boot-adapter-core-4.5.0.Final.jar:4.5.0.Final]
>> at
>>
>> org.keycloak.adapters.springboot.KeycloakSpringBootConfigResolver.resolve(KeycloakSpringBootConfigResolver.java:45)
>> ~[keycloak-spring-boot-adapter-core-4.5.0.Final.jar:4.5.0.Final]
>>
>> 2018-10-15 09:50:12.387 ERROR 20936 --- [nio-8081-exec-2]
>> o.a.c.c.C.[.[.[/].[dispatcherServlet] : Servlet.service() for servlet
>> [dispatcherServlet] threw exception
>>
>> java.lang.StackOverflowError: null
>> at
>>
>> org.keycloak.adapters.springboot.KeycloakSpringBootConfigResolver.resolve(KeycloakSpringBootConfigResolver.java:45)
>> ~[keycloak-spring-boot-adapter-core-4.5.0.Final.jar:4.5.0.Final]
>> at
>>
>> org.keycloak.adapters.springboot.KeycloakSpringBootConfigResolver.resolve(KeycloakSpringBootConfigResolver.java:45)
>> ~[keycloak-spring-boot-adapter-core-4.5.0.Final.jar:4.5.0.Final]
>> at
>>
>> org.keycloak.adapters.springboot.KeycloakSpringBootConfigResolver.resolve(KeycloakSpringBootConfigResolver.java:45)
>> ~[keycloak-spring-boot-adapter-core-4.5.0.Final.jar:4.5.0.Final]
>> at
>>
>> org.keycloak.adapters.springboot.KeycloakSpringBootConfigResolver.resolve(KeycloakSpringBootConfigResolver.java:45)
>> ~[keycloak-spring-boot-adapter-core-4.5.0.Final.jar:4.5.0.Final]
>> at
>>
>> org.keycloak.adapters.springboot.KeycloakSpringBootConfigResolver.resolve(KeycloakSpringBootConfigResolver.java:45)
>> ~[keycloak-spring-boot-adapter-core-4.5.0.Final.jar:4.5.0.Final]
>> at
>>
>> org.keycloak.adapters.springboot.KeycloakSpringBootConfigResolver.resolve(KeycloakSpringBootConfigResolver.java:45)
>> ~[keycloak-spring-boot-adapter-core-4.5.0.Final.jar:4.5.0.Final]
>> ......
>>
>> at
>>
>> org.keycloak.adapters.springboot.KeycloakSpringBootConfigResolver.resolve(KeycloakSpringBootConfigResolver.java:45)
>> ~[keycloak-spring-boot-adapter-core-4.5.0.Final.jar:4.5.0.Final]
>> at
>>
>> org.keycloak.adapters.springboot.KeycloakSpringBootConfigResolver.resolve(KeycloakSpringBootConfigResolver.java:45)
>> ~[keycloak-spring-boot-adapter-core-4.5.0.Final.jar:4.5.0.Final]
>> at
>>
>> org.keycloak.adapters.springboot.KeycloakSpringBootConfigResolver.resolve(KeycloakSpringBootConfigResolver.java:45)
>> ~[keycloak-spring-boot-adapter-core-4.5.0.Final.jar:4.5.0.Final]
>>
>> 2018-10-15 09:50:12.399 ERROR 20936 --- [nio-8081-exec-2]
>> o.a.c.c.C.[Tomcat].[localhost] : Exception Processing
>> ErrorPage[errorCode=0, location=/error]
>>
>> javax.servlet.ServletException: Filter execution threw an exception
>> at
>>
>> org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:200)
>> ~[tomcat-embed-core-8.5.34.jar:8.5.34]
>> at
>>
>> org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166)
>> ~[tomcat-embed-core-8.5.34.jar:8.5.34]
>> at
>>
>> org.apache.catalina.core.ApplicationDispatcher.invoke(ApplicationDispatcher.java:728)
>> ~[tomcat-embed-core-8.5.34.jar:8.5.34]
>> at
>>
>> org.apache.catalina.core.ApplicationDispatcher.processRequest(ApplicationDispatcher.java:472)
>> ~[tomcat-embed-core-8.5.34.jar:8.5.34]
>> at
>>
>> org.apache.catalina.core.ApplicationDispatcher.doForward(ApplicationDispatcher.java:395)
>> ~[tomcat-embed-core-8.5.34.jar:8.5.34]
>> at
>>
>> org.apache.catalina.core.ApplicationDispatcher.forward(ApplicationDispatcher.java:316)
>> ~[tomcat-embed-core-8.5.34.jar:8.5.34]
>> at
>>
>> org.apache.catalina.core.StandardHostValve.custom(StandardHostValve.java:395)
>> [tomcat-embed-core-8.5.34.jar:8.5.34]
>> at
>>
>> org.apache.catalina.core.StandardHostValve.status(StandardHostValve.java:254)
>> [tomcat-embed-core-8.5.34.jar:8.5.34]
>> at
>>
>> org.apache.catalina.core.StandardHostValve.throwable(StandardHostValve.java:349)
>> [tomcat-embed-core-8.5.34.jar:8.5.34]
>> at
>>
>> org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:155)
>> [tomcat-embed-core-8.5.34.jar:8.5.34]
>> at
>>
>> org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:81)
>> [tomcat-embed-core-8.5.34.jar:8.5.34]
>> at
>>
>> org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:87)
>> [tomcat-embed-core-8.5.34.jar:8.5.34]
>> at
>>
>> org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:342)
>> [tomcat-embed-core-8.5.34.jar:8.5.34]
>> at
>> org.apache.coyote.http11.Http11Processor.service(Http11Processor.java:800)
>> [tomcat-embed-core-8.5.34.jar:8.5.34]
>> at
>>
>> org.apache.coyote.AbstractProcessorLight.process(AbstractProcessorLight.java:66)
>> [tomcat-embed-core-8.5.34.jar:8.5.34]
>> at
>>
>> org.apache.coyote.AbstractProtocol$ConnectionHandler.process(AbstractProtocol.java:806)
>> [tomcat-embed-core-8.5.34.jar:8.5.34]
>> at
>> org.apache.tomcat.util.net
>> .NioEndpoint$SocketProcessor.doRun(NioEndpoint.java:1498)
>> [tomcat-embed-core-8.5.34.jar:8.5.34]
>> at
>> org.apache.tomcat.util.net
>> .SocketProcessorBase.run(SocketProcessorBase.java:49)
>> [tomcat-embed-core-8.5.34.jar:8.5.34]
>> at
>>
>> java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1149)
>> [na:1.8.0_162]
>> at
>>
>> java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:624)
>> [na:1.8.0_162]
>> at
>>
>> org.apache.tomcat.util.threads.TaskThread$WrappingRunnable.run(TaskThread.java:61)
>> [tomcat-embed-core-8.5.34.jar:8.5.34]
>> at java.lang.Thread.run(Thread.java:748) [na:1.8.0_162]
>> Caused by: java.lang.StackOverflowError: null
>> at
>>
>> org.keycloak.adapters.springboot.KeycloakSpringBootConfigResolver.resolve(KeycloakSpringBootConfigResolver.java:45)
>> ~[keycloak-spring-boot-adapter-core-4.5.0.Final.jar:4.5.0.Final]
>> at
>>
>> org.keycloak.adapters.springboot.KeycloakSpringBootConfigResolver.resolve(KeycloakSpringBootConfigResolver.java:45)
>> ~[keycloak-spring-boot-adapter-core-4.5.0.Final.jar:4.5.0.Final]
>> at
>>
>> org.keycloak.adapters.springboot.KeycloakSpringBootConfigResolver.resolve(KeycloakSpringBootConfigResolver.java:45)
>> ~[keycloak-spring-boot-adapter-core-4.5.0.Final.jar:4.5.0.Final]
>> at
>>
>> org.keycloak.adapters.springboot.KeycloakSpringBootConfigResolver.resolve(KeycloakSpringBootConfigResolver.java:45)
>> ~[keycloak-spring-boot-adapter-core-4.5.0.Final.jar:4.5.0.Final]
>> at
>>
>> org.keycloak.adapters.springboot.KeycloakSpringBootConfigResolver.resolve(KeycloakSpringBootConfigResolver.java:45)
>> ~[keycloak-spring-boot-adapter-core-4.5.0.Final.jar:4.5.0.Final]
>> at
>>
>> org.keycloak.adapters.springboot.KeycloakSpringBootConfigResolver.resolve(KeycloakSpringBootConfigResolver.java:45)
>> ~[keycloak-spring-boot-adapter-core-4.5.0.Final.jar:4.5.0.Final]
>> at
>>
>> org.keycloak.adapters.springboot.KeycloakSpringBootConfigResolver.resolve(KeycloakSpringBootConfigResolver.java:45)
>> ~[keycloak-spring-boot-adapter-core-4.5.0.Final.jar:4.5.0.Final]
>> at
>>
>> org.keycloak.adapters.springboot.KeycloakSpringBootConfigResolver.resolve(KeycloakSpringBootConfigResolver.java:45)
>> ~[keycloak-spring-boot-adapter-core-4.5.0.Final.jar:4.5.0.Final]
>> at
>>
>> org.keycloak.adapters.springboot.KeycloakSpringBootConfigResolver.resolve(KeycloakSpringBootConfigResolver.java:45)
>> ~[keycloak-spring-boot-adapter-core-4.5.0.Final.jar:4.5.0.Final]
>> at
>>
>> org.keycloak.adapters.springboot.KeycloakSpringBootConfigResolver.resolve(KeycloakSpringBootConfigResolver.java:45)
>> ~[keycloak-spring-boot-adapter-core-4.5.0.Final.jar:4.5.0.Final]
>> at
>>
>> org.keycloak.adapters.springboot.KeycloakSpringBootConfigResolver.resolve(KeycloakSpringBootConfigResolver.java:45)
>> ~[keycloak-spring-boot-adapter-core-4.5.0.Final.jar:4.5.0.Final]
>> at
>>
>> org.keycloak.adapters.springboot.KeycloakSpringBootConfigResolver.resolve(KeycloakSpringBootConfigResolver.java:45)
>> ~[keycloak-spring-boot-adapter-core-4.5.0.Final.jar:4.5.0.Final]
>> at
>>
>> org.keycloak.adapters.springboot.KeycloakSpringBootConfigResolver.resolve(KeycloakSpringBootConfigResolver.java:45)
>> ~[keycloak-spring-boot-adapter-core-4.5.0.Final.jar:4.5.0.Final]
>> at
>>
>> org.keycloak.adapters.springboot.KeycloakSpringBootConfigResolver.resolve(KeycloakSpringBootConfigResolver.java:45)
>> ~[keycloak-spring-boot-adapter-core-4.5.0.Final.jar:4.5.0.Final]
>> at
>>
>> org.keycloak.adapters.springboot.KeycloakSpringBootConfigResolver.resolve(KeycloakSpringBootConfigResolver.java:45)
>> ~[keycloak-spring-boot-adapter-core-4.5.0.Final.jar:4.5.0.Final]
>> at
>>
>> org.keycloak.adapters.springboot.KeycloakSpringBootConfigResolver.resolve(KeycloakSpringBootConfigResolver.java:45)
>> ~[keycloak-spring-boot-adapter-core-4.5.0.Final.jar:4.5.0.Final]
>> at
>>
>> org.keycloak.adapters.springboot.KeycloakSpringBootConfigResolver.resolve(KeycloakSpringBootConfigResolver.java:45)
>> ~[keycloak-spring-boot-adapter-core-4.5.0.Final.jar:4.5.0.Final]
>> at
>>
>> org.keycloak.adapters.springboot.KeycloakSpringBootConfigResolver.resolve(KeycloakSpringBootConfigResolver.java:45)
>> ~[keycloak-spring-boot-adapter-core-4.5.0.Final.jar:4.5.0.Final]
>> at
>>
>> org.keycloak.adapters.springboot.KeycloakSpringBootConfigResolver.resolve(KeycloakSpringBootConfigResolver.java:45)
>> ~[keycloak-spring-boot-adapter-core-4.5.0.Final.jar:4.5.0.Final]
>> at
>>
>> org.keycloak.adapters.springboot.KeycloakSpringBootConfigResolver.resolve(KeycloakSpringBootConfigResolver.java:45)
>> ~[keycloak-spring-boot-adapter-core-4.5.0.Final.jar:4.5.0.Final]
>> at
>>
>> org.keycloak.adapters.springboot.KeycloakSpringBootConfigResolver.resolve(KeycloakSpringBootConfigResolver.java:45)
>> ~[keycloak-spring-boot-adapter-core-4.5.0.Final.jar:4.5.0.Final]
>> at
>>
>> org.keycloak.adapters.springboot.KeycloakSpringBootConfigResolver.resolve(KeycloakSpringBootConfigResolver.java:45)
>> ~[keycloak-spring-boot-adapter-core-4.5.0.Final.jar:4.5.0.Final]
>> at
>>
>> org.keycloak.adapters.springboot.KeycloakSpringBootConfigResolver.resolve(KeycloakSpringBootConfigResolver.java:45)
>> ~[keycloak-spring-boot-adapter-core-4.5.0.Final.jar:4.5.0.Final]
>> at
>>
>> org.keycloak.adapters.springboot.KeycloakSpringBootConfigResolver.resolve(KeycloakSpringBootConfigResolver.java:45)
>> ~[keycloak-spring-boot-adapter-core-4.5.0.Final.jar:4.5.0.Final]
>> at
>>
>> org.keycloak.adapters.springboot.KeycloakSpringBootConfigResolver.resolve(KeycloakSpringBootConfigResolver.java:45)
>> ~[keycloak-spring-boot-adapter-core-4.5.0.Final.jar:4.5.0.Final]
>> at
>>
>> org.keycloak.adapters.springboot.KeycloakSpringBootConfigResolver.resolve(KeycloakSpringBootConfigResolver.java:45)
>> ~[keycloak-spring-boot-adapter-core-4.5.0.Final.jar:4.5.0.Final]
>> at
>>
>> org.keycloak.adapters.springboot.KeycloakSpringBootConfigResolver.resolve(KeycloakSpringBootConfigResolver.java:45)
>> ~[keycloak-spring-boot-adapter-core-4.5.0.Final.jar:4.5.0.Final]
>> at
>>
>> org.keycloak.adapters.springboot.KeycloakSpringBootConfigResolver.resolve(KeycloakSpringBootConfigResolver.java:45)
>> ~[keycloak-spring-boot-adapter-core-4.5.0.Final.jar:4.5.0.Final]
>> at
>>
>> org.keycloak.adapters.springboot.KeycloakSpringBootConfigResolver.resolve(KeycloakSpringBootConfigResolver.java:45)
>> ~[keycloak-spring-boot-adapter-core-4.5.0.Final.jar:4.5.0.Final]
>> at
>>
>> org.keycloak.adapters.springboot.KeycloakSpringBootConfigResolver.resolve(KeycloakSpringBootConfigResolver.java:45)
>> ~[keycloak-spring-boot-adapter-core-4.5.0.Final.jar:4.5.0.Final]
>> at
>>
>> org.keycloak.adapters.springboot.KeycloakSpringBootConfigResolver.resolve(KeycloakSpringBootConfigResolver.java:45)
>> ~[keycloak-spring-boot-adapter-core-4.5.0.Final.jar:4.5.0.Final]
>> ....
>> at
>>
>> org.keycloak.adapters.springboot.KeycloakSpringBootConfigResolver.resolve(KeycloakSpringBootConfigResolver.java:45)
>> ~[keycloak-spring-boot-adapter-core-4.5.0.Final.jar:4.5.0.Final]
>> at
>>
>> org.keycloak.adapters.springboot.KeycloakSpringBootConfigResolver.resolve(KeycloakSpringBootConfigResolver.java:45)
>> ~[keycloak-spring-boot-adapter-core-4.5.0.Final.jar:4.5.0.Final]
>> at
>>
>> org.keycloak.adapters.springboot.KeycloakSpringBootConfigResolver.resolve(KeycloakSpringBootConfigResolver.java:45)
>> ~[keycloak-spring-boot-adapter-core-4.5.0.Final.jar:4.5.0.Final]
>>
>> 2018-10-15 09:50:12.425 ERROR 20936 --- [nio-8081-exec-2]
>> o.a.c.c.C.[.[.[/].[dispatcherServlet] : Servlet.service() for servlet
>> [dispatcherServlet] threw exception
>>
>> java.lang.StackOverflowError: null
>> at
>>
>> org.keycloak.adapters.springboot.KeycloakSpringBootConfigResolver.resolve(KeycloakSpringBootConfigResolver.java:45)
>> ~[keycloak-spring-boot-adapter-core-4.5.0.Final.jar:4.5.0.Final]
>> at
>>
>> org.keycloak.adapters.springboot.KeycloakSpringBootConfigResolver.resolve(KeycloakSpringBootConfigResolver.java:45)
>> ~[keycloak-spring-boot-adapter-core-4.5.0.Final.jar:4.5.0.Final]
>> at
>>
>> org.keycloak.adapters.springboot.KeycloakSpringBootConfigResolver.resolve(KeycloakSpringBootConfigResolver.java:45)
>> ~[keycloak-spring-boot-adapter-core-4.5.0.Final.jar:4.5.0.Final]
>> at org.keycloak.ada
>> ....
>> at
>>
>> org.keycloak.adapters.springboot.KeycloakSpringBootConfigResolver.resolve(KeycloakSpringBootConfigResolver.java:45)
>> ~[keycloak-spring-boot-adapter-core-4.5.0.Final.jar:4.5.0.Final]
>>
>> 2018-10-15 09:50:12.437 ERROR 20936 --- [nio-8081-exec-2]
>> o.a.c.c.C.[Tomcat].[localhost] : Exception Processing
>> ErrorPage[errorCode=0, location=/error]
>>
>> javax.servlet.ServletException: Filter execution threw an exception
>> at
>>
>> org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:200)
>> ~[tomcat-embed-core-8.5.34.jar:8.5.34]
>> at
>>
>> org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166)
>> ~[tomcat-embed-core-8.5.34.jar:8.5.34]
>> at
>>
>> org.apache.catalina.core.ApplicationDispatcher.invoke(ApplicationDispatcher.java:728)
>> ~[tomcat-embed-core-8.5.34.jar:8.5.34]
>> at
>>
>> org.apache.catalina.core.ApplicationDispatcher.processRequest(ApplicationDispatcher.java:472)
>> ~[tomcat-embed-core-8.5.34.jar:8.5.34]
>> at
>>
>> org.apache.catalina.core.ApplicationDispatcher.doForward(ApplicationDispatcher.java:395)
>> ~[tomcat-embed-core-8.5.34.jar:8.5.34]
>> at
>>
>> org.apache.catalina.core.ApplicationDispatcher.forward(ApplicationDispatcher.java:316)
>> ~[tomcat-embed-core-8.5.34.jar:8.5.34]
>> at
>>
>> org.apache.catalina.core.StandardHostValve.custom(StandardHostValve.java:395)
>> [tomcat-embed-core-8.5.34.jar:8.5.34]
>> at
>>
>> org.apache.catalina.core.StandardHostValve.status(StandardHostValve.java:254)
>> [tomcat-embed-core-8.5.34.jar:8.5.34]
>> at
>>
>> org.apache.catalina.core.StandardHostValve.throwable(StandardHostValve.java:349)
>> [tomcat-embed-core-8.5.34.jar:8.5.34]
>> at
>>
>> org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:175)
>> [tomcat-embed-core-8.5.34.jar:8.5.34]
>> at
>>
>> org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:81)
>> [tomcat-embed-core-8.5.34.jar:8.5.34]
>> at
>>
>> org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:87)
>> [tomcat-embed-core-8.5.34.jar:8.5.34]
>> at
>>
>> org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:342)
>> [tomcat-embed-core-8.5.34.jar:8.5.34]
>> at
>> org.apache.coyote.http11.Http11Processor.service(Http11Processor.java:800)
>> [tomcat-embed-core-8.5.34.jar:8.5.34]
>> at
>>
>> org.apache.coyote.AbstractProcessorLight.process(AbstractProcessorLight.java:66)
>> [tomcat-embed-core-8.5.34.jar:8.5.34]
>> at
>>
>> org.apache.coyote.AbstractProtocol$ConnectionHandler.process(AbstractProtocol.java:806)
>> [tomcat-embed-core-8.5.34.jar:8.5.34]
>> at
>> org.apache.tomcat.util.net
>> .NioEndpoint$SocketProcessor.doRun(NioEndpoint.java:1498)
>> [tomcat-embed-core-8.5.34.jar:8.5.34]
>> at
>> org.apache.tomcat.util.net
>> .SocketProcessorBase.run(SocketProcessorBase.java:49)
>> [tomcat-embed-core-8.5.34.jar:8.5.34]
>> at
>>
>> java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1149)
>> [na:1.8.0_162]
>> at
>>
>> java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:624)
>> [na:1.8.0_162]
>> at
>>
>> org.apache.tomcat.util.threads.TaskThread$WrappingRunnable.run(TaskThread.java:61)
>> [tomcat-embed-core-8.5.34.jar:8.5.34]
>> at java.lang.Thread.run(Thread.java:748) [na:1.8.0_162]
>> Caused by: java.lang.StackOverflowError: null
>> at
>>
>> org.keycloak.adapters.springboot.KeycloakSpringBootConfigResolver.resolve(KeycloakSpringBootConfigResolver.java:45)
>> ~[keycloak-spring-boot-adapter-core-4.5.0.Final.jar:4.5.0.Final]
>> at
>>
>> org.keycloak.adapters.springboot.KeycloakSpringBootConfigResolver.resolve(KeycloakSpringBootConfigResolver.java:45)
>> ~[keycloak-spring-boot-adapter-core-4.5.0.Final.jar:4.5.0.Final]
>> at
>>
>> org.keycloak.adapters.springboot.KeycloakSpringBootConfigResolver.resolve(KeycloakSpringBootConfigResolver.java:45)
>> ~[keycloak-spring-boot-adapter-core-4.5.0.Final.jar:4.5.0.Final]
>> at
>>
>> org.keycloak.adapters.springboot.KeycloakSpringBootConfigResolver.resolve(KeycloakSpringBootConfigResolver.java:45)
>> ~[keycloak-spring-boot-adapter-core-4.5.0.Final.jar:4.5.0.Final]
>> at org.key
>>
>>
>>
>> Em seg, 15 de out de 2018 ?s 04:19, Marek Posolda <mposolda at redhat.com>
>> escreveu:
>>
>> > I think the field "authenticationFlowBindingOverrides" was added in some
>> > Keycloak 4.X version. I suggest to update Keycloak dependencies versions
>> > in your pom from 3.4.3.Final to same version, which your Keycloak server
>> > is.
>> >
>> > Marek
>> >
>> > On 13/10/18 04:18, Fabio Ebner wrote:
>> > > When I try to get my client wit this code:
>> > >
>> > > ClientRepresentation app1Client =
>> > > realmResource.clients().findByClientId("central-api").get(0);
>> > >
>> > >
>> > > that error return:
>> > >
>> > > javax.ws.rs.client.ResponseProcessingException:
>> > > javax.ws.rs.ProcessingException:
>> > > com.fasterxml.jackson.databind.exc.UnrecognizedPropertyException:
>> > > Unrecognized field "authenticationFlowBindingOverrides" (class
>> > > org.keycloak.representations.idm.ClientRepresentation), not marked as
>> > > ignorable (38 known properties: "enabled", "clientAuthenticatorType",
>> > > "redirectUris", "clientId", "authorizationServicesEnabled", "name",
>> > > "implicitFlowEnabled", "registeredNodes", "nodeReRegistrationTimeout",
>> > > "publicClient", "attributes", "protocol", "webOrigins",
>> > "protocolMappers",
>> > > "id", "baseUrl", "surrogateAuthRequired", "adminUrl",
>> "fullScopeAllowed",
>> > > "frontchannelLogout", "clientTemplate", "directGrantsOnly", "rootUrl",
>> > > "secret", "useTemplateMappers", "notBefore", "useTemplateScope",
>> > > "standardFlowEnabled", "description", "directAccessGrantsEnabled",
>> > > "useTemplateConfig", "serviceAccountsEnabled", "consentRequired",
>> > "access",
>> > > "bearerOnly", "registrationAccessToken", "defaultRoles",
>> > > "authorizationSettings"])
>> > >
>> > >
>> > >
>> > > this is my pom.
>> > >
>> > > <!--keycloak-->
>> > > <dependency>
>> > > <groupId>org.keycloak</groupId>
>> > > <artifactId>keycloak-spring-security-adapter</artifactId>
>> > > <version>3.4.3.Final</version>
>> > > </dependency>
>> > > <dependency>
>> > > <groupId>org.keycloak</groupId>
>> > > <artifactId>keycloak-spring-boot-starter</artifactId>
>> > > <version>3.4.3.Final</version>
>> > > </dependency>
>> > > <dependency>
>> > > <groupId>org.keycloak</groupId>
>> > > <artifactId>keycloak-admin-client</artifactId>
>> > > <version>3.4.3.Final</version>
>> > > </dependency>
>> > > <dependency>
>> > > <groupId>javax.ws.rs</groupId>
>> > > <artifactId>javax.ws.rs-api</artifactId>
>> > > <version>2.1</version>
>> > > </dependency>
>> > > <!--resteasy-->
>> > > <dependency>
>> > > <groupId>org.jboss.resteasy</groupId>
>> > > <artifactId>resteasy-client</artifactId>
>> > > <version>3.1.3.Final</version>
>> > > </dependency>
>> > > <dependency>
>> > > <groupId>org.jboss.resteasy</groupId>
>> > > <artifactId>resteasy-jackson2-provider</artifactId>
>> > > <version>3.1.3.Final</version>
>> > > </dependency>
>> > > _______________________________________________
>> > > keycloak-user mailing list
>> > > keycloak-user at lists.jboss.org
>> > > https://lists.jboss.org/mailman/listinfo/keycloak-user
>> >
>> >
>> >
>>
>>
>> ------------------------------
>>
>> _______________________________________________
>> keycloak-user mailing list
>> keycloak-user at lists.jboss.org
>> https://lists.jboss.org/mailman/listinfo/keycloak-user
>>
>> End of keycloak-user Digest, Vol 58, Issue 37
>> *********************************************
>>
>
More information about the keycloak-user
mailing list