We came across an issue when integrating a custom OIDC IDP and mapping roles into it. When we have a list of external roles to map into Keycloak roles, the process fails.
The issue is at the bottom of the
valueEquals(
String,
Object) method in the AbstractClaimMapper class. When the incoming Object is a list, it just performs the comparison with the first element and returns...
...
}
else if (value
instanceof List) {
List list
= (
List)value;
for (
Object val
: list) {
return valueEquals(desiredValue, val);
}
}
...
...