[keycloak-user] kcadm - adding a protocol-mapper

Jamie McDowell jambo_mcd at yahoo.co.uk
Tue Jul 31 11:15:41 EDT 2018


Cheers Guys,
We have got this working by importing a json file with the settings. 
I can look at creating a bug in regards to adding this via kcadm if this is definitely a bug?

Regards,
Jamie 

    On Tuesday, 31 July 2018, 08:11:52 BST, Matthias Kesternich <matthias.kesternich at moneymeets.com> wrote:  
 
 FWIW I have no problem creating mappers for 4.0.0 and 4.1.0. I use this:



kcadm.sh create clients/$CLIENT_ID/protocol-mappers/models -f - << 'EOF'

{

  "protocol": "openid-connect",

  "name": "scope",

  "protocolMapper": "oidc-script-based-protocol-mapper",

  "config": {

    "script": "somescript",

    "id.token.claim": false,

    "access.token.claim": true,

    "userinfo.token.claim": false,

    "multivalued": true,

    "claim.name": "myclaim",

    "jsonType.label": ""

  }

}

EOF



To me it seems the OPs json is invalid as indicated by "handleUnexpectedToken".



Best,

-Matthias



Am 31.07.18, 04:50 schrieb "keycloak-user-bounces at lists.jboss.org im Auftrag von Dmitry Telegin" <keycloak-user-bounces at lists.jboss.org im Auftrag von dt at acutus.pro>:



    Hi Jamie,

    

    Seems like you've hit a bug. I can confirm this for KC 4.1.0. As a workaround I've tried to use JSON, but got even stranger error:

    

    Resource not found for url: http://localhost:8080/auth/admin/realms/master/clients/<id>/protocol-mappers/models

    

    But that's exactly the URL the Admin Console makes HTTP POST to. I'd suggest that you file a bug in JIRA.

    

    Cheers,

    Dmitry Telegin

    CTO, Acutus s.r.o.

    Keycloak Consulting and Training

    

    Pod lipami street 339/52, 130 00 Prague 3, Czech Republic

    +42 (022) 888-30-71

    E-mail: info at acutus.pro

    

    On Fri, 2018-07-27 at 16:29 +0000, Jamie McDowell wrote:

    > Hi,

    > 

    > I am trying to add a client protocol-mapper however when i try and run this i get a HTTP error - 500 Internal Server Error

    > opt/jboss/keycloak/bin/kcadm.sh create \clients/<id>/protocol-mappers/models \-r demorealm \-s protocol=openid-connect \-s protocolMapper=oidc-usermodel-realm-mapper \-s consentRequired=false \-s config.claim.name=group_membership \-s config.jsonType.label=String \-s config.id.token.claim=true \-s config.access.token.claim=true \-s config.userinfo.token.claim=true \-s config.multivalued=true \-s name=Realm \

    > I can confirm that kcadm works as i have been able to create groups, LDAP mappers, realms etc...

    > In the server.log i can see the below error when i run the above

    > > ERROR [org.keycloak.services.error.KeycloakErrorHandler] (default task-109) Uncaught server error: com.fasterxml.jackson.databind.JsonMappingException: Can notat [Source: io.undertow.servlet.spec.ServletInputStreamImpl at 55dee6f8; line: 1, column: 119] (through reference chain: org.keycloak.representations.idm.ProtocolMapperRepresentation["co      at com.fasterxml.jackson.databind.JsonMappingException.from(JsonMappingException.java:270)                                                                                            at com.fasterxml.jackson.databind.DeserializationContext.reportMappingException(DeserializationContext.java:1234)                                                                    at com.fasterxml.jackson.databind.DeserializationContext.handleUnexpectedToken(DeserializationContext.java:1122)                                                                      at com.fasterxml.jackson.databind.DeserializationContext.handleUnexpectedToken(DeserializationContext.java:1075)                                                                      at com.fasterxml.jackson.databind.deser.std.StringDeserializer.deserialize(StringDeserializer.java:60)

    > Appreciate if anyone can advise on this (keycloak version is 3.4.3)

    > Thanks Jamie  

    > _______________________________________________

    > keycloak-user mailing list

    > keycloak-user at lists.jboss.org

    > https://lists.jboss.org/mailman/listinfo/keycloak-user

    

    _______________________________________________

    keycloak-user mailing list

    keycloak-user at lists.jboss.org

    https://lists.jboss.org/mailman/listinfo/keycloak-user


  


More information about the keycloak-user mailing list