Cannot find requested client with clientId #30837
Comments
|
I did small investigating and maybe I see problem. @Override
public ClientModel getClientByClientId(RealmModel realm, String clientId) {
logger.tracef("getClientByClientId(%s, %s)%s", realm, clientId, getShortStackTrace());
TypedQuery<String> query = em.createNamedQuery("findClientIdByClientId", String.class);
query.setParameter("clientId", clientId);
query.setParameter("realm", realm.getId());
List<String> results = query.getResultList();
if (results.isEmpty()) return null;
String id = results.get(0);
return session.clients().getClientById(realm, id);
}Input parameter named query for select client.id from ClientEntity client where client.clientId = :clientId and client.realmId = :realmIt failed on client.clientId = :clientId. There could be used already existed select client from ClientEntity client where client.id = :id and client.realmId = :realm@Override
public ClientModel getClientByClientId(RealmModel realm, String clientId) {
logger.tracef("getClientByClientId(%s, %s)%s", realm, clientId, getShortStackTrace());
TypedQuery<String> query = em.createNamedQuery("getClientById", String.class);
query.setParameter("id", clientId);
query.setParameter("realm", realm.getId());
List<String> results = query.getResultList();
if (results.isEmpty()) return null;
String id = results.get(0);
return session.clients().getClientById(realm, id);
}But question is why |
|
And tests are written for cliendId (name) not UUID. final ClientModel client1 = session.clients().getClientByClientId(realm, "client1"); |
|
@MrZajic Thanks for the investigation. Yeah, I just checked here and for me I'm seeing the clientId when syncing the roles. Can you check how the mapper config looks like when the Admin UI is fetching the config from Perhaps try to re-create the mapper to see if it helps. If so, not sure why you ended up with the UUID set in the mapper config. |
|
I think I know why. See #30523. Looks like re-creating the mapper should help. |
|
@pedroigor Thank you. You're right. Unfortunately, fix is not in 25.0.1 tag. Fastly I tested NIGHTLY build and after re-creating mapper it works. And this solving more problems because similar problem was with |
|
Nice. @MrZajic Just to confirm, were you able to solve the problem in 25.0.1? Wondering if we need to backport that change if not there already. |
|
@pedroigor Unfortunately, version 25.0.1 not solve problem. I see still old code without change (#30523) for 25.0.1 see: keycloak/js/apps/admin-ui/src/components/client/ClientSelect.tsx Lines 60 to 63 in 6a22f31 |
pedroigor
added
team/ui
backport/25.0
action/priority-regression
and removed
team/core-iam
labels
keycloak-github-bot
bot
added
kind/regression
priority/blocker
|
Should be fixed by #30865 in the next 25 release. |
Before reporting an issue
Area
ldap
Describe the bug
If I add new mapper
role-ldap-mapperfor LDAP federation and uncheckedUse Realm Roles Mappingwith filledClient ID, then it will do nothing after sync and nothing is synced with roles for filled client id.Version
25.0.1
Regression
Expected behavior
It will sync roles to specific Client ID.
Actual behavior
User federation-> yourFederation (LDAP: other) ->Mappers->Add mapper->role-ldap-mapperProblematic is unchecked
Use Realm Roles Mapping+ filledClient ID. This cause warning in keycloak log:But if I go to
Clients- selected my client -> then in URL i can see:https://{keycloak.ip}/admin/master/console/#/{myRealm}/clients/ddde338f-d031-45ce-bae4-4d8f8aeb5d5e/settingsIt seems UUID are fine. Database default H2 without changes. All newly created manually without imports config. With only checked Use Realm Roles Mapping without Client ID works fine.
I have very similar problem when I tried mapping client scope roles with very similar
Client IDand too without success. But it is another problem.How to Reproduce?
Please see actual behaviour.
Anything else?
No response
The text was updated successfully, but these errors were encountered: