Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

sig#578 - Keycloak Seeding | Unhandled exception #1039

Open
evegufy opened this issue Sep 26, 2024 · 2 comments
Open

sig#578 - Keycloak Seeding | Unhandled exception #1039

evegufy opened this issue Sep 26, 2024 · 2 comments
Assignees
@Phil91
Labels
enhancement New feature or request

Comments

@evegufy
Copy link
Contributor

evegufy commented Sep 26, 2024

Description

Follow up on #910 (review)

I noticed an unhandled exception with status code 500 (Internal Server Error) during the deletion of assigned default client scopes:

"Exception":"Org.Eclipse.TractusX.Portal.Backend.Framework.ErrorHandling.ServiceException: Internal Server Error: http://sharedidp-keycloak/auth/admin/realms/master/clients/34e015a5-b944-46d8-a9f3-4bc8e856a727/default-client-scopes/ff556da8-6b2b-4fe3-97cf-4a9c93ffc3c1\n ---> Flurl.Http.FlurlHttpException: Call failed with status code 500 (Internal Server Error): DELETE http://sharedidp-keycloak/auth/admin/realms/master/clients/34e015a5-b944-46d8-a9f3-4bc8e856a727/default-client-scopes/ff556da8-6b2b-4fe3-97cf-4a9c93ffc3c1\n

Scenario:

  • master-realm is created and to default clients admin-cli, account and security-admin-console the default client scope acr is assigned
  • seeding job uses a json file for the master realm where the default client scope acr is not assigned to default clients admin-cli, account and security-admin-console
  • seeding job runs into the exception above BUT only after successfully removing the assignments of the default client scope acr from default clients admin-cli, account and security-admin-console

Why is this exception thrown if the deletion is successful?

After the seeding job ran into this error, it was running without error at the second run.
And I was able to avoid this error to begin with by adding the default client scope acr to the default clients admin-cli, account and security-admin-console.
I still think it's worth investigating this behaviour.

Additional Information

relates to #910
@evegufy evegufy added the enhancement New feature or request label Sep 26, 2024
@github-project-automation github-project-automation bot moved this to NEW USER REQUEST in Portal Sep 26, 2024
@evegufy evegufy moved this from NEW USER REQUEST to BACKLOG in Portal Sep 26, 2024
@evegufy evegufy mentioned this issue Sep 26, 2024
Merged
6 tasks
@evegufy evegufy added this to the Release 24.12 milestone Sep 26, 2024
evegufy added a commit to eclipse-tractusx/portal-iam that referenced this issue Oct 2, 2024
@evegufy
fix: avoid unhandled exception
e26dfcb 
eclipse-tractusx/portal-backend#1039
@evegufy evegufy mentioned this issue Oct 2, 2024
Merged
5 tasks
@evegufy
Copy link
Contributor Author

evegufy commented Oct 15, 2024

example realm file to reproduce the issue: https://github.com/eclipse-tractusx/portal-iam/blob/v3.0.1/import/realm-config/generic/catenax-shared/master-realm.json

@Phil91 Phil91 assigned Phil91 and unassigned ntruchsess Oct 15, 2024
@Phil91 Phil91 moved this from BACKLOG to IN PROGRESS in Portal Oct 15, 2024
@Phil91
Copy link
Member

Phil91 commented Oct 21, 2024

I've created a keycloak issue for that, the error occurs when using postman as well, it seems like it is a caching issue or something since the client-scope is removed but the api response is a 500

keycloak/keycloak#34130

@evegufy evegufy removed this from the Release 2.3.0 (24.12) milestone Dec 2, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@Phil91 Phil91

Labels
enhancement New feature or request
Projects
Portal
Status: IN PROGRESS
Milestone
No milestone
Development

No branches or pull requests
3 participants
@ntruchsess @Phil91 @evegufy