Update UP via provider instead of going through the UserProfileResource

- prevents error when updating realm Closes keycloak#34540 Signed-off-by: Stefan Guilhen <[email protected]>
pedroigor · Nov 7, 2024 · a3a9890 · a3a9890
1 parent d2e19da
commit a3a9890
Show file tree

Hide file tree

Showing 3 changed files with 35 additions and 20 deletions.
diff --git a/rest/admin-ui-ext/src/main/java/org/keycloak/admin/ui/rest/UIRealmResource.java b/rest/admin-ui-ext/src/main/java/org/keycloak/admin/ui/rest/UIRealmResource.java
@@ -37,7 +37,6 @@
 
 import jakarta.ws.rs.Consumes;
 import jakarta.ws.rs.GET;
-import jakarta.ws.rs.InternalServerErrorException;
 import jakarta.ws.rs.PUT;
 import jakarta.ws.rs.Path;
 import jakarta.ws.rs.core.MediaType;
@@ -96,22 +95,8 @@ private boolean isAtLeastOneUserStorageProviderEnabled() {
     }
 
     private void updateUserProfileConfiguration(UIRealmRepresentation rep) {
-        UPConfig upConfig = rep.getUpConfig();
-
-        if (upConfig == null) {
-            return;
-        }
-
         UserProfileResource userProfileResource = new UserProfileResource(session, auth, adminEvent);
-        if (!upConfig.equals(userProfileResource.getConfiguration())) {
-            Response response = userProfileResource.update(upConfig);
-
-            if (isSuccessful(response)) {
-                return;
-            }
-
-            throw new InternalServerErrorException("Failed to update user profile configuration");
-        }
+        userProfileResource.setAndGetConfiguration(rep.getUpConfig());
     }
 
     private boolean isSuccessful(Response response) {

diff --git a/services/src/main/java/org/keycloak/services/resources/admin/UserProfileResource.java b/services/src/main/java/org/keycloak/services/resources/admin/UserProfileResource.java
@@ -95,10 +95,18 @@ public UserProfileMetadata getMetadata() {
     @APIResponse(responseCode = "200", content = @Content(schema = @Schema(implementation = UPConfig.class)))
     public Response update(UPConfig config) {
         auth.realm().requireManageRealm();
-        UserProfileProvider t = session.getProvider(UserProfileProvider.class);
+        return Response.ok(setAndGetConfiguration(config)).type(MediaType.APPLICATION_JSON).build();
+    }
+
+    public UPConfig setAndGetConfiguration(UPConfig config) {
+        UserProfileProvider provider = session.getProvider(UserProfileProvider.class);
+
+        if (config == null || provider.getConfiguration().equals(config)) {
+            return config;
+        }
 
         try {
-            t.setConfiguration(config);
+            provider.setConfiguration(config);
         } catch (ComponentValidationException e) {
             //show validation result containing details about error
             throw ErrorResponse.error(e.getMessage(), Response.Status.BAD_REQUEST);
@@ -109,6 +117,6 @@ public Response update(UPConfig config) {
                 .representation(config)
                 .success();
 
-        return Response.ok(t.getConfiguration()).type(MediaType.APPLICATION_JSON).build();
+        return provider.getConfiguration();
     }
 }
diff --git a/...ian/tests/base/src/test/java/org/keycloak/testsuite/user/profile/UIRealmResourceTest.java b/...ian/tests/base/src/test/java/org/keycloak/testsuite/user/profile/UIRealmResourceTest.java
@@ -51,6 +51,7 @@
 import org.keycloak.representations.userprofile.config.UPAttributePermissions;
 import org.keycloak.representations.userprofile.config.UPAttributeRequired;
 import org.keycloak.representations.userprofile.config.UPConfig;
+import org.keycloak.representations.userprofile.config.UPConfig.UnmanagedAttributePolicy;
 import org.keycloak.testsuite.AbstractTestRealmKeycloakTest;
 import org.keycloak.testsuite.util.AssertAdminEvents;
 import org.keycloak.testsuite.util.UserBuilder;
@@ -203,6 +204,24 @@ public void uiRealmInfoFailsWhenNoAdminRoleIsAssigned() {
         assertEquals(Status.FORBIDDEN.getStatusCode(), response.getStatus());
     }
 
+    @Test
+    public void testRenameRealm() throws IOException {
+        RealmRepresentation rep = testRealm().toRepresentation();
+        UPConfig upConfig = testRealm().users().userProfile().getConfiguration();
+        upConfig.setUnmanagedAttributePolicy(UnmanagedAttributePolicy.ADMIN_VIEW);
+        String originalRealmName = rep.getRealm();
+        String updatedName = originalRealmName + "changed";
+
+        try {
+            rep.setRealm(updatedName);
+            updateRealmExt(toUIRealmRepresentation(rep, upConfig), originalRealmName);
+        } finally {
+            rep.setRealm(originalRealmName);
+            updateRealmExt(toUIRealmRepresentation(rep, upConfig), updatedName);
+            assertAdminEvents.clear();
+        }
+    }
+
     private static String getKeycloakServerUrl() {
         return getAuthServerContextRoot() + "/auth";
     }
@@ -225,7 +244,10 @@ private Response getUiRealmInfo(final TokenManager tokenManager) {
     }
 
     private void updateRealmExt(UIRealmRepresentation rep) {
-        final var realmName = rep.getRealm();
+        updateRealmExt(rep, rep.getRealm());
+    }
+
+    private void updateRealmExt(UIRealmRepresentation rep, String realmName) {
         final var request = prepareHttpRequest(realmName, "ui-ext", adminClient.tokenManager());
 
         final var response = request