Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Joining groups not working as expected #134

Open
mnahkies opened this issue Sep 8, 2024 · 1 comment
Open

Joining groups not working as expected #134

mnahkies opened this issue Sep 8, 2024 · 1 comment
Labels
bug Something isn't working

Comments

@mnahkies
Copy link
Contributor

mnahkies commented Sep 8, 2024

With the fix from #133 applied, I'm still not seeing group membership working correctly.

Expected Behavior

I'd expect either a PATCH or PUT to the group adding the new member.

Current Behavior

I observe a PUT but with a request body missing members

Request log from SCIM client server:

{
    "method": "PUT",
    "url": "/scim/v2/Groups/b086aaea-c79f-4b8a-bdd4-7036655c6e4e",
    "query": {},
    "body": {
        "schemas": [
            "urn:ietf:params:scim:schemas:core:2.0:Group"
        ],
        "id": "b086aaea-c79f-4b8a-bdd4-7036655c6e4e",
        "externalId": "bbaffbe6-bca0-4bdd-a11e-60d77c22e83d",
        "displayName": "foo2"
    }
}

Based on the logs it's failing to find a SCIM mapping, but I can't yet see why this is. The user is being correctly created in my external IdP, and I believe my response to the POST /scim/v2/Users request is compliant.

Keycloak logs:

# Logs from creating the user
2024-09-08 10:19:45,151 INFO  [sh.libre.scim.event.ScimEventListenerProvider] (executor-thread-22) 4affcc8f-d94b-4248-b9ab-5eb7d3cfc8d2 CREATE

# Logs from joining the user to a group
2024-09-08 10:20:01,591 INFO  [sh.libre.scim.event.ScimEventListenerProvider] (executor-thread-24) CREATE 4affcc8f-d94b-4248-b9ab-5eb7d3cfc8d2 from bbaffbe6-bca0-4bdd-a11e-60d77c22e83d
2024-09-08 10:20:01,592 INFO  [sh.libre.scim.core.ScimDispatcher] (executor-thread-24) 23deef6e-7411-4a76-ba87-b806f3f1667a firebase scim org.keycloak.storage.UserStorageProvider
2024-09-08 10:20:01,599 INFO  [sh.libre.scim.core.ScimClient] (executor-thread-24) Group
2024-09-08 10:20:01,600 ERROR [sh.libre.scim.core.GroupAdapter] (executor-thread-24) jakarta.persistence.NoResultException: No result found for query [from ScimResource where realmId = :realmId and componentId = :componentId and type = :type and id = :id]
2024-09-08 10:20:01,601 ERROR [sh.libre.scim.core.GroupAdapter] (executor-thread-24) jakarta.persistence.NoResultException: No result found for query [from ScimResource where realmId = :realmId and componentId = :componentId and type = :type and id = :id]
2024-09-08 10:20:01,655 INFO  [sh.libre.scim.core.ScimDispatcher] (executor-thread-24) 23deef6e-7411-4a76-ba87-b806f3f1667a firebase scim org.keycloak.storage.UserStorageProvider
2024-09-08 10:20:01,667 WARN  [sh.libre.scim.core.ScimClient] (executor-thread-24) failed to replace resource 4affcc8f-d94b-4248-b9ab-5eb7d3cfc8d2, scim mapping not found

Steps to Reproduce

  1. Create a user
  2. Create a group
  3. Assign user to group
@mnahkies mnahkies added the bug Something isn't working label Sep 8, 2024
@moma8468
Copy link

Confirmed: I do not see membership updates either...

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
bug Something isn't working
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@mnahkies @moma8468