Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Ids in groups leads to "Create method returned status Not Found (Code: 404); expected status: Created (201)" #824

Closed
Tracked by #1178
andre-s-pedrosa-alb opened this issue Dec 13, 2022 · 1 comment
Closed
Tracked by #1178

Ids in groups leads to "Create method returned status Not Found (Code: 404); expected status: Created (201)" #824

andre-s-pedrosa-alb opened this issue Dec 13, 2022 · 1 comment
Labels
bug

Comments

@andre-s-pedrosa-alb
Copy link

andre-s-pedrosa-alb commented Dec 13, 2022
edited
Loading

Current Behavior

If an import file contains groups with IDs, the exception "Create method returned status Not Found (Code: 404); expected status: Created (201)" will be raised.

Expected Behavior

Since I have other fields on the import file with the field "id" defined (e.g. realm, roles, ...), I would also expect that keycloak-config-cli created groups that have the id field defined.

Steps To Reproduce

1. Perform an export on an existing installation
2. On another and clean installation, without making any changes to the resulting file, I ran the command `java -jar keycloak-config-cli-20.0.1.jar --keycloak.url=http://localhost:8080 --keycloak.user=**** --keycloak.password=**** --keycloak.availability-check.enabled=true --spring.profiles.active=dev --import.cache.enabled=false --import.files.locations=./import_files/realm-export-without-ids.json`
3. Exception will be raised when it starts to import groups

Environment

  • Keycloak Version: 20.0.1
  • keycloak-config-cli Version: 5.5.0
  • Java Version: openjdk 17.0.4

Anything else?

Why is it useful to me to have ids in groups?
On our stack, we have an API component that will query keycloak to know the members of a specific group using the following keycloak's endpoint (https://documenter.getpostman.com/view/7294517/SzmfZHnd#7d80a062-6b07-4ea5-9ddd-14fb3957af33). To specify the target group, the id of such group is needed.

I'm working on the deployment automation using ansible and if keycloak-config-cli allowed ids on groups, I could save the target group's id in an ansible variable and then use that variable to build the environment file of the API component and also build keycloak's import file. (build = use ansible's template files)
My workaround now is to query our database with a query like SELECT keycloak_group.id FROM keycloak_group JOIN realm ON keycloak_group.realm_id = realm.id WHERE realm.name = '{{ realm }}' and keycloak_group.name = {{ target_group }}
@andre-s-pedrosa-alb
Copy link
Author

Did some digging and this behavior is actually happening on keycloak's API, so keycloak-config-cli doesn't have much control over this.
Our workaround is to whenever we want to interact with groups, we first make a request to the /{realm}/groups endpoint, get the id, and then execute whatever request that requires the id of the groups (e.g. /{realm}/groups/{id}/management/permissions)

@zts3y zts3y mentioned this issue Jun 5, 2023
Closed
@francis-pouatcha francis-pouatcha mentioned this issue Oct 31, 2024
Open
16 tasks
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
bug
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@andre-s-pedrosa-alb