-
Bug
-
Resolution: Done
-
Undefined
-
None
-
False
-
-
False
-
-
Before reporting an issue
[X] I have read and understood the above terms for submitting issues, and I understand that my issue may be closed without action if I do not follow them.
Area
admin/api
Describe the bug
Hi,
I am one of the maintainers of the https://github.com/silentpartnersoftware/Keycloak.Net/ repo, which provides a .NET client for interacting with the Keycloak API.
Starting in version 24 one of our users noticed that the serverinfo endpoint is no longer parsing correctly. I have traced this back to the "Intended algorithm for the key" property which used to have a list of options, with a default value of "RS256" but now has a list of default values and no options.
v23.0.4
!image
v24.0.4
!image
I am not sure if this change was intentional or not, but it appears as though this change was likely introduced in the PR:
"Support EC Key-Imports for the JavaKeystoreKeyProvider #26936" (#27030)
Specifically at this line:
```
// merge the algorithms supported for RSA and EC keys and provide them as one configuration property private static ProviderConfigProperty mergedAlgorithmProperties() { List<String> ecAlgorithms = List.of(Algorithm.ES256, Algorithm.ES384, Algorithm.ES512); List<String> algorithms = Stream.concat(Attributes.RS_ALGORITHM_PROPERTY.getOptions().stream(), ecAlgorithms.stream()).toList(); return new ProviderConfigProperty(Attributes.ALGORITHM_KEY, "Algorithm", "Intended algorithm for the key", LIST_TYPE, algorithms.toArray());
}
```
I believe that the incorrect ProviderConfigProperty constructor was called, and instead of passing in a defaultValue, followed by the options, the defaultValue was omitted and the options became the defaultValue. The type for the defaultValue parameter is Object, so it would be possible to accidentally pass in a List instead of a String.
The constructor used was the one on line 84, but I suspect the intention was to use the one on line 92
If this change was intentional then this issue can be closed, if not it would be appreciated if this could be resolved.
Thanks,
Campbell
Version
24.0.4
Regression
[X] The issue is a regression
Expected behavior
"Intended algorithm for the key" should have a defaultValue and options
Actual behavior
"Intended algorithm for the key" options are unintentionally stored in the defaultValue property, and no options (or correct defaultValue) are provided
How to Reproduce?
Call the /admin/serverinfo endpoint and look at the structure of "Intended algorithm for the key" in both 23.0.4 and 24.0.4.
Path componentTypes['org.keycloak.keys.KeyProvider'][4].properties[3].defaultValue
Anything else?
No response
- links to