Before reporting an issue

[X] I have read and understood the above terms for submitting issues, and I understand that my issue may be closed without action if I do not follow them.

Area

admin/ui

Describe the bug

Pasting the public key to the validatingPublicKey field in PEM format is not working as before.
The UI field replaces the newlines with spaces and the Keycloak backend wrongly strips the PEM headers and footers with a greedy regex replaceAll in PemUtils, resulting in nullifying the public key, before validating the external token.

In my opinion this bug is caused by both a recent UI change and the wrong regular expression in PemUtilsProvider.java line 139.

The external token validation using a PEM formatted public key, was working in Keycloak 23.

Version

25.0.6

Regression

[X] The issue is a regression

Expected behavior

Pasting the PEM formatted key in the validatingPublicKey field used a text box form type before.

Actual behavior

In KC25 the validatingPublicKey field is now a one line text field and the public key is corrupted.

How to Reproduce?

Paste a PEM formatted public key to a OIDC idp validatingPublicKey field.
Validate an external token signed with the matching private key using a tokenExchange strategy.

Anything else?

A workaround for bypassing the greedy replaceAll is to remove the PEM headers,
-----BEGIN_ and -----END_