-
Bug
-
Resolution: Done
-
Undefined
-
None
-
None
Before reporting an issue
[x] I have read and understood the above terms for submitting issues, and I understand that my issue may be closed without action if I do not follow them.
Area
infinispan
Describe the bug
Keycloak may incorrectly report the code already used if it happens during an Infinispan topology change. The return value of cache.remove may be lost, and Keycloak assumes the code already used.
See https://github.com/infinispan/infinispan/issues/16703 for more info.
2026-02-12 10:47:25,405 INFO [org.infinispan.LIFECYCLE] (jgroups-33373,kc-8081(v=16.0.5)) [Context=actionTokens] ISPN100002: Starting rebalance with members [kc-8080, kc-8081], phase READ_OLD_WRITE_ALL, topology id 20 2026-02-12 10:47:25,414 INFO [org.infinispan.LIFECYCLE] () [Context=actionTokens] ISPN100010: Finished rebalance with members [kc-8080, kc-8081], topology id 20 2026-02-12 10:47:25,452 WARN [org.keycloak.protocol.oidc.utils.OAuth2CodeParser] (executor-thread-22) Code 'f8b78e03-79a5-b6cb-ed00-ed2c0d4f085c' already used for userSession '2juTonEFmV37V1Cibi0v-4Ml' and client '038a953d-080f-44f7-a81c-4436101dce35'. 2026-02-12 10:47:25,456 INFO [org.infinispan.LIFECYCLE] (jgroups-33435,kc-8081(v=16.0.5)) ISPN000973: Task 'state-transfer-actionTokens' started at 2026-02-12T10:47:25.412122767Z and done 2026-02-12T10:47:25.456144328Z
Version
main
Regression
[ ] The issue is a regression
Expected behavior
It is expected that Infinispan will return the removed value.
Actual behavior
Infinispan, when retried a removal operation, it returns a null value.
How to Reproduce?
–
Anything else?
A possible workaround may be used. Fetch the value from the cache and invoke boolean cache.remove(key, value). As it is a conditional removal, it has stronger guarantees on retries.
- links to
