Keycloak backend plugin is not wotking as expected #2112
Comments
|
Any comments here please? |
|
@paralika This looks like an invalid group definition. Is the Can you share what this group looks like? Find this group in Catalog, lick on 3 dots in top right corner, and select inspect entity, there you can find Raw Yaml. |
|
@kadel "mainstream-engineering-admin" is available in Keycloak. The plugin is trying to import it, but it is not successful yet. I have ~1k groups in Keycloak. Out of that, only 341 groups were imported successfully and for others it is failing with this error. |
|
The error message complains about a third member of that group. Can you check the members of that group? Maybe you notice something suspicious. For example, isn't there a user with numeric username? |
|
@kadel I do not see any suspicious chars. Please see the screenshot below. The username is an alphanumeric value pointing to the users.
|
|
The Keycloak admin API returns usernames as strings (https://github.com/keycloak/keycloak/blob/main/js/libs/keycloak-admin-client/src/defs/userRepresentation.ts#L10), so I don't think that should be an issue. I tested by assigning both numeric and alphanumeric usernames to a group, and the sync process worked as expected for users and groups. Here is what I received under spec.members: spec:
members:
- "078687777"
- z007abc7666666
Are you using any custom transformers in your setup? If so, it's possible that they might be mutating the entity in a way that’s causing type issues during validation. |
|
No, I do not have any custom transformer set. I am following the instructions given at - https://janus-idp.io/plugins/keycloak/ Did you follow the same instructions? Wondering if I missed anything. |
Describe the bug
I have setup the Keycloak backend plugin by following the steps given on below this link - https://janus-idp.io/plugins/keycloak/ . Plugin configure successfully and it started syncing users and groups, but then abruptly, it stopped syncing with below error.
Processor BuiltinKindsEntityProcessor threw an error while validating the entity group:default/mainstream-engineering-admin; caused by TypeError: /spec/members/2 must be string - type: string entity=group:default/mainstream-engineering-admin �[36mlocation�[39m=url:https://authusqa.devops.sws.company.com/auth/admin/realms/chim/groups/480049ad-7a33-41ab-87a6-382a797831e0
I am using the new backend and followed the plugin configuration steps accordingly.
Expected Behavior
All users and groups from keyclock realm should be synced
What are the steps to reproduce this bug?
Versions of software used and environment
@janus-idp/backstage-plugin-keycloak-backend": "^1.13.1",
Backstage - 1.30.4 ([email protected])
The text was updated successfully, but these errors were encountered: