[BUG] KCK 25.0.2 - new BrokeredIdentityContext

[Olivier-Le-Rigoleur-Acc]

Hello,

I am testing dockerised Keycloack 25.0.2 with extension 6.2.0 (upgrade from an existing keycloak 22.0.7 with extension version 6.0.0 working without issue)

after authenticating using France Connect "Démonstration faible" ans using one of the account in https://github.com/france-connect/identity-provider-example/blob/master/database.csv I have this error in the Keycloak logs when FC redirects me to Keycloak :

2024-08-01 14:35:57,145 INFO  [org.keycloak.broker.oidc.OIDCIdentityProvider] (executor-thread-3) Validating: eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJpc3MiOiJodHRwczovL2ZjcC5pbnRlZzAxLmRldi1mcmFuY2Vjb25uZWN0LmZyIiwic3ViIjoiMTZiMTdiNjY1YTYwNGI4MDI4ZmQ0ZGNiODhjZTljM2NjNmNjY2M0NDQwNGIxNjBhOWRhODE0MTdmNjEyYTBkMXYxIiwiYXVkIjoiNjA4M2MwMjA2NTM2Yjk2ZTA4OGVmYTEwMjAwYzY0NDljZGI1NzhiMjVhYWFmMTMyYjA5ZGQ5M2ZiMzRhYTRjYSIsImV4cCI6MTcyMjUxNTgxNywiaWF0IjoxNzIyNTE1NzU3LCJub25jZSI6IjVBOUJGODcyNUIyMjRERUQxQUI2MDA1RTA5RkRGQ0FDMDc5OTE4RkNENEIxNDkxNDU3OTZERjk1N0FCMzEzODMiLCJpZHAiOiJGQyIsImFjciI6ImVpZGFzMSIsImFtciI6bnVsbH0.fLoNuhskbm4pEJU8cUq-TGfk_CaDDs0OGJSwInQIHb0
2024-08-01 14:35:57,159 DEBUG [org.jboss.resteasy.reactive.common.core.AbstractResteasyReactiveContext] (executor-thread-3) Restarting handler chain for exception exception: java.lang.NoSuchMethodError: 'void org.keycloak.broker.provider.BrokeredIdentityContext.<init>(java.lang.String)'
        at fr.insee.keycloak.providers.franceconnect.FranceConnectIdentityProvider.extractIdentity(FranceConnectIdentityProvider.java:90)
        at org.keycloak.broker.oidc.OIDCIdentityProvider.getFederatedIdentity(OIDCIdentityProvider.java:396)
        at fr.insee.keycloak.providers.common.AbstractBaseIdentityProvider.getFederatedIdentity(AbstractBaseIdentityProvider.java:161)
        at org.keycloak.broker.oidc.AbstractOAuth2IdentityProvider$Endpoint.authResponse(AbstractOAuth2IdentityProvider.java:557)
        at org.keycloak.broker.oidc.AbstractOAuth2IdentityProvider$Endpoint$quarkusrestinvoker$authResponse_ab908fbdd086ee82e140d8a818c077362a2d04b4.invoke(Unknown Source)
        at org.jboss.resteasy.reactive.server.handlers.InvocationHandler.handle(InvocationHandler.java:29)
        at io.quarkus.resteasy.reactive.server.runtime.QuarkusResteasyReactiveRequestContext.invokeHandler(QuarkusResteasyReactiveRequestContext.java:141)
        at org.jboss.resteasy.reactive.common.core.AbstractResteasyReactiveContext.run(AbstractResteasyReactiveContext.java:147)
        at io.quarkus.vertx.core.runtime.VertxCoreRecorder$14.runWith(VertxCoreRecorder.java:582)
        at org.jboss.threads.EnhancedQueueExecutor$Task.run(EnhancedQueueExecutor.java:2513)
        at org.jboss.threads.EnhancedQueueExecutor$ThreadBody.run(EnhancedQueueExecutor.java:1538)
        at org.jboss.threads.DelegatingRunnable.run(DelegatingRunnable.java:29)
        at org.jboss.threads.ThreadLocalResettingRunnable.run(ThreadLocalResettingRunnable.java:29)
        at io.netty.util.concurrent.FastThreadLocalRunnable.run(FastThreadLocalRunnable.java:30)
        at java.base/java.lang.Thread.run(Thread.java:1583)

the token seems valid,the "sub" field is present and is indeed a string.

{
  "iss": "https://fcp.integ01.dev-franceconnect.fr",
  "sub": "16b17b665a604b8028fd4dcb88ce9c3cc6cccc44404b160a9da81417f612a0d1v1",
...
}

I know nothing about java but I see the implementation of the class BrokeredIdentityContext has changed between 24.0.2 (the one used in v6.2.0 of extension if I understand correctly the pom) and 25.0.2 :

https://www.keycloak.org/docs-api/24.0.2/javadocs/org/keycloak/broker/provider/BrokeredIdentityContext.html https://www.keycloak.org/docs-api/25.0.2/javadocs/org/keycloak/broker/provider/BrokeredIdentityContext.html

[Olivier-Le-Rigoleur-Acc]

i made this quick fix https://github.com/InseeFr/Keycloak-FranceConnect/pull/113 and created a jar (ignoring tests error) and now I dont have anymore an error during authentication