sig#578 - Keycloak Seeding | Unhandled exception

[evegufy]

Description

Follow up on https://github.com/eclipse-tractusx/portal-backend/pull/910#pullrequestreview-2314893821

I noticed an unhandled exception with status code 500 (Internal Server Error) during the deletion of assigned default client scopes:

"Exception":"Org.Eclipse.TractusX.Portal.Backend.Framework.ErrorHandling.ServiceException: Internal Server Error: http://sharedidp-keycloak/auth/admin/realms/master/clients/34e015a5-b944-46d8-a9f3-4bc8e856a727/default-client-scopes/ff556da8-6b2b-4fe3-97cf-4a9c93ffc3c1\n ---> Flurl.Http.FlurlHttpException: Call failed with status code 500 (Internal Server Error): DELETE http://sharedidp-keycloak/auth/admin/realms/master/clients/34e015a5-b944-46d8-a9f3-4bc8e856a727/default-client-scopes/ff556da8-6b2b-4fe3-97cf-4a9c93ffc3c1\n

Scenario:

• master-realm is created and to default clients admin-cli, account and security-admin-console the default client scope acr is assigned
• seeding job uses a json file for the master realm where the default client scope acr is not assigned to default clients admin-cli, account and security-admin-console
• seeding job runs into the exception above BUT only after successfully removing the assignments of the default client scope acr from default clients admin-cli, account and security-admin-console

Why is this exception thrown if the deletion is successful?

After the seeding job ran into this error, it was running without error at the second run. And I was able to avoid this error to begin with by adding the default client scope acr to the default clients admin-cli, account and security-admin-console. I still think it's worth investigating this behaviour.

Additional Information

relates to https://github.com/eclipse-tractusx/portal-backend/pull/910

[evegufy]

example realm file to reproduce the issue: https://github.com/eclipse-tractusx/portal-iam/blob/v3.0.1/import/realm-config/generic/catenax-shared/master-realm.json