keycloak / keycloak

Open Source Identity and Access Management For Modern Applications and Services
https://www.keycloak.org
Apache License 2.0
23.13k stars 6.73k forks source link

Triming values in keycloak console #17675

Closed marek-surek closed 9 months ago

marek-surek commented 2 years ago

Description

  1. If you are creating new client and e.g. " xxx ", you are correctly removing ending and trailing whitespaces
  2. If you are creating role (Clients -> someClient -> Roles ) keycloak is not trimminng role name so "xxx " role name is accepted but it is always impossible to see it.
  3. The same behaviour with names as in 2 is also in : a) Creating resource (Clients -> someClient -> Authorization -> Resources) b) Creating scopes (Clients -> someClient -> Authorization -> Scopes) c) Creating policies (Clients -> someClient -> Authorization -> Policies) d) Creating permissions (Clients -> someClient -> Authorization -> Permissions)

Discussion

No response

Motivation

If you are copy pasting values, sometimes you miss that there are whitespaces. Then in real usage it application it causes problems as you are seeing it in listings without whitespaces but when you are in detail and you are copying it, then you see there are also some whitespaces.

Details

No response

ssilvert commented 2 years ago

@marek-surek Thanks for reporting. I'm going to move this issue to the keycloak-ui repo.

jonkoops commented 2 years ago

Should we not be solving this at the API level? To keep things in-line with the 'dumb front-end' philosophy?

ssilvert commented 1 year ago

@jonkoops That's a good point and I tend to agree. The API should handle this. I'll run it through triage for the core team.

mposolda commented 1 year ago

Adding to Backlog for now. I don't think we're able to fix this for Keycloak 22. It will be ideal if trimming is done in some "universal" way (EG. not manually trimming "client name" or "role name" at every particular endpoint, but rather have some "Trimming Interceptor" or something, which will automatically apply trimming to almost everything (including most of the attributes in underlying JSON sent in POST/PUT methods etc)).

Community contribution is welcome to look at it and eventually fix it, but looks like this may be non-trivial effort (if we want to have this done properly in some universal way). See the "Contributors" section under https://www.keycloak.org/community .

stianst commented 1 year ago

This could potentially be solved fairly easily by modifying how do deserialize JSON.

Maybe not, but there may be also a link here to extending/improving on validation

stianst commented 9 months ago

I'm going to close this one as I don't actually agree that it should trim values. We should add validation when values shouldn't start with whitespaces, but that's a different topic.