reCAPTCHA Enterprise v3 - Unrecognized field "accountDefenderAssessment"

Before reporting an issue

[X] I have read and understood the above terms for submitting issues, and I understand that my issue may be closed without action if I do not follow them.

Area

core

Describe the bug

After configuring reCAPTCHA Enterprise v3 according to docs I tried to register new account and I always have "Invalid Recaptcha" error message on form, checked logs and got an exception:

{
    "timestamp": "2024-06-28T12:12:03.115117726Z",
    "sequence": 9826,
    "loggerClassName": "org.keycloak.services.ServicesLogger_$logger",
    "loggerName": "org.keycloak.services",
    "level": "ERROR",
    "message": "KC-SERVICES0028: Recaptcha failed",
    "threadName": "executor-thread-19",
    "threadId": 72,
    "mdc": {},
    "ndc": "",
    "hostName": "keycloak-keycloakx-0",
    "processName": "QuarkusEntryPoint",
    "processId": 1,
    "exception": {
        "refId": 1,
        "exceptionType": "com.fasterxml.jackson.databind.exc.UnrecognizedPropertyException",
        "message": "Unrecognized field \"accountDefenderAssessment\" (class org.keycloak.authentication.forms.RecaptchaAssessmentResponse), not marked as ignorable (4 known properties: \"event\", \"name\", \"tokenProperties\", \"riskAnalysis\"])\n at [Source: REDACTED (`StreamReadFeature.INCLUDE_SOURCE_IN_LOCATION` disabled); line: 32, column: 33] (through reference chain: org.keycloak.authentication.forms.RecaptchaAssessmentResponse[\"accountDefenderAssessment\"])",
        "frames": [
            {
                "class": "com.fasterxml.jackson.databind.exc.UnrecognizedPropertyException",
                "method": "from",
                "line": 61
            },
            {
                "class": "com.fasterxml.jackson.databind.DeserializationContext",
                "method": "handleUnknownProperty",
                "line": 1153
            },
            {
                "class": "com.fasterxml.jackson.databind.deser.std.StdDeserializer",
                "method": "handleUnknownProperty",
                "line": 2241
            },
            {
                "class": "com.fasterxml.jackson.databind.deser.BeanDeserializerBase",
                "method": "handleUnknownProperty",
                "line": 1793
            },
            {
                "class": "com.fasterxml.jackson.databind.deser.BeanDeserializerBase",
                "method": "handleUnknownVanilla",
                "line": 1771
            },
            {
                "class": "com.fasterxml.jackson.databind.deser.BeanDeserializer",
                "method": "vanillaDeserialize",
                "line": 316
            },
            {
                "class": "com.fasterxml.jackson.databind.deser.BeanDeserializer",
                "method": "deserialize",
                "line": 177
            },
            {
                "class": "com.fasterxml.jackson.databind.deser.DefaultDeserializationContext",
                "method": "readRootValue",
                "line": 342
            },
            {
                "class": "com.fasterxml.jackson.databind.ObjectMapper",
                "method": "_readMapAndClose",
                "line": 4905
            },
            {
                "class": "com.fasterxml.jackson.databind.ObjectMapper",
                "method": "readValue",
                "line": 3885
            },
            {
                "class": "org.keycloak.util.JsonSerialization",
                "method": "readValue",
                "line": 96
            },
            {
                "class": "org.keycloak.util.JsonSerialization",
                "method": "readValue",
                "line": 81
            },
            {
                "class": "org.keycloak.authentication.forms.RegistrationRecaptchaEnterprise",
                "method": "validate",
                "line": 94
            },
            {
                "class": "org.keycloak.authentication.forms.AbstractRegistrationRecaptcha",
                "method": "validate",
                "line": 123
            },
            {
                "class": "org.keycloak.authentication.FormAuthenticationFlow",
                "method": "processAction",
                "line": 216
            },
            {
                "class": "org.keycloak.authentication.DefaultAuthenticationFlow",
                "method": "processAction",
                "line": 130
            },
            {
                "class": "org.keycloak.authentication.AuthenticationProcessor",
                "method": "authenticationAction",
                "line": 1031
            },
            {
                "class": "org.keycloak.services.resources.LoginActionsService",
                "method": "processFlow",
                "line": 376
            },
            {
                "class": "org.keycloak.services.resources.LoginActionsService",
                "method": "processRegistration",
                "line": 740
            },
            {
                "class": "org.keycloak.services.resources.LoginActionsService",
                "method": "registerRequest",
                "line": 798
            },
            {
                "class": "org.keycloak.services.resources.LoginActionsService",
                "method": "processRegister",
                "line": 776
            },
            {
                "class": "org.keycloak.services.resources.LoginActionsService$quarkusrestinvoker$processRegister_d74fe9a75cf3bd2931a56db1e8b63bbd12000522",
                "method": "invoke"
            },
            {
                "class": "org.jboss.resteasy.reactive.server.handlers.InvocationHandler",
                "method": "handle",
                "line": 29
            },
            {
                "class": "io.quarkus.resteasy.reactive.server.runtime.QuarkusResteasyReactiveRequestContext",
                "method": "invokeHandler",
                "line": 141
            },
            {
                "class": "org.jboss.resteasy.reactive.common.core.AbstractResteasyReactiveContext",
                "method": "run",
                "line": 147
            },
            {
                "class": "io.quarkus.vertx.core.runtime.VertxCoreRecorder$14",
                "method": "runWith",
                "line": 582
            },
            {
                "class": "org.jboss.threads.EnhancedQueueExecutor$Task",
                "method": "run",
                "line": 2513
            },
            {
                "class": "org.jboss.threads.EnhancedQueueExecutor$ThreadBody",
                "method": "run",
                "line": 1538
            },
            {
                "class": "org.jboss.threads.DelegatingRunnable",
                "method": "run",
                "line": 29
            },
            {
                "class": "org.jboss.threads.ThreadLocalResettingRunnable",
                "method": "run",
                "line": 29
            },
            {
                "class": "io.netty.util.concurrent.FastThreadLocalRunnable",
                "method": "run",
                "line": 30
            },
            {
                "class": "java.lang.Thread",
                "method": "run",
                "line": 1583
            }
        ]
    }
}

however, I can see on GCP key details that assesments were created on API. I guess that some fields (accountDefenderAssessment) were added on Google Recaptcha Enterprise API Response.

Version

25.0.1

Regression

[ ] The issue is a regression

Expected behavior

reCAPTCHA Enterprise v3 should be validated, then the registration should pass.

Actual behavior

Invalid Recaptcha Error on register form.

How to Reproduce?

configure reCAPTCHA Enterprise v3 according to the docs
try to create new account

Anything else?

No response

keycloak / keycloak