search

klausbetz / apple-identity-provider-keycloak

An extension for Keycloak, that enables web-based sign in with Apple and token exchange
Apache License 2.0
193 stars 27 forks source link

issue with federation link in user #69

Closed 1337andre closed 8 months ago

1337andre commented 8 months ago

Hi, i have a preconfigured user from other userbase. When try to login with apple idp, i got the following error.

hcp-int-keycloakx-0 keycloak 2024-03-26 09:33:08,265 WARN  [org.keycloak.services] (executor-thread-6) KC-SERVICES0013: Failed authentication: java.lang.NullPointerException: Cannot invoke "org.keycloak.models.UserModel.getFederationLink()" because "this.delegate" is null
hcp-int-keycloakx-0 keycloak    at org.keycloak.models.utils.UserModelDelegate.getFederationLink(UserModelDelegate.java:195)
hcp-int-keycloakx-0 keycloak    at org.keycloak.storage.ldap.LDAPStorageProvider.lambda$decorateUserProfile$23(LDAPStorageProvider.java:1115)
hcp-int-keycloakx-0 keycloak    at org.keycloak.userprofile.AttributeMetadata.isSelected(AttributeMetadata.java:132)
hcp-int-keycloakx-0 keycloak    at org.keycloak.userprofile.DefaultAttributes.configureMetadata(DefaultAttributes.java:332)
hcp-int-keycloakx-0 keycloak    at org.keycloak.userprofile.DefaultAttributes.<init>(DefaultAttributes.java:87)
hcp-int-keycloakx-0 keycloak    at org.keycloak.userprofile.DeclarativeUserProfileProvider.createAttributes(DeclarativeUserProfileProvider.java:112)
hcp-int-keycloakx-0 keycloak    at org.keycloak.userprofile.DeclarativeUserProfileProvider.createUserProfile(DeclarativeUserProfileProvider.java:139)
hcp-int-keycloakx-0 keycloak    at org.keycloak.userprofile.DeclarativeUserProfileProvider.create(DeclarativeUserProfileProvider.java:122)
hcp-int-keycloakx-0 keycloak    at org.keycloak.authentication.authenticators.broker.IdpReviewProfileAuthenticator.actionImpl(IdpReviewProfileAuthenticator.java:196)
hcp-int-keycloakx-0 keycloak    at org.keycloak.authentication.authenticators.broker.AbstractIdpAuthenticator.action(AbstractIdpAuthenticator.java:93)
hcp-int-keycloakx-0 keycloak    at org.keycloak.authentication.DefaultAuthenticationFlow.processAction(DefaultAuthenticationFlow.java:151)
hcp-int-keycloakx-0 keycloak    at org.keycloak.authentication.AuthenticationProcessor.authenticationAction(AuthenticationProcessor.java:987)
hcp-int-keycloakx-0 keycloak    at org.keycloak.services.resources.LoginActionsService.processFlow(LoginActionsService.java:364)
hcp-int-keycloakx-0 keycloak    at org.keycloak.services.resources.LoginActionsService.brokerLoginFlow(LoginActionsService.java:914)
hcp-int-keycloakx-0 keycloak    at org.keycloak.services.resources.LoginActionsService.firstBrokerLoginPost(LoginActionsService.java:801)
hcp-int-keycloakx-0 keycloak    at org.keycloak.services.resources.LoginActionsService$quarkusrestinvoker$firstBrokerLoginPost_25c90c0841fd6b962851983ab9ce700911810f0a.invoke(Unknown Source)
hcp-int-keycloakx-0 keycloak    at org.jboss.resteasy.reactive.server.handlers.InvocationHandler.handle(InvocationHandler.java:29)
hcp-int-keycloakx-0 keycloak    at io.quarkus.resteasy.reactive.server.runtime.QuarkusResteasyReactiveRequestContext.invokeHandler(QuarkusResteasyReactiveRequestContext.java:141)
hcp-int-keycloakx-0 keycloak    at org.jboss.resteasy.reactive.common.core.AbstractResteasyReactiveContext.run(AbstractResteasyReactiveContext.java:147)
hcp-int-keycloakx-0 keycloak    at io.quarkus.vertx.core.runtime.VertxCoreRecorder$14.runWith(VertxCoreRecorder.java:582)
hcp-int-keycloakx-0 keycloak    at org.jboss.threads.EnhancedQueueExecutor$Task.run(EnhancedQueueExecutor.java:2513)
hcp-int-keycloakx-0 keycloak    at org.jboss.threads.EnhancedQueueExecutor$ThreadBody.run(EnhancedQueueExecutor.java:1538)
hcp-int-keycloakx-0 keycloak    at org.jboss.threads.DelegatingRunnable.run(DelegatingRunnable.java:29)
hcp-int-keycloakx-0 keycloak    at org.jboss.threads.ThreadLocalResettingRunnable.run(ThreadLocalResettingRunnable.java:29)
hcp-int-keycloakx-0 keycloak    at io.netty.util.concurrent.FastThreadLocalRunnable.run(FastThreadLocalRunnable.java:30)
hcp-int-keycloakx-0 keycloak    at java.base/java.lang.Thread.run(Thread.java:840)

social link was create for user, but username and userID ist empty.

Screenshot 2024-03-26 at 10 38 52

tested with: 24.0.2

tescase: login with apple into https://mycompany.de/auth/realms/myrealm/account/

klausbetz commented 8 months ago

Hi @1337andre, thx for reporting this one.

It seems like this is an issue with Keycloak itself. There's an issue for Keycloak v25.0.0 that should resolve this bug.

1337andre commented 8 months ago

thx for response and research! i will try it with v23 again

klausbetz commented 8 months ago

You're welcome šŸ‘

pedroigor commented 8 months ago

Btw, the fix should be included in 24.0.3.