Skip to content

Parse saml urls correctly if the bindings are different #31805

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
mposolda merged 1 commit into from
Aug 2, 2024
Merged

Parse saml urls correctly if the bindings are different #31805

mposolda merged 1 commit into from
Aug 2, 2024

Conversation

@rmartinc
Copy link
Contributor

@rmartinc rmartinc commented Jul 31, 2024

Closes #31780

The singleLogoutServiceUrl was parsed related to the singleSignOnServiceUrl. The logout url was forced to use the same binding than the singon url (don't know why, maybe some historic reason, previous configuration options or similar). The PR just modifies the parsing to make singleLogoutServiceUrl/postBindingLogout independent of singleSignOnServiceUrl/postBindingResponse. Now they can use different bindings. As usual POST is preferred in both if available. Test added.

@rmartinc rmartinc requested review from a team as code owners July 31, 2024 13:14
@mposolda mposolda self-assigned this Aug 1, 2024
@rmartinc
Copy link
Contributor Author

rmartinc commented Aug 1, 2024
edited
Loading

The failed test is because of #31828. It seems to be a known bug. I can rebase the PR when fixed.

@rmartinc
Copy link
Contributor Author

rmartinc commented Aug 1, 2024

Rebased now the issue seems to be fixed.

keycloak-github-bot[bot]
keycloak-github-bot bot reviewed Aug 1, 2024
View reviewed changes
Copy link

@keycloak-github-bot keycloak-github-bot bot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Unreported flaky test detected, please review

@keycloak-github-bot
Copy link

keycloak-github-bot bot commented Aug 1, 2024

Unreported flaky test detected

If the flaky tests below are affected by the changes, please review and update the changes accordingly. Otherwise, a maintainer should report the flaky tests prior to merging the PR.

org.keycloak.testsuite.forms.BruteForceTest#testRaceAttackPermanentLockout

Keycloak CI - Forms IT (firefox)

java.lang.AssertionError: Invalid count should be less than or equal 2 but was: 3
	at org.junit.Assert.fail(Assert.java:89)
	at org.junit.Assert.assertTrue(Assert.java:42)
	at org.keycloak.testsuite.forms.BruteForceTest.raceAttack(BruteForceTest.java:820)
	at org.keycloak.testsuite.forms.BruteForceTest.testRaceAttackPermanentLockout(BruteForceTest.java:790)
...

Report flaky test

mposolda
mposolda approved these changes Aug 2, 2024
View reviewed changes
Copy link
Contributor

@mposolda mposolda left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@rmartinc Thanks!

@mposolda mposolda merged commit 773e309 into keycloak:main Aug 2, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@mposolda mposolda mposolda approved these changes

+1 more reviewer

@keycloak-github-bot keycloak-github-bot[bot] keycloak-github-bot[bot] left review comments

Reviewers whose approvals may not affect merge requirements

Assignees

@mposolda mposolda

Labels

flaky-test team/cloud-native team/core-clients team/core-iam

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

SAML IdP configure does not parse IdP metadata.xml correctly

2 participants

@rmartinc @mposolda