Thanks to visit codestin.com
Credit goes to Github.com

Skip to content

added better validation and more validation tests #46277

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
edewit wants to merge 2 commits into
base: main
Choose a base branch
from
Open

added better validation and more validation tests #46277

edewit wants to merge 2 commits into from
+139 −0

Conversation

@edewit
Copy link
Contributor

@edewit edewit commented Feb 12, 2026

fixes: #46271
Signed-off-by: Erik Jan de Wit [email protected]

@edewit edewit requested review from a team as code owners February 12, 2026 09:22
mabartos
mabartos reviewed Feb 12, 2026
View reviewed changes
Copy link
Contributor

@mabartos mabartos left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

To fix compilation errors.

@mabartos
Use getClientsApiUrl() in tests
87815a0 
Signed-off-by: Martin Bartoš <[email protected]>
mabartos
mabartos requested changes Feb 12, 2026
View reviewed changes
Copy link
Contributor

@mabartos mabartos left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@edewit Thanks! Just added a few things

rest/admin-v2/api/src/main/java/org/keycloak/services/client/DefaultClientService.java
// Validate the fully populated model (createClientModel only validates the basic model)
ValidationUtil.validateClient(session, model, true, r -> {
session.getTransactionManager().setRollbackOnly();
throw new ServiceException(r.getAllErrorsAsString(), Response.Status.BAD_REQUEST);
Copy link
Contributor

@mabartos mabartos Feb 12, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

In the v1, we use localized errors, but I think it does not have to be here for now as we don't have propagated the Auth context in the service.

So, +1 to keep this instead of the localized messages for now.

rest/admin-v2/api/src/main/java/org/keycloak/services/client/DefaultClientService.java
mapper.toModel(client, model);

// Validate the fully populated model (createClientModel only validates the basic model)
ValidationUtil.validateClient(session, model, true, r -> {
Copy link
Contributor

@mabartos mabartos Feb 12, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

It is needed also for the update... See here: https://github.com/keycloak/keycloak/blob/main/services/src/main/java/org/keycloak/services/resources/admin/ClientResource.java#L162

Would it be possible to move this validation at the end of the method, where you set the third boolean param to mark if it's create or update op?

Copy link
Contributor Author

@edewit edewit Feb 13, 2026
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

but the code you show there is executed already form DefaultClientService

Copy link
Contributor

@mabartos mabartos Feb 13, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@edewit Ahh, sorry, you're right. So, please prepare the missing tests for the update. Thanks!

rest/admin-v2/tests/src/test/java/org/keycloak/tests/admin/client/v2/ClientApiV2Test.java
Copy link
Contributor

@mabartos mabartos Feb 12, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

As mentioned, we lack of the validation for the update. Thus, we're missing some test cases for update.

Bonus: It'd be good to abstract/generalize a little bit these test cases to avoid the duplication.

keycloak-github-bot[bot]
keycloak-github-bot bot reviewed Feb 12, 2026
View reviewed changes
Copy link

@keycloak-github-bot keycloak-github-bot bot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Unreported flaky test detected, please review

@keycloak-github-bot
Copy link

keycloak-github-bot bot commented Feb 12, 2026

Unreported flaky test detected

If the flaky tests below are affected by the changes, please review and update the changes accordingly. Otherwise, a maintainer should report the flaky tests prior to merging the PR.

org.keycloak.testsuite.forms.AuthenticatorSubflowsTest2#testSubflow2

Keycloak CI - Forms IT (chrome)

java.lang.AssertionError: Expected AppPage but was PushTheButton (https://localhost:8543/auth/realms/test/login-actions/authenticate?execution=5ec4eb5b-8042-47ec-be57-e5bbb9d8c38d&client_id=test-app&tab_id=Y7cFo_cMffQ&client_data=eyJydSI6Imh0dHBzOi8vbG9jYWxob3N0Ojg1NDMvYXV0aC9yZWFsbXMvbWFzdGVyL2FwcC9hdXRoIiwicnQiOiJjb2RlIn0)
	at org.junit.Assert.fail(Assert.java:89)
	at org.junit.Assert.assertTrue(Assert.java:42)
	at org.keycloak.testsuite.pages.AbstractPage.assertCurrent(AbstractPage.java:39)
	at java.base/jdk.internal.reflect.DirectMethodHandleAccessor.invoke(DirectMethodHandleAccessor.java:104)
...

Report flaky test

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@mabartos mabartos mabartos requested changes

@vmuzikar vmuzikar Awaiting requested review from vmuzikar

+1 more reviewer

@keycloak-github-bot keycloak-github-bot[bot] keycloak-github-bot[bot] left review comments

Reviewers whose approvals may not affect merge requirements

Requested changes must be addressed to merge this pull request.

Assignees

No one assigned

Labels

flaky-test team/cloud-native

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

Improve validation for v2 with the validation from v1

2 participants

@edewit @mabartos