Thanks to visit codestin.com
Credit goes to github.com

Skip to content

DefaultBruteForceProtector leverages a single thread to write success /failed events #28368

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
mposolda merged 1 commit into from
Apr 12, 2024
Merged

DefaultBruteForceProtector leverages a single thread to write success /failed events #28368

mposolda merged 1 commit into from
Apr 12, 2024

Conversation

@douglaspalmer
Copy link
Contributor

@douglaspalmer douglaspalmer commented Apr 2, 2024

Closes #14084

@mposolda mposolda self-assigned this Apr 2, 2024
@keycloak-github-bot keycloak-github-bot bot mentioned this pull request Apr 2, 2024
Closed
@douglaspalmer douglaspalmer force-pushed the 14084 branch 3 times, most recently from b9da037 to 1a13c04 Compare April 3, 2024 21:48
@mposolda mposolda requested a review from rmartinc April 5, 2024 05:38
@mposolda
Copy link
Contributor

mposolda commented Apr 5, 2024

@rmartinc Could you please review this PR?

@keycloak-github-bot keycloak-github-bot bot mentioned this pull request Apr 10, 2024
Closed
keycloak-github-bot[bot]
keycloak-github-bot bot reviewed Apr 10, 2024
View reviewed changes
Copy link

@keycloak-github-bot keycloak-github-bot bot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Unreported flaky test detected, please review

@keycloak-github-bot
Copy link

keycloak-github-bot bot commented Apr 10, 2024

Unreported flaky test detected

If the flaky tests below are affected by the changes, please review and update the changes accordingly. Otherwise, a maintainer should report the flaky tests prior to merging the PR.

org.keycloak.testsuite.organization.admin.OrganizationTest#testAttributes

Keycloak CI - Store IT (mariadb)

java.lang.AssertionError: expected:<[val11, val12]> but was:<[val12, val11]>
	at org.junit.Assert.fail(Assert.java:89)
	at org.junit.Assert.failNotEquals(Assert.java:835)
	at org.junit.Assert.assertEquals(Assert.java:120)
	at org.junit.Assert.assertEquals(Assert.java:146)
...

Report flaky test

org.keycloak.testsuite.organization.admin.OrganizationTest#testAttributes

Keycloak CI - Store IT (mssql)

java.lang.AssertionError: expected:<[val11, val12]> but was:<[val12, val11]>
	at org.junit.Assert.fail(Assert.java:89)
	at org.junit.Assert.failNotEquals(Assert.java:835)
	at org.junit.Assert.assertEquals(Assert.java:120)
	at org.junit.Assert.assertEquals(Assert.java:146)
...

java.lang.AssertionError: expected:<[val11, val12]> but was:<[val12, val11]>
	at org.junit.Assert.fail(Assert.java:89)
	at org.junit.Assert.failNotEquals(Assert.java:835)
	at org.junit.Assert.assertEquals(Assert.java:120)
	at org.junit.Assert.assertEquals(Assert.java:146)
...

Report flaky test

@douglaspalmer douglaspalmer force-pushed the 14084 branch 2 times, most recently from 561ecc4 to 7d2cdcc Compare April 10, 2024 23:20
@keycloak-github-bot keycloak-github-bot bot mentioned this pull request Apr 11, 2024
Closed
@keycloak-github-bot keycloak-github-bot bot mentioned this pull request Apr 11, 2024
Closed
keycloak-github-bot[bot]
keycloak-github-bot bot reviewed Apr 11, 2024
View reviewed changes
Copy link

@keycloak-github-bot keycloak-github-bot bot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Unreported flaky test detected, please review

@keycloak-github-bot
Copy link

keycloak-github-bot bot commented Apr 11, 2024

Unreported flaky test detected

If the flaky tests below are affected by the changes, please review and update the changes accordingly. Otherwise, a maintainer should report the flaky tests prior to merging the PR.

org.keycloak.testsuite.organization.admin.OrganizationTest#testAttributes

Keycloak CI - Store IT (mssql)

java.lang.AssertionError: expected:<[val11, val12]> but was:<[val12, val11]>
	at org.junit.Assert.fail(Assert.java:89)
	at org.junit.Assert.failNotEquals(Assert.java:835)
	at org.junit.Assert.assertEquals(Assert.java:120)
	at org.junit.Assert.assertEquals(Assert.java:146)
...

Report flaky test

org.keycloak.testsuite.organization.admin.OrganizationTest#testAttributes

Keycloak CI - Store IT (mysql)

java.lang.AssertionError: expected:<[val21, val22]> but was:<[val22, val21]>
	at org.junit.Assert.fail(Assert.java:89)
	at org.junit.Assert.failNotEquals(Assert.java:835)
	at org.junit.Assert.assertEquals(Assert.java:120)
	at org.junit.Assert.assertEquals(Assert.java:146)
...

Report flaky test

mposolda
mposolda reviewed Apr 11, 2024
View reviewed changes
Copy link
Contributor

@mposolda mposolda left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@douglaspalmer @rmartinc Agree that this version looks much simpler. Thanks for the update!

Added one comment inline.

keycloak-github-bot[bot]
keycloak-github-bot bot reviewed Apr 11, 2024
View reviewed changes
Copy link

@keycloak-github-bot keycloak-github-bot bot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Unreported flaky test detected, please review

@keycloak-github-bot
Copy link

keycloak-github-bot bot commented Apr 11, 2024

Unreported flaky test detected

If the flaky tests below are affected by the changes, please review and update the changes accordingly. Otherwise, a maintainer should report the flaky tests prior to merging the PR.

org.keycloak.testsuite.organization.admin.OrganizationTest#testAttributes

Keycloak CI - Store IT (mssql)

java.lang.AssertionError: expected:<[val11, val12]> but was:<[val12, val11]>
	at org.junit.Assert.fail(Assert.java:89)
	at org.junit.Assert.failNotEquals(Assert.java:835)
	at org.junit.Assert.assertEquals(Assert.java:120)
	at org.junit.Assert.assertEquals(Assert.java:146)
...

Report flaky test

org.keycloak.testsuite.organization.admin.OrganizationTest#testAttributes

Keycloak CI - Store IT (mysql)

java.lang.AssertionError: expected:<[val21, val22]> but was:<[val22, val21]>
	at org.junit.Assert.fail(Assert.java:89)
	at org.junit.Assert.failNotEquals(Assert.java:835)
	at org.junit.Assert.assertEquals(Assert.java:120)
	at org.junit.Assert.assertEquals(Assert.java:146)
...

Report flaky test

rmartinc
rmartinc suggested changes Apr 11, 2024
View reviewed changes
Copy link
Contributor

@rmartinc rmartinc left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thanks @douglaspalmer! Just a minor comment.

@keycloak-github-bot keycloak-github-bot bot mentioned this pull request Apr 11, 2024
Closed
@keycloak-github-bot
Copy link

keycloak-github-bot bot commented Apr 11, 2024

Unreported flaky test detected

If the flaky tests below are affected by the changes, please review and update the changes accordingly. Otherwise, a maintainer should report the flaky tests prior to merging the PR.

org.keycloak.testsuite.admin.IdentityProviderTest#testSamlImportWithAnyEncryptionMethod

Keycloak CI - Base IT (1)

java.lang.AssertionError: identityProviders instance count expected:<1> but was:<2>
	at org.junit.Assert.fail(Assert.java:89)
	at org.junit.Assert.failNotEquals(Assert.java:835)
	at org.junit.Assert.assertEquals(Assert.java:647)
	at org.keycloak.testsuite.admin.IdentityProviderTest.testSamlImport(IdentityProviderTest.java:761)
...

Report flaky test

org.keycloak.testsuite.admin.IdentityProviderTest#testSamlImportWithAnyEncryptionMethod

Keycloak CI - Store IT (mariadb)

java.lang.AssertionError: identityProviders instance count expected:<1> but was:<2>
	at org.junit.Assert.fail(Assert.java:89)
	at org.junit.Assert.failNotEquals(Assert.java:835)
	at org.junit.Assert.assertEquals(Assert.java:647)
	at org.keycloak.testsuite.admin.IdentityProviderTest.testSamlImport(IdentityProviderTest.java:761)
...

Report flaky test

org.keycloak.testsuite.admin.IdentityProviderTest#testSamlImportWithAnyEncryptionMethod

Keycloak CI - Store IT (mssql)

java.lang.AssertionError: identityProviders instance count expected:<1> but was:<2>
	at org.junit.Assert.fail(Assert.java:89)
	at org.junit.Assert.failNotEquals(Assert.java:835)
	at org.junit.Assert.assertEquals(Assert.java:647)
	at org.keycloak.testsuite.admin.IdentityProviderTest.testSamlImport(IdentityProviderTest.java:761)
...

Report flaky test

org.keycloak.testsuite.admin.IdentityProviderTest#testSamlImportWithAnyEncryptionMethod

Keycloak CI - Store IT (mysql)

java.lang.AssertionError: identityProviders instance count expected:<1> but was:<2>
	at org.junit.Assert.fail(Assert.java:89)
	at org.junit.Assert.failNotEquals(Assert.java:835)
	at org.junit.Assert.assertEquals(Assert.java:647)
	at org.keycloak.testsuite.admin.IdentityProviderTest.testSamlImport(IdentityProviderTest.java:761)
...

Report flaky test

org.keycloak.testsuite.admin.IdentityProviderTest#testSamlImportWithAnyEncryptionMethod

Keycloak CI - Store IT (oracle)

java.lang.AssertionError: identityProviders instance count expected:<1> but was:<2>
	at org.junit.Assert.fail(Assert.java:89)
	at org.junit.Assert.failNotEquals(Assert.java:835)
	at org.junit.Assert.assertEquals(Assert.java:647)
	at org.keycloak.testsuite.admin.IdentityProviderTest.testSamlImport(IdentityProviderTest.java:761)
...

Report flaky test

org.keycloak.testsuite.admin.IdentityProviderTest#testSamlImportWithAnyEncryptionMethod

Keycloak CI - Store IT (postgres)

java.lang.AssertionError: identityProviders instance count expected:<1> but was:<2>
	at org.junit.Assert.fail(Assert.java:89)
	at org.junit.Assert.failNotEquals(Assert.java:835)
	at org.junit.Assert.assertEquals(Assert.java:647)
	at org.keycloak.testsuite.admin.IdentityProviderTest.testSamlImport(IdentityProviderTest.java:761)
...

Report flaky test

keycloak-github-bot[bot]
keycloak-github-bot bot reviewed Apr 11, 2024
View reviewed changes
Copy link

@keycloak-github-bot keycloak-github-bot bot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Unreported flaky test detected, please review

@douglaspalmer douglaspalmer marked this pull request as ready for review April 11, 2024 20:32
@douglaspalmer douglaspalmer requested a review from a team as a code owner April 11, 2024 20:32
rmartinc
rmartinc approved these changes Apr 12, 2024
View reviewed changes
Copy link
Contributor

@rmartinc rmartinc left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thanks @douglaspalmer! Approving. I did a comment because there is a comment which I think it's outdated but it's a minor thing.

services/src/main/java/org/keycloak/services/managers/DefaultBruteForceProtector.java
Comment on lines +170 to +173
// wait a minimum of seconds for type to process so that a hacker
// cannot flood with failed logins and overwhelm the queue and not have notBefore updated to block next requests
// todo failure HTTP responses should be queued via async HTTP
//event.latch.await(5, TimeUnit.SECONDS);
Copy link
Contributor

@rmartinc rmartinc Apr 12, 2024

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Maybe we should delete these comments. My feeling this was important in the past because maybe the success/failure was executed in the same thread and not off-thread like it is now. But this is a minor thing. Approving anyway.

Copy link
Contributor

@mposolda mposolda Apr 12, 2024

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

+1, but yeah, likely does not worth to wait even more for this PR just because of it.

Maybe we can delete during some next PR, which need to do any changes in brute-force protector.

@mposolda mposolda merged commit 69ba928 into keycloak:main Apr 12, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@mposolda mposolda mposolda approved these changes

+2 more reviewers

@keycloak-github-bot keycloak-github-bot[bot] keycloak-github-bot[bot] left review comments

@rmartinc rmartinc rmartinc approved these changes

Reviewers whose approvals may not affect merge requirements

Assignees

@mposolda mposolda

Labels

flaky-test

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

DefaultBruteForceProtector leverages a single thread to write success/failed events

3 participants

@douglaspalmer @mposolda @rmartinc