Thanks to visit codestin.com
Credit goes to github.com

Skip to content

Avoid race condition when using initial-access-token #30698

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
mposolda merged 1 commit into from
Jul 12, 2024
Merged

Avoid race condition when using initial-access-token #30698

mposolda merged 1 commit into from
Jul 12, 2024

Conversation

@graziang
Copy link
Contributor

@graziang graziang commented Jun 24, 2024

Closes #27294

@graziang graziang requested review from a team as code owners June 24, 2024 13:42
This was referenced Jun 24, 2024
Closed
Closed
keycloak-github-bot[bot]
keycloak-github-bot bot reviewed Jun 24, 2024
View reviewed changes
Copy link

@keycloak-github-bot keycloak-github-bot bot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Unreported flaky test detected, please review

@keycloak-github-bot
Copy link

keycloak-github-bot bot commented Jun 24, 2024

Unreported flaky test detected

If the flaky tests below are affected by the changes, please review and update the changes accordingly. Otherwise, a maintainer should report the flaky tests prior to merging the PR.

org.keycloak.testsuite.model.session.SessionTimeoutsTest#testOnlineUserClientMaxLifespanSmallerThanSessionOverrideInClient

Keycloak CI - Store Model Tests

java.lang.AssertionError: expected null, but was:<org.keycloak.models.sessions.infinispan.UserSessionAdapter@f2b226ca>
	at org.junit.Assert.fail(Assert.java:89)
	at org.junit.Assert.failNotNull(Assert.java:756)
	at org.junit.Assert.assertNull(Assert.java:738)
	at org.junit.Assert.assertNull(Assert.java:748)
...

Report flaky test

rmartinc
rmartinc approved these changes Jul 2, 2024
View reviewed changes
Copy link
Contributor

@rmartinc rmartinc left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thanks @graziang! LGTM! I don't see the getClientInitialAccessModel is used a lot. If needed we can duplicate the method with different lock types like getAuthenticationFlowEntity is doing with the readForRemove parameter. But it needs a new method, so for the moment the PR is OK to me.

mposolda
mposolda approved these changes Jul 12, 2024
View reviewed changes
Copy link
Contributor

@mposolda mposolda left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@graziang @rmartinc @jonkoops Thanks for the fix and reviews!

+1 to @rmartinc comment regarding new method. Probably not needed for now.

@mposolda mposolda merged commit 1df6046 into keycloak:main Jul 12, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@mposolda mposolda mposolda approved these changes

+3 more reviewers

@keycloak-github-bot keycloak-github-bot[bot] keycloak-github-bot[bot] left review comments

@jonkoops jonkoops jonkoops approved these changes

@rmartinc rmartinc rmartinc approved these changes

Reviewers whose approvals may not affect merge requirements

Assignees

No one assigned

Labels

flaky-test team/cloud-native team/core-clients team/core-iam

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

Potential race condition via initial-access-token count limit bypass

4 participants

@graziang @jonkoops @mposolda @rmartinc