Thanks to visit codestin.com
Credit goes to github.com

Skip to content

ignores unknown json properties in dcr requests #43603

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
wants to merge 1 commit into
base: main
Choose a base branch
from
Open

ignores unknown json properties in dcr requests #43603

wants to merge 1 commit into from

Conversation

remcojansen
Copy link

Enables ignoring unknown JSON properties on OIDCClientRepresentation and adjusts / extends integration tests accordingly.

This is required to adhere to section 2 of RFC 7591 which documents that "the authorization server MUST ignore any client metadata sent by the client that it does not understand".

Closes #14946

@remcojansen
ignores unknown json properties in dcr requests
aea36e3 
Enables ignoring unknown JSON properties on OIDCClientRepresentation and adjusts / extends integration tests accordingly.

This is required to adhere to section 2 of RFC 7591 which documents that "the authorization server MUST ignore any client metadata sent by the client that it does not understand".

Closes keycloak#14946

Signed-off-by: Remco Jansen <[email protected]>
@remcojansen remcojansen requested review from a team as code owners October 20, 2025 12:58
@remcojansen remcojansen mentioned this pull request Oct 20, 2025
Closed
@mposolda mposolda self-assigned this Oct 22, 2025
mposolda
mposolda reviewed Oct 22, 2025
View reviewed changes
Copy link
Contributor

@mposolda mposolda left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@remcojansen Thanks for the PR. I've added one inline comment. Can you please check that?

core/src/main/java/org/keycloak/representations/oidc/OIDCClientRepresentation.java
* @author <a href="mailto:[email protected]">Stian Thorgersen</a>
*/
@JsonAutoDetect(fieldVisibility = JsonAutoDetect.Visibility.ANY, getterVisibility = JsonAutoDetect.Visibility.NONE, setterVisibility = JsonAutoDetect.Visibility.NONE)
@JsonIgnoreProperties(ignoreUnknown = true)
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Is it possible to instead introduce otherClaims map with @JsonAnyGetter and @JsonAnySetter where the unknown claims will be saved? It might be better, so that custom providers are able to parse unknown fields. WDYT?

See the class JsonWebToken for the inspiration.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@mposolda mposolda mposolda left review comments

At least 1 approving review is required to merge this pull request.

Assignees

@mposolda mposolda

Labels

team/cloud-native team/core-clients team/core-iam

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

Unrecognized JSON field causes DCR to fail

2 participants

@remcojansen @mposolda