Thanks to visit codestin.com
Credit goes to github.com

Skip to content

Only add the none verifier when attestation conveyance preference is none#43727

Merged
abstractj merged 1 commit intokeycloak:mainfrom
rmartinc:issue-43723
Oct 28, 2025
Merged

Only add the none verifier when attestation conveyance preference is none#43727
abstractj merged 1 commit intokeycloak:mainfrom
rmartinc:issue-43723

Conversation

@rmartinc
Copy link
Contributor

@rmartinc rmartinc commented Oct 27, 2025
edited
Loading

Closes #43723

The PR just assigns the none verifier if none is configured in the current policy (or default/empty). This way we avoid allowing none when the attestation conveyance is direct or indirect. A test is added that changes the policy when the registration page is already ready to be sent.

@rmartinc rmartinc requested review from a team as code owners October 27, 2025 09:53
keycloak-github-bot[bot]
keycloak-github-bot bot reviewed Oct 27, 2025
View reviewed changes
Copy link

@keycloak-github-bot keycloak-github-bot bot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Unreported flaky test detected, please review

@keycloak-github-bot
Copy link

keycloak-github-bot bot commented Oct 27, 2025

Unreported flaky test detected

If the flaky tests below are affected by the changes, please review and update the changes accordingly. Otherwise, a maintainer should report the flaky tests prior to merging the PR.

org.keycloak.testsuite.federation.ldap.LDAPProvidersIntegrationTest#updateLDAPUsernameTest

Keycloak CI - Base IT (5)

org.keycloak.testsuite.runonserver.RunOnServerException: java.lang.NullPointerException
	at org.keycloak.testsuite.client.KeycloakTestingClient$Server.fetchString(KeycloakTestingClient.java:185)
	at org.keycloak.testsuite.federation.ldap.LDAPProvidersIntegrationTest.updateLDAPUsernameTest(LDAPProvidersIntegrationTest.java:1656)
	at java.base/jdk.internal.reflect.DirectMethodHandleAccessor.invoke(DirectMethodHandleAccessor.java:103)
	at java.base/java.lang.reflect.Method.invoke(Method.java:580)
...

Report flaky test

@rmartinc rmartinc requested a review from tnorimat October 27, 2025 11:10
@rmartinc
Copy link
Contributor Author

rmartinc commented Oct 27, 2025

@tnorimat I have added you as reviewer. This is the PR for the WebAuthn issue we commented some days ago. Thanks!

@abstractj abstractj enabled auto-merge (rebase) October 27, 2025 12:35
@abstractj abstractj requested a review from graziang October 27, 2025 12:35
graziang
graziang approved these changes Oct 27, 2025
View reviewed changes
Copy link
Contributor

@graziang graziang left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@rmartinc thanks!

tnorimat
tnorimat approved these changes Oct 28, 2025
View reviewed changes
Copy link
Contributor

@tnorimat tnorimat left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@rmartinc Thank you.

ahus1
ahus1 approved these changes Oct 28, 2025
View reviewed changes
Copy link
Member

@ahus1 ahus1 left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Approving based on previous reviews.

@abstractj abstractj merged commit 1bd9a3f into keycloak:main Oct 28, 2025
79 checks passed
This was referenced Oct 28, 2025
Merged
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@ahus1 ahus1 ahus1 approved these changes

+3 more reviewers

@keycloak-github-bot keycloak-github-bot[bot] keycloak-github-bot[bot] left review comments

@graziang graziang graziang approved these changes

@tnorimat tnorimat tnorimat approved these changes

Reviewers whose approvals may not affect merge requirements

Assignees

No one assigned

Labels

flaky-test team/cloud-native team/core-clients team/core-iam

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

Only add the none verifier when attestation conveyance preference is none (or default)

5 participants

@rmartinc @ahus1 @graziang @tnorimat @abstractj