-
Notifications
You must be signed in to change notification settings - Fork 6.4k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Support unmanaged attributes for service accounts and make sure they are only managed through the admin api #29571
Conversation
@@ -203,7 +203,7 @@ describe("User creation", () => { | |||
|
|||
cy.wait("@save-user").should(({ request, response }) => { | |||
expect(response?.statusCode).to.equal(204); | |||
expect(request.body.attributes, "response body").deep.equal({ | |||
expect(request.body.attributes, "response body").deep.contains({ |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Using equals
might end up in false negatives because you can have built-in/internal attributes returned as a user attribute.
I watched the video and this assertion was failing because the locale
attribute is also available in the attributes
map.
I'm not sure why it is failing for this specific PR though because the changes here are unrelated to this failure.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
No longer needed because the endpoint was moved to the User API.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
No longer needed because the endpoint was moved to the User API.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
No longer needed because the endpoint was moved to the User API.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
The LegacyAttributes
is only about representing attributes for service accounts. This renamed/new version makes simpler how such attributes are managed os that we don't need checks for service accounts in the DefaultAttributes
implementation. The latter is targeted to regular users.
…are only managed through the admin api Closes keycloak#29362 Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Unreported flaky test detected, please review
Unreported flaky test detectedIf the flaky tests below are affected by the changes, please review and update the changes accordingly. Otherwise, a maintainer should report the flaky tests prior to merging the PR. org.keycloak.testsuite.x509.X509BrowserCRLTest#loginFailedWithIntermediateRevocationListFromHttpKeycloak CI - FIPS IT (non-strict)
org.keycloak.testsuite.x509.X509BrowserCRLTest#loginFailedWithInvalidSignatureCRLKeycloak CI - FIPS IT (non-strict)
org.keycloak.testsuite.x509.X509BrowserCRLTest#loginWithMultipleRevocationListsKeycloak CI - FIPS IT (non-strict)
|
Closes #29362