I am trying to implement a User Storage Provider. Most of it is already implemented, and when I add it in the admin console UI, I can see the users in the list. I deactivated OTP and now I can log-in with my users. The problem is the next one:
When I enter the second time in my SP, it fails to do it. I think I am having a problem related to client scopes and that KeyCloak cannot use or access the mappers in those client scopes, leading to the login error in the Service Provider.
I cannot access them (the client Scopes) when I add my external SPI, which I don’t know how it interacts with client scopes. When I enter, I receive this error in my Admin Console UI (1) / KeyCloak’s Docker container log (2):
(1)
2023-02-08 11:47:11 ---------------------
2023-02-08 11:47:11 org.keycloak.models.cache.infinispan.RealmCacheSession@1302ca2
2023-02-08 11:47:11 2023-02-08 10:47:11,413 ERROR [org.keycloak.services.error.KeycloakErrorHandler] (executor-thread-35) Uncaught server error: com.fasterxml.jackson.databind.JsonMappingException: [no message for java.lang.NullPointerException]
2023-02-08 11:47:11 at com.fasterxml.jackson.databind.ser.DefaultSerializerProvider._wrapAsIOE(DefaultSerializerProvider.java:509)
2023-02-08 11:47:11 at com.fasterxml.jackson.databind.ser.DefaultSerializerProvider._serialize(DefaultSerializerProvider.java:482)
2023-02-08 11:47:11 at com.fasterxml.jackson.databind.ser.DefaultSerializerProvider.serializeValue(DefaultSerializerProvider.java:400)
2023-02-08 11:47:11 at com.fasterxml.jackson.databind.ObjectWriter$Prefetch.serialize(ObjectWriter.java:1514)
2023-02-08 11:47:11 at com.fasterxml.jackson.databind.ObjectWriter.writeValue(ObjectWriter.java:1007)
[...]
Caused by: java.lang.NullPointerException
2023-02-08 11:42:39 at org.keycloak.models.utils.ModelToRepresentation.toRepresentation(ModelToRepresentation.java:263)
2023-02-08 11:42:39 at org.keycloak.services.resources.admin.UsersResource.lambda$toRepresentation$2(UsersResource.java:459)
2023-02-08 11:42:39 at java.base/java.util.stream.ReferencePipeline$3$1.accept(ReferencePipeline.java:195)
2023-02-08 11:42:39 at java.base/java.util.stream.ReferencePipeline$2$1.accept(ReferencePipeline.java:177)
2023-02-08 11:42:39 at java.base/java.util.stream.ReferencePipeline$2$1.accept(ReferencePipeline.java:177)
2023-02-08 11:42:39 at java.base/java.util.stream.ReferencePipeline$3$1.accept(ReferencePipeline.java:195)
[...]
(2)
From what I can gather, the line 263 of ModelToRepresentation.java is in the toRepresentation() method of the class UserRepresentation, being the line the following:
rep.setTotp(user.credentialManager().isConfiguredFor(OTPCredentialModel.TYPE));
Also, some extra information:
KeyCloak's version: 20.0.3
Java JDK version: 11
Can someone lend me a hand? I am kind of lost here… Thanks a lot in advance guys, you have been really helpful these last days.