UpdatePolicy unknown_error

[mstrYoda]

Describe the bug
When I use the UpdatePolicy method, I got unknown_error. But when I change the url with debugging, add the path "/role" at the end of the policy path Put(client.getAdminRealmURL(realm, "clients", clientID, "authz", "resource-server", "policy", *(policy.ID))) I successfully updated the Policy.

When I check from the keycloak UI network, I see that keycloak sends update requests with policy type path. What I mean keycloak adds /role or /group at the end of the path. Gocloak does not include those paths.

To Reproduce
Send an update request for any policy.

Expected behavior
Update policy successfully.

Screenshots
Here is my code:

func (k Keycloak) DeleteRoleFromPolicy() {
	policies, err := k.client.GetPolicies(context.Background(), k.clientAdminJWTAccessToken ,k.realm,k.clientUID, gocloak.GetPolicyParams{
		Type: gocloak.StringP("role"),
		Name: gocloak.StringP("test-policy"),
	})
	if err != nil {
		fmt.Println(err)
	}
	policy := policies[0]

	for i, r := range *policy.Roles {
		role, _ := k.client.GetClientRoleByID(context.Background(), k.clientAdminJWTAccessToken, k.realm, *r.ID)
		if *role.Name == "test-role" {
			new := append((*policy.Roles)[:i], (*policy.Roles)[i+1:]...)
			policy.Roles = &new
			break
		}
	}

	err = k.client.UpdatePolicy(context.Background(), k.clientAdminJWTAccessToken, k.realm, k.clientUID, *policy)
	if err != nil {
		fmt.Println(err)
	}
}

[dheeraj-326]

@Nerzal Is anyone else working on this that you are aware of?

[Nerzal]

Hi, nope

[mstrYoda]

Well, I can fix it if you okay with this?

[dheeraj-326]

@mstrYoda I would like to get started but not sure if I will be able to get to this soon because of work. I can pick the other "good first issue" if you are about to work on this.

[mstrYoda]

@mstrYoda I would like to get started but not sure if I will be able to get to this soon because of work. I can pick the other "good first issue" if you are about to work on this.

If you would like to, you can contribute/collaborate on my PR, if you are not available soon, I can create a PR today or tomorrow.

[dheeraj-326]

@mstrYoda I would like to get started but not sure if I will be able to get to this soon because of work. I can pick the other "good first issue" if you are about to work on this.

If you would like to, you can contribute/collaborate on my PR, if you are not available soon, I can create a PR today or tomorrow.

Please go ahead. I might not make it today.

[dheeraj-326]

@mstrYoda If you haven't started this yet, I would like to do this as my first issue.

[mstrYoda]

@mstrYoda If you haven't started this yet, I would like to do this as my first issue.

Hi, of course, you can implement it 🙏

[dheeraj-326]

@mstrYoda If you haven't started this yet, I would like to do this as my first issue.

Hi, of course, you can implement it 🙏

Thank you. I don't have a fix yet but will start understanding the issue once I do my dev setup for gocloak.

[dheeraj-326]

@Nerzal I think this is already fixed in #310.

@mstrYoda Can you please check if you are able to replicate the issue in the latest version? The UpdatePolicy tests are passing when I checked (ran all tests and all passed).

[mstrYoda]

@Nerzal I think this is already fixed in #310.

@mstrYoda Can you please check if you are able to replicate the issue in the latest version? The UpdatePolicy tests are passing when I checked (ran all tests and all passed).

Yeap, seems like that 👍

[osamaadam]

Hello just ran into this problem today for different reasons: On Keycloak 24.0, the /role segment is actually omitted so now I'm getting 500 when trying to get/create/update resources.

These routes work for me on 24.0:

GET /admin/realms/${REALM}/clients/${REALM_ID}/authz/resource-server/policy
POST /admin/realms/${REALM}/clients/${REALM_ID}/authz/resource-server/policy
PUT /admin/realms/${REALM}/clients/${REALM_ID}/authz/resource-server/policy

I don't know if there's a workaround to get the keycloak version and changing the URLs accordingly without adding too much complexity.

I'm on v13.9.0