Social Login Tests unable to retrieve Federated Access Token from user session

[wojnarfilip]

Before reporting an issue

• I have read and understood the above terms for submitting issues, and I understand that my issue may be closed without action if I do not follow them.

Area

token-exchange

Describe the bug

Social login tests can not access Social Token from user session, due to token-exchange feature for IdentityProvider.FEDERATED_ACCESS_TOKEN not being enabled in user session.

Reference run with failures: https://master-jenkins.com/job/universal-test-pipeline-server/3343/testReport/org.keycloak.testsuite.broker/SocialLoginTest/

Version

23.0.1

Expected behavior

Social Login tests passing

Actual behavior

expected:<200> but was:<400>

2023-12-04 11:10:22,742 WARN  [org.keycloak.services] (executor-thread-9) KC-SERVICES0018: Client exchange-client doesn't have have authentication method configured. Fallback to null
2023-12-04 11:10:22,744 ERROR [org.keycloak.services.error.KeycloakErrorHandler] (executor-thread-9) Uncaught server error: jakarta.ws.rs.WebApplicationException: Feature not enabled
	at org.keycloak.utils.ProfileHelper.requireFeature(ProfileHelper.java:32)
	at org.keycloak.protocol.oidc.endpoints.TokenEndpoint.tokenExchange(TokenEndpoint.java:860)
	at org.keycloak.protocol.oidc.endpoints.TokenEndpoint.processGrantRequest(TokenEndpoint.java:215)
	at org.keycloak.protocol.oidc.endpoints.TokenEndpoint$quarkusrestinvoker$processGrantRequest_6408e15340992839b66447750c221d9aaa837bd7.invoke(Unknown Source)
	at org.jboss.resteasy.reactive.server.handlers.InvocationHandler.handle(InvocationHandler.java:29)
	at io.quarkus.resteasy.reactive.server.runtime.QuarkusResteasyReactiveRequestContext.invokeHandler(QuarkusResteasyReactiveRequestContext.java:141)
	at org.jboss.resteasy.reactive.common.core.AbstractResteasyReactiveContext.run(AbstractResteasyReactiveContext.java:145)
	at io.quarkus.vertx.core.runtime.VertxCoreRecorder$14.runWith(VertxCoreRecorder.java:576)
	at org.jboss.threads.EnhancedQueueExecutor$Task.run(EnhancedQueueExecutor.java:2513)
	at org.jboss.threads.EnhancedQueueExecutor$ThreadBody.run(EnhancedQueueExecutor.java:1538)
	at org.jboss.threads.DelegatingRunnable.run(DelegatingRunnable.java:29)
	at org.jboss.threads.ThreadLocalResettingRunnable.run(ThreadLocalResettingRunnable.java:29)
	at io.netty.util.concurrent.FastThreadLocalRunnable.run(FastThreadLocalRunnable.java:30)
	at java.base/java.lang.Thread.run(Thread.java:833)

How to Reproduce?

mvn clean install -f testsuite/integration-arquillian/pom.xml -Dtest=SocialLoginTest -Dsocial.config=/path/to/social.properties -Dbrowser=chrome

Anything else?

No response

[abstractj]

@wojnarfilip thanks for proposing those changes. I had the chance to speak with @douglaspalmer, and he is looking into it.

[wojnarfilip]

Okay, thank you @abstractj and @douglaspalmer

[ahus1]

@wojnarfilip / @douglaspalmer - if this should be backported to KC23 and KC22, please add the respective labels backport/23.0 and backport/22.0.