AuthzClient getPermissions() deserializes to List<LinkedHashSet> and not List<Permission> (previously #16520 ) #28236
Labels
area/authorization-services
Indicates an issue on Authorization area
help wanted
kind/bug
Categorizes a PR related to a bug
priority/normal
status/auto-bump
status/auto-expire
team/core-iam
Before reporting an issue
Area
authorization-services
Describe the bug
This bug as previously reported in #16520, but erroneously closed as fixed.
I've opened this issue because I did not get any feedback on my comments or PR in the closed issue.
Using the Java AuthzClient,
List<Permission> permissions = authorizationResource.getPermissions(authorizationRequest);
returns a
List<LinkedHashMap>
instead of aList<Permission>
The actual runtime type of the returned list differs from the documented compile time type.
This causes a runtime Exception as soon as you use the individual objects in the list, because they don't match the compiled type.
This behavior is documented by a preexisting test. Note inexplicably casting the returned object to a
Map
before using it.Permission
does not implement theMap
interface, the two types are completely incompatible. This code should not work:keycloak/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/authz/RegexPolicyTest.java
Line 293 in 343479d
I have an open PR on the old issue (#27813) that should fix this
Version
24.0
Regression
Expected behavior
The returned
List<Permission>
is ajava.util.List
containingPermission
objectsActual behavior
The returned list is a List contains
LinkedHashMap
objectsHow to Reproduce?
Will lead to exception because the type of
permissions.get(0)
is notPermission
and thus the method callgetResourceName
is not possibleAlternatively, applying this change to an existing test will also make it fail
Anything else?
No response
The text was updated successfully, but these errors were encountered: