LDAP: Show error message when groups synchronization fails

closes: #28436
Signed-off-by: Stijn Last <stijn.last@barco.com>
This commit is contained in:
Stijn Last 2024-03-29 18:00:29 +01:00 committed by Pedro Igor
parent 3a1bca6517
commit e9498079e0
2 changed files with 18 additions and 2 deletions

View file

@ -32,6 +32,7 @@ import org.keycloak.storage.ldap.LDAPConfig;
import org.keycloak.representations.idm.LDAPCapabilityRepresentation;
import org.keycloak.storage.ldap.idm.store.ldap.LDAPContextManager;
import org.keycloak.storage.ldap.idm.store.ldap.LDAPIdentityStore;
import org.keycloak.storage.ldap.mappers.membership.group.GroupTreeResolver;
import org.keycloak.utils.StringUtil;
/**
@ -114,6 +115,11 @@ public class LDAPServerCapabilitiesManager {
errorMsg = "ServiceUnavailable";
if (throwable instanceof InvalidBindDNException)
errorMsg = "InvalidBindDN";
if (throwable instanceof javax.naming.NameNotFoundException)
errorMsg = "NameNotFound";
if (throwable instanceof GroupTreeResolver.GroupTreeResolveException) {
errorMsg = "GroupsMultipleParents";
}
if (throwable instanceof javax.naming.NamingException) {
Throwable rootCause = ((javax.naming.NamingException)throwable).getRootCause();

View file

@ -252,9 +252,19 @@ public class UserStorageProviderResource {
SynchronizationResult syncResult;
if ("fedToKeycloak".equals(direction)) {
syncResult = mapper.syncDataFromFederationProviderToKeycloak(realm);
try {
syncResult = mapper.syncDataFromFederationProviderToKeycloak(realm);
} catch(Exception e) {
String errorMsg = getErrorCode(e);
throw ErrorResponse.error(errorMsg, Response.Status.BAD_REQUEST);
}
} else if ("keycloakToFed".equals(direction)) {
syncResult = mapper.syncDataFromKeycloakToFederationProvider(realm);
try {
syncResult = mapper.syncDataFromKeycloakToFederationProvider(realm);
} catch(Exception e) {
String errorMsg = getErrorCode(e);
throw ErrorResponse.error(errorMsg, Response.Status.BAD_REQUEST);
}
} else {
throw new BadRequestException("Unknown direction: " + direction);
}