I am getting this error in the logs when running this python script to add a custom IDP mapper. Has anyone had this issue before? It’s an existing Keycloak configuration and I am trying use the API to make this modification.
Here’s the error:
Caused by: org.postgresql.util.PSQLException: ERROR: null value in column “idp_alias” of relation “identity_provider_mapper” violates not-null constraint
Detail: Failing row contains (ab315c7a-0217-405b-94f3-083fb5967ffc, example_mapper, null, oidc-usermodel-attribute-mapper, Scibite).
at org.postgresql.jdbc@42.2.5//org.postgresql.core.v3.QueryExecutorImpl.receiveErrorResponse(QueryExecutorImpl.java:2440)
at org.postgresql.jdbc@42.2.5//org.postgresql.core.v3.QueryExecutorImpl.processResults(QueryExecutorImpl.java:2183)
at org.postgresql.jdbc@42.2.5//org.postgresql.core.v3.QueryExecutorImpl.execute(QueryExecutorImpl.java:308)
at org.postgresql.jdbc@42.2.5//org.postgresql.jdbc.PgStatement.executeInternal(PgStatement.java:441)
at org.postgresql.jdbc@42.2.5//org.postgresql.jdbc.PgStatement.execute(PgStatement.java:365)
at org.postgresql.jdbc@42.2.5//org.postgresql.jdbc.PgPreparedStatement.executeWithFlags(PgPreparedStatement.java:143)
at org.postgresql.jdbc@42.2.5//org.postgresql.jdbc.PgPreparedStatement.executeUpdate(PgPreparedStatement.java:120)
at org.jboss.ironjacamar.jdbcadapters@1.5.3.Final//org.jboss.jca.adapters.jdbc.WrappedPreparedStatement.executeUpdate(WrappedPreparedStatement.java:537)
at org.hibernate@5.3.24.Final//org.hibernate.engine.jdbc.internal.ResultSetReturnImpl.executeUpdate(ResultSetReturnImpl.java:175)
Here’s the script:
import requests
import json
import boto3
# Set up variables for Keycloak server URL and admin credentials
keycloak_url = 'https://asdasdadasdads.com/auth'
username = 'admin'
client_id = 'admin-cli'
secret_name = 'nonprod-keycloak'
# Retrieve password from AWS Secrets Manager
secrets_manager = boto3.client('secretsmanager', region_name='eu-west-1')
try:
secret = secrets_manager.get_secret_value(SecretId=secret_name)
password = secret['SecretString']
except Exception as e:
print(f'Error retrieving secret: {e}')
exit(1)
# Authenticate with Keycloak server to obtain access token
token_url = f'{keycloak_url}/realms/master/protocol/openid-connect/token'
token_data = {
'grant_type': 'password',
'client_id': client_id,
'username': username,
'password': password
}
response = requests.post(token_url, data=token_data)
if response.status_code == 200:
access_token = response.json()['access_token']
else:
raise Exception(f'Failed to authenticate. Response status code: {response.status_code}')
# Set up variables for the mapper
realm_id = 'Scibite'
idp_alias = 'auth0'
mapper_name = 'example_mapper'
mapper_type = 'oidc-usermodel-attribute-mapper'
mapper_config = {
'id.token.claim': 'true',
'access.token.claim': 'true',
'userinfo.token.claim': 'true',
'claim.name': 'example_claim',
'jsonType.label': 'String'
}
# Create a custom identity provider mapper
mapper_url = f'{keycloak_url}/admin/realms/{realm_id}/identity-provider/instances/{idp_alias}/mappers'
mapper_data = {
'name': mapper_name,
'identityProviderMapper': mapper_type,
'config': mapper_config
}
headers = {'Authorization': f'Bearer {access_token}', 'Content-Type': 'application/json'}
response = requests.post(mapper_url, json=mapper_data, headers=headers)
if response.status_code == 201:
print('Mapper added successfully')
else:
raise Exception(f'Failed to add mapper. Response status code: {response.status_code}')