Skip to content
This repository has been archived by the owner on Jan 10, 2025. It is now read-only.

Keycloak and User Synchronization #261

Open
alihdev opened this issue Jul 18, 2024 · 1 comment
Open

Keycloak and User Synchronization #261

alihdev opened this issue Jul 18, 2024 · 1 comment

Comments

@alihdev
Copy link
Contributor

alihdev commented Jul 18, 2024

In Keycloak, the user ID should be the same as the ID in the identity users table. The "sub" claim in the token should exist in users.

Currently, when creating users in EShopIdentityUserAppService, the ID will not be the same:

public override async Task<IdentityUserDto> CreateAsync(IdentityUserCreateDto input)

        var createdUser = await base.CreateAsync(input);
        await _backgroundJobManager.EnqueueAsync(new IdentityUserCreationArgs(input));

Each one will create a different ID.


When CreateUserLoggedInEto is executed:

var userLoggedInEto = CreateUserLoggedInEto(authContext.Principal, authContext.HttpContext);

and the event is published:

public virtual async Task HandleEventAsync(UserLoggedInEto eventData)

For the admin user, this process is fine as it will delete and re-create the admin user to match the ID.

However, for other users, it will attempt to re-create them with the same username but without roles. This can lead to validation issues when creating a new user with the same name.


We are trying to integrate an ABP project with Keycloak. The issue is with the first created user, "admin." We need to sync it with Keycloak in Data Seeder.

@alihdev
Copy link
Contributor Author

alihdev commented Jul 18, 2024

Also, there is an issue with updating the password (it will be updated only in the identity user) #262

Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Labels
None yet
Projects
None yet
Development

No branches or pull requests

1 participant