Stuck on an issue?

Lightrun Answers was designed to reduce the constant googling that comes with debugging 3rd party libraries. It collects links to all the places you might be looking at while hunting down a tough bug.

And, if you’re still stuck at the end, we’re happy to hop on a call to see how we can help out.

v17/Quarkus Charset issue with LinkedIn IdP

See original GitHub issue

Describe the bug

I’m running LinkedIn IdP on Keycloak v17/Quarkus on a staging environment, and v16.1.1/WildFly on a production environment, with same configurations.

Everything is working fine on v16.1.1/WildFly, but on v17/Quarkus my first name which contains a é accent is not properly synched.

Version

v17.0.0/v17.0.1

Expected behavior

User data grabbed from LinkedIn response should be properly encoded.

Actual behavior

First name is wrong

linkedin-charset-issue

How to Reproduce?

Create a linkedin account with a special character like é in the first name.
Configure LinkedIn broker in Keycloak Quarkus v17.
Login with LinkedIn in Keycloak.
Check the created user in admin UI.
First name has invalid characters instead of the special one.

Anything else?

No response

Issue Analytics

State:
Created 2 years ago
Reactions:2
Comments:8 (7 by maintainers)

Top GitHub Comments

1reaction

wadahirocommented, May 2, 2022

I also encountered the same problem with Keycloak v18/Quarkus with Azure AD as the external IdP.

The problem is happening when the external IdP does not send the charset in the HTTP response. For example, in Azure AD, the response for the UserInfo endpoint is as follows, with no charset.

< HTTP/1.1 200 OK
< Transfer-Encoding: chunked
< Content-Type: application/json
< Strict-Transport-Security: max-age=31536000
< request-id: 428a75b9-5ace-4c04-81b4-47bb288aeee7
< client-request-id: 428a75b9-5ace-4c04-81b4-47bb288aeee7
< x-ms-ags-diagnostic: {"ServerInfo":{"DataCenter": "Japan East", "Slice": "E", "Ring": "5", "ScaleUnit": "001", "RoleInstance": "TYO1EPF000009AD"}}
< Date: Mon, 02 May 2022 08:18:16 GMT

If Charset is not present, Keycloak’s SimpleHttp class uses the JVM default encoding. This causes garbled characters in some environments. https://github.com/keycloak/keycloak/blob/52ca546cfaa8ffc655a92f54fc35a46eaa23507e/server-spi-private/src/main/java/org/keycloak/broker/provider/util/SimpleHttp.java#L348

As a workaround, we can set the JVM default encoding. Just give -Dfile.encoding=UTF-8 as a system property. When using the official container, the garbled characters were resolved in my case by starting the following command:

docker run -it --rm -p 8080:8080 \
  -e KEYCLOAK_ADMIN=admin \
  -e KEYCLOAK_ADMIN_PASSWORD=admin \
  -e "JAVA_OPTS_APPEND=-Dfile.encoding=UTF-8" \
  quay.io/keycloak/keycloak:18.0.0 start-dev

1reaction

PacoVKcommented, Mar 12, 2022

I can confirm this issue occurs on other federations as well like Active Directories.

Top Results From Across the Web

Keycloak 18.0.1 released

#10462 v17/Quarkus Charset issue with LinkedIn IdP keycloak dist/quarkus; #11186 Theme resources are not loaded correctlyusing quarking when ...

How to resolve UTF-8 Encoding issue in Jenkins - LinkedIn

To resolve the encoding issue we have to add the environment variable in system as shown below first.

Sreng Mao's Post - IDP synergy - LinkedIn Cambodia

Such an honour and privilege to lead our capable/internationally diverse teams in Cambodia to deliver world class services to our students, parents, ...

Hema Rathinam on LinkedIn: #bangladesh ...

Talent Acquisition Manager - IDP : Hiring for various positions in South India/Nepal/Bangladesh/Sri Lanka. 11mo Edited.

IDP Connect USA - LinkedIn

IDP Connect is the strategic partner of choice for institutions seeking access to engaged student communities. As part of IDP Education, the world...