Here’s the job [0] I’m using to deploy [1] CRW via a custom resource [2].
Once it’s up [3] and running [4], I can register a new user [5] and then go to that new user’s profile page [6].
When I click Federated Identities [7] and try to add [8] my user to the openshift v4 instance, I get this failure.
�[0m�[0m18:44:04,841 INFO [org.wildfly.extension.undertow] (ServerService Thread Pool -- 58) WFLYUT0021: Registered web context: '/auth' for server 'default-server'
�[0m�[0m18:44:04,867 INFO [org.jboss.as.server] (ServerService Thread Pool -- 32) WFLYSRV0010: Deployed "openshift4-extension-6.0.1.jar" (runtime-name : "openshift4-extension-6.0.1.jar")
�[0m�[0m18:44:04,874 INFO [org.jboss.as.server] (ServerService Thread Pool -- 53) WFLYSRV0010: Deployed "keycloak-server.war" (runtime-name : "keycloak-server.war")
�[0m�[0m18:44:05,130 INFO [org.jboss.as.server] (Controller Boot Thread) WFLYSRV0212: Resuming server
�[0m�[0m18:44:05,133 INFO [org.jboss.as] (Controller Boot Thread) WFLYSRV0060: Http management interface listening on http://127.0.0.1:9990/management
�[0m�[0m18:44:05,134 INFO [org.jboss.as] (Controller Boot Thread) WFLYSRV0054: Admin console is not enabled
�[0m�[0m18:44:05,137 INFO [org.jboss.as] (Controller Boot Thread) WFLYSRV0025: Red Hat Single Sign-On 7.3.2.GA (WildFly Core 6.0.14.Final-redhat-00001) started in 29815ms - Started 712 of 1016 services (696 services are lazy, passive or on-demand)
�[0m�[33m18:46:41,018 WARN [org.keycloak.events] (default task-3) type=IDENTITY_PROVIDER_LOGIN_ERROR, realmId=8ad2a3f9-0f33-49e0-88fd-7fb082953938, clientId=codeready-public, userId=null, ipAddress=142.59.171.119, error=unexpectedErrorHandlingRequestMessage, identity_provider=openshift-v4, code_id=10db15cf-b6f2-472b-91f3-4accc28fac1f
�[0m�[31m18:46:41,018 ERROR [org.keycloak.services.resources.IdentityBrokerService] (default task-3) unexpectedErrorHandlingRequestMessage
�[0m�[33m18:46:47,320 WARN [org.keycloak.events] (default task-3) type=LOGIN_ERROR, realmId=8ad2a3f9-0f33-49e0-88fd-7fb082953938, clientId=codeready-public, userId=null, ipAddress=142.59.171.119, error=user_not_found, auth_method=openid-connect, auth_type=code, redirect_uri=http://codeready-jda36ad9c1226e96b6d5328a5eeef8bf5-44b.apps.crw.codereadyqe.com/dashboard/, code_id=10db15cf-b6f2-472b-91f3-4accc28fac1f, username=developer
�[0m�[33m18:48:15,516 WARN [org.keycloak.events] (default task-2) type=CLIENT_INITIATED_ACCOUNT_LINKING_ERROR, realmId=8ad2a3f9-0f33-49e0-88fd-7fb082953938, clientId=account, userId=4ff2fc2e-4506-448b-9858-737042661f80, ipAddress=142.59.171.119, error=unexpectedErrorHandlingRequestMessage, identity_provider=openshift-v4, redirect_uri=http://keycloak-jda36ad9c1226e96b6d5328a5eeef8bf5-44b.apps.crw.codereadyqe.com/auth/realms/codeready/account/identity, code_id=10db15cf-b6f2-472b-91f3-4accc28fac1f, username=nickboldt
�[0m�[31m18:48:15,516 ERROR [org.keycloak.services.resources.IdentityBrokerService] (default task-2) unexpectedErrorHandlingRequestMessage: java.lang.RuntimeException: org.apache.http.client.ClientProtocolException
at org.keycloak.social.openshift.OpenshiftV4IdentityProvider.getAuthJson(OpenshiftV4IdentityProvider.java:54)
at org.keycloak.social.openshift.OpenshiftV4IdentityProvider.<init>(OpenshiftV4IdentityProvider.java:63)
at org.keycloak.social.openshift.OpenshiftV4IdentityProviderFactory.create(OpenshiftV4IdentityProviderFactory.java:20)
at org.keycloak.social.openshift.OpenshiftV4IdentityProviderFactory.create(OpenshiftV4IdentityProviderFactory.java:8)
at org.keycloak.services.resources.IdentityBrokerService.getIdentityProvider(IdentityBrokerService.java:1180)
at org.keycloak.services.resources.IdentityBrokerService.clientInitiatedAccountLinking(IdentityBrokerService.java:325)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
at java.lang.reflect.Method.invoke(Method.java:498)
at org.jboss.resteasy.core.MethodInjectorImpl.invoke(MethodInjectorImpl.java:140)
at org.jboss.resteasy.core.ResourceMethodInvoker.internalInvokeOnTarget(ResourceMethodInvoker.java:509)
at org.jboss.resteasy.core.ResourceMethodInvoker.invokeOnTargetAfterFilter(ResourceMethodInvoker.java:399)
at org.jboss.resteasy.core.ResourceMethodInvoker.lambda$invokeOnTarget$0(ResourceMethodInvoker.java:363)
at org.jboss.resteasy.core.interception.PreMatchContainerRequestContext.filter(PreMatchContainerRequestContext.java:358)
at org.jboss.resteasy.core.ResourceMethodInvoker.invokeOnTarget(ResourceMethodInvoker.java:365)
at org.jboss.resteasy.core.ResourceMethodInvoker.invoke(ResourceMethodInvoker.java:337)
at org.jboss.resteasy.core.ResourceLocatorInvoker.invokeOnTargetObject(ResourceLocatorInvoker.java:137)
at org.jboss.resteasy.core.ResourceLocatorInvoker.invoke(ResourceLocatorInvoker.java:100)
at org.jboss.resteasy.core.SynchronousDispatcher.invoke(SynchronousDispatcher.java:443)
at org.jboss.resteasy.core.SynchronousDispatcher.lambda$invoke$4(SynchronousDispatcher.java:233)
at org.jboss.resteasy.core.SynchronousDispatcher.lambda$preprocess$0(SynchronousDispatcher.java:139)
at org.jboss.resteasy.core.interception.PreMatchContainerRequestContext.filter(PreMatchContainerRequestContext.java:358)
at org.jboss.resteasy.core.SynchronousDispatcher.preprocess(SynchronousDispatcher.java:142)
at org.jboss.resteasy.core.SynchronousDispatcher.invoke(SynchronousDispatcher.java:219)
at org.jboss.resteasy.plugins.server.servlet.ServletContainerDispatcher.service(ServletContainerDispatcher.java:227)
at org.jboss.resteasy.plugins.server.servlet.HttpServletDispatcher.service(HttpServletDispatcher.java:56)
at org.jboss.resteasy.plugins.server.servlet.HttpServletDispatcher.service(HttpServletDispatcher.java:51)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:791)
at io.undertow.servlet.handlers.ServletHandler.handleRequest(ServletHandler.java:74)
at io.undertow.servlet.handlers.FilterHandler$FilterChainImpl.doFilter(FilterHandler.java:129)
at org.keycloak.services.filters.KeycloakSessionServletFilter.doFilter(KeycloakSessionServletFilter.java:90)
at io.undertow.servlet.core.ManagedFilter.doFilter(ManagedFilter.java:61)
at io.undertow.servlet.handlers.FilterHandler$FilterChainImpl.doFilter(FilterHandler.java:131)
at io.undertow.servlet.handlers.FilterHandler.handleRequest(FilterHandler.java:84)
at io.undertow.servlet.handlers.security.ServletSecurityRoleHandler.handleRequest(ServletSecurityRoleHandler.java:62)
at io.undertow.servlet.handlers.ServletChain$1.handleRequest(ServletChain.java:68)
at io.undertow.servlet.handlers.ServletDispatchingHandler.handleRequest(ServletDispatchingHandler.java:36)
at org.wildfly.extension.undertow.security.SecurityContextAssociationHandler.handleRequest(SecurityContextAssociationHandler.java:78)
at io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43)
at io.undertow.servlet.handlers.security.SSLInformationAssociationHandler.handleRequest(SSLInformationAssociationHandler.java:132)
at io.undertow.servlet.handlers.security.ServletAuthenticationCallHandler.handleRequest(ServletAuthenticationCallHandler.java:57)
at io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43)
at io.undertow.security.handlers.AbstractConfidentialityHandler.handleRequest(AbstractConfidentialityHandler.java:46)
at io.undertow.servlet.handlers.security.ServletConfidentialityConstraintHandler.handleRequest(ServletConfidentialityConstraintHandler.java:64)
at io.undertow.security.handlers.AuthenticationMechanismsHandler.handleRequest(AuthenticationMechanismsHandler.java:60)
at io.undertow.servlet.handlers.security.CachedAuthenticatedSessionHandler.handleRequest(CachedAuthenticatedSessionHandler.java:77)
at io.undertow.security.handlers.NotificationReceiverHandler.handleRequest(NotificationReceiverHandler.java:50)
at io.undertow.security.handlers.AbstractSecurityContextAssociationHandler.handleRequest(AbstractSecurityContextAssociationHandler.java:43)
at io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43)
at org.wildfly.extension.undertow.security.jacc.JACCContextIdHandler.handleRequest(JACCContextIdHandler.java:61)
at io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43)
at org.wildfly.extension.undertow.deployment.GlobalRequestControllerHandler.handleRequest(GlobalRequestControllerHandler.java:68)
at io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43)
at io.undertow.servlet.handlers.ServletInitialHandler.handleFirstRequest(ServletInitialHandler.java:292)
at io.undertow.servlet.handlers.ServletInitialHandler.access$100(ServletInitialHandler.java:81)
at io.undertow.servlet.handlers.ServletInitialHandler$2.call(ServletInitialHandler.java:138)
at io.undertow.servlet.handlers.ServletInitialHandler$2.call(ServletInitialHandler.java:135)
at io.undertow.servlet.core.ServletRequestContextThreadSetupAction$1.call(ServletRequestContextThreadSetupAction.java:48)
at io.undertow.servlet.core.ContextClassLoaderSetupAction$1.call(ContextClassLoaderSetupAction.java:43)
at org.wildfly.extension.undertow.security.SecurityContextThreadSetupAction.lambda$create$0(SecurityContextThreadSetupAction.java:105)
at org.wildfly.extension.undertow.deployment.UndertowDeploymentInfoService$UndertowThreadSetupAction.lambda$create$0(UndertowDeploymentInfoService.java:1504)
at org.wildfly.extension.undertow.deployment.UndertowDeploymentInfoService$UndertowThreadSetupAction.lambda$create$0(UndertowDeploymentInfoService.java:1504)
at org.wildfly.extension.undertow.deployment.UndertowDeploymentInfoService$UndertowThreadSetupAction.lambda$create$0(UndertowDeploymentInfoService.java:1504)
at org.wildfly.extension.undertow.deployment.UndertowDeploymentInfoService$UndertowThreadSetupAction.lambda$create$0(UndertowDeploymentInfoService.java:1504)
at io.undertow.servlet.handlers.ServletInitialHandler.dispatchRequest(ServletInitialHandler.java:272)
at io.undertow.servlet.handlers.ServletInitialHandler.access$000(ServletInitialHandler.java:81)
at io.undertow.servlet.handlers.ServletInitialHandler$1.handleRequest(ServletInitialHandler.java:104)
at io.undertow.server.Connectors.executeRootHandler(Connectors.java:364)
at io.undertow.server.HttpServerExchange$1.run(HttpServerExchange.java:830)
at org.jboss.threads.ContextClassLoaderSavingRunnable.run(ContextClassLoaderSavingRunnable.java:35)
at org.jboss.threads.EnhancedQueueExecutor.safeRun(EnhancedQueueExecutor.java:1985)
at org.jboss.threads.EnhancedQueueExecutor$ThreadBody.doRunTask(EnhancedQueueExecutor.java:1487)
at org.jboss.threads.EnhancedQueueExecutor$ThreadBody.run(EnhancedQueueExecutor.java:1378)
at java.lang.Thread.run(Thread.java:748)
Caused by: org.apache.http.client.ClientProtocolException
at org.apache.http.impl.client.InternalHttpClient.doExecute(InternalHttpClient.java:186)
at org.apache.http.impl.client.CloseableHttpClient.execute(CloseableHttpClient.java:82)
at org.apache.http.impl.client.CloseableHttpClient.execute(CloseableHttpClient.java:107)
at org.apache.http.impl.client.CloseableHttpClient.execute(CloseableHttpClient.java:55)
at org.keycloak.social.openshift.OpenshiftV4IdentityProvider.getAuthJson(OpenshiftV4IdentityProvider.java:44)
... 74 more
Caused by: org.apache.http.ProtocolException: Target host is not specified
at org.apache.http.impl.conn.DefaultRoutePlanner.determineRoute(DefaultRoutePlanner.java:70)
at org.apache.http.impl.client.InternalHttpClient.determineRoute(InternalHttpClient.java:124)
at org.apache.http.impl.client.InternalHttpClient.doExecute(InternalHttpClient.java:183)
... 78 more
(as seen in the pod console log at https://console-openshift-console.apps.crw.codereadyqe.com/k8s/ns/jda36ad9c1226e96b6d5328a5eeef8bf5-44b/pods/keycloak-f845855f4-v7x4q/logs )
Now @dfestal had suggested that I need to do this:
But that does not seem to have worked as a subsequent step to deploying CRW. I suppose I can next try to perform these steps BEFORE deploying the CRW pods...