Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

strconv.ParseBool: parsing "": invalid syntax when importing client_scopes / mapper #621

Closed
httpdigest opened this issue Oct 20, 2021 · 3 comments · Fixed by #622
Closed

strconv.ParseBool: parsing "": invalid syntax when importing client_scopes / mapper #621

httpdigest opened this issue Oct 20, 2021 · 3 comments · Fixed by #622
Labels
bug Something isn't working

Comments

@httpdigest
Copy link

httpdigest commented Oct 20, 2021
edited
Loading

When trying to execute:

terraform import keycloak_openid_user_client_role_protocol_mapper.roles_mapper ourrealmname/client-scope/f30e1301-a6ae-4a6a-b5f8-18f2df15bb7e/e9f61016-8e62-45cb-9af0-e41f15f3525a

in order to import an existing client scopes / mapper, I get the following error message:

keycloak_openid_user_client_role_protocol_mapper.roles_mapper: Importing from ID "ourrealmname/client-scope/f30e1301-a6ae-4a6a-b5f8-18f2df15bb7e/e9f61016-8e62-45cb-9af0-e41f15f3525a"...
keycloak_openid_user_client_role_protocol_mapper.roles_mapper: Import prepared!
  Prepared keycloak_openid_user_client_role_protocol_mapper for import
keycloak_openid_user_client_role_protocol_mapper.roles_mapper: Refreshing state... [id=e9f61016-8e62-45cb-9af0-e41f15f3525a]
╷
│ Error: strconv.ParseBool: parsing "": invalid syntax
│ 
│ 
╵

The Terraform resources to import (this is actually the default "realms" roles client scope and its mapper when creating a realm via Keycloak Web UI):

resource "keycloak_openid_client_scope" "roles_client_scope" {
  realm_id = keycloak_realm.ourrealmname.id
  name     = "roles"
  consent_screen_text    = "$${rolesScopeConsentText}"
  description            = "OpenID Connect scope for add user roles to the access token"
  include_in_token_scope = false
}

resource "keycloak_openid_user_client_role_protocol_mapper" "roles_mapper" {
  realm_id   = keycloak_realm.ourrealmname.id
  client_scope_id = keycloak_openid_client_scope.roles_client_scope.id
  name       = "realm roles"
  claim_name = "roles"
  multivalued = true
  client_role_prefix = ""
  add_to_id_token = false
  add_to_access_token = true
  add_to_userinfo = false
}

Versions used:

  • Keycloak: 15.0.2
  • Terraform: 1.0.9
  • (this) Keycloak Terraform Plugin: 3.5.1
@mrparkers mrparkers mentioned this issue Oct 20, 2021
Merged
@mrparkers
Copy link
Contributor

Thanks for the bug report.

This is happening because some of these protocol mapper attributes are quoted booleans (ex: "true"), and some of the default mappers created by Keycloak had an empty string for some of these values instead of "false". So the API was sending back empty strings, and we were handing those empty strings to strconv.ParseBool, which was giving you that particular error. I opened #622 to treat these empty strings as false.

@mrparkers
Copy link
Contributor

For a temporary workaround, you can go to this client scope mapper in the GUI, and find every switch that's currently set to "OFF". Toggle each of these to "ON", then "OFF" again, then click "Save". This won't functionally change anything in Keycloak, but it will cause the UI to send the correct "false" string to the API, which means the Terraform import should work.

@httpdigest
Copy link
Author

Thanks for the workaround, that did work and I could import the resource successfully!

@mrparkers mrparkers added the bug Something isn't working label Oct 20, 2021
@httpdigest httpdigest mentioned this issue Oct 21, 2021
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
bug Something isn't working
Projects
None yet
Milestone
No milestone
2 participants
@mrparkers @httpdigest