Using ORCiD as an identity provider with keycloak (does everyone get the error: Numeric value (2225265999) out of range of int)
Using ORCiD as an identity provider with keycloak (does everyone get the error: Numeric value (2225265999) out of range of int)
我在 ubuntu 18 上安装了 keycloak 9.0.0,并已将 ORCiD 设置为身份提供者。
当用户尝试使用 ORCiD 登录时,他们会收到消息:We are sorry... Unexpected error when authenticating with identity provider
当我查看日志时,出现错误 Numeric value (2225265999) out of range of int。似乎“exp”作为一个大整数返回,但 keycloak 不接受它**。
日志如下(出于安全考虑,部分匿名)
Caused by: org.keycloak.jose.jws.JWSInputException: com.fasterxml.jackson.databind.JsonMappingException: Numeric value (2225265999) out of range of int
at [Source: (byte[])"{"at_hash":"c_ZGpdmc4SRhqu_HuKraMg","aud":"CLIENT-ID","sub":"0000-0000-0000-0000","auth_time":1594127478,"iss":"https:\/\/orcid.org","exp":2225265999,"given_name":"Name","iat":1594127480,"nonce":"xiYL_3IyrnkbPel78RtPgQ","family_name":"Lastname","jti":"25414b35-39a0-44c2-8333-d69378d878f9"}"; line: 1, column: 151] (through reference chain: org.keycloak.representations.JsonWebToken["exp"])
at org.keycloak.jose.jws.JWSInput.readJsonContent(JWSInput.java:104)
at org.keycloak.broker.oidc.OIDCIdentityProvider.validateToken(OIDCIdentityProvider.java:530)
... 75 more
Caused by: com.fasterxml.jackson.databind.JsonMappingException: Numeric value (2225265999) out of range of int
at [Source: (byte[])"{"at_hash":"c_ZGpdmc4SRhqu_HuKraMg","aud":"CLIENT-ID","sub":"0000-0000-0000-0000","auth_time":1594127478,"iss":"https:\/\/orcid.org","exp":2225265999,"given_name":"Name","iat":1594127480,"nonce":"xiYL_3IyrnkbPel78RtPgQ","family_name":"Lastname","jti":"25414b35-39a0-44c2-8333-d69378d878f9"}"; line: 1, column: 151] (through reference chain: org.keycloak.representations.JsonWebToken["exp"])
at com.fasterxml.jackson.databind.JsonMappingException.wrapWithPath(JsonMappingException.java:394)
at com.fasterxml.jackson.databind.JsonMappingException.wrapWithPath(JsonMappingException.java:353)
at com.fasterxml.jackson.databind.deser.BeanDeserializerBase.wrapAndThrow(BeanDeserializerBase.java:1711)
at com.fasterxml.jackson.databind.deser.BeanDeserializer.vanillaDeserialize(BeanDeserializer.java:290)
at com.fasterxml.jackson.databind.deser.BeanDeserializer.deserialize(BeanDeserializer.java:151)
at com.fasterxml.jackson.databind.ObjectMapper._readMapAndClose(ObjectMapper.java:4014)
at com.fasterxml.jackson.databind.ObjectMapper.readValue(ObjectMapper.java:3092)
at org.keycloak.util.JsonSerialization.readValue(JsonSerialization.java:71)
at org.keycloak.jose.jws.JWSInput.readJsonContent(JWSInput.java:102)
... 76 more
Caused by: com.fasterxml.jackson.core.JsonParseException: Numeric value (2225265999) out of range of int
at [Source: (byte[])"{"at_hash":"c_ZGpdmc4SRhqu_HuKraMg","aud":"CLIENT-ID","sub":"0000-0000-0000-0000","auth_time":1594127478,"iss":"https:\/\/orcid.org","exp":2225265999,"given_name":"Name","iat":1594127480,"nonce":"xiYL_3IyrnkbPel78RtPgQ","family_name":"Lastname","jti":"25414b35-39a0-44c2-8333-d69378d878f9"}"; line: 1, column: 161]
at com.fasterxml.jackson.core.JsonParser._constructError(JsonParser.java:1804)
at com.fasterxml.jackson.core.base.ParserMinimalBase._reportError(ParserMinimalBase.java:693)
at com.fasterxml.jackson.core.base.ParserBase.convertNumberToInt(ParserBase.java:886)
at com.fasterxml.jackson.core.base.ParserBase._parseIntValue(ParserBase.java:801)
at com.fasterxml.jackson.core.base.ParserBase.getIntValue(ParserBase.java:645)
at com.fasterxml.jackson.databind.deser.std.NumberDeserializers$IntegerDeserializer.deserialize(NumberDeserializers.java:472)
at com.fasterxml.jackson.databind.deser.std.NumberDeserializers$IntegerDeserializer.deserialize(NumberDeserializers.java:452)
at com.fasterxml.jackson.databind.deser.impl.FieldProperty.deserializeAndSet(FieldProperty.java:138)
at com.fasterxml.jackson.databind.deser.BeanDeserializer.vanillaDeserialize(BeanDeserializer.java:288)
... 81 more
** 我意识到这个问题类似于 ,但由于 ORCiD 是一个主要的身份提供者,我想知道是否有其他人成功地将它与 keycloak 一起使用,以及他们是如何设置的。
** 编辑 (2020-10-06):此问题已通过更新 ORCiD 代码得到解决。
目前正在 ORCID product roadmap 上解决这个问题。它正在积极开展工作,但没有关于何时会发生的时间表。您可以在 link.
处关注进度
上也有关于此的讨论帖
此信息是由 ORCiD 代表提供给我的。
** 编辑 (2020-10-06):此问题已通过更新 ORCiD 代码得到解决。
以防其他人来到这里 - 这个问题现在已经解决,ORCID 可以用作密钥斗篷身份提供者。
我在 ubuntu 18 上安装了 keycloak 9.0.0,并已将 ORCiD 设置为身份提供者。
当用户尝试使用 ORCiD 登录时,他们会收到消息:We are sorry... Unexpected error when authenticating with identity provider
当我查看日志时,出现错误 Numeric value (2225265999) out of range of int。似乎“exp”作为一个大整数返回,但 keycloak 不接受它**。
日志如下(出于安全考虑,部分匿名)
Caused by: org.keycloak.jose.jws.JWSInputException: com.fasterxml.jackson.databind.JsonMappingException: Numeric value (2225265999) out of range of int
at [Source: (byte[])"{"at_hash":"c_ZGpdmc4SRhqu_HuKraMg","aud":"CLIENT-ID","sub":"0000-0000-0000-0000","auth_time":1594127478,"iss":"https:\/\/orcid.org","exp":2225265999,"given_name":"Name","iat":1594127480,"nonce":"xiYL_3IyrnkbPel78RtPgQ","family_name":"Lastname","jti":"25414b35-39a0-44c2-8333-d69378d878f9"}"; line: 1, column: 151] (through reference chain: org.keycloak.representations.JsonWebToken["exp"])
at org.keycloak.jose.jws.JWSInput.readJsonContent(JWSInput.java:104)
at org.keycloak.broker.oidc.OIDCIdentityProvider.validateToken(OIDCIdentityProvider.java:530)
... 75 more
Caused by: com.fasterxml.jackson.databind.JsonMappingException: Numeric value (2225265999) out of range of int
at [Source: (byte[])"{"at_hash":"c_ZGpdmc4SRhqu_HuKraMg","aud":"CLIENT-ID","sub":"0000-0000-0000-0000","auth_time":1594127478,"iss":"https:\/\/orcid.org","exp":2225265999,"given_name":"Name","iat":1594127480,"nonce":"xiYL_3IyrnkbPel78RtPgQ","family_name":"Lastname","jti":"25414b35-39a0-44c2-8333-d69378d878f9"}"; line: 1, column: 151] (through reference chain: org.keycloak.representations.JsonWebToken["exp"])
at com.fasterxml.jackson.databind.JsonMappingException.wrapWithPath(JsonMappingException.java:394)
at com.fasterxml.jackson.databind.JsonMappingException.wrapWithPath(JsonMappingException.java:353)
at com.fasterxml.jackson.databind.deser.BeanDeserializerBase.wrapAndThrow(BeanDeserializerBase.java:1711)
at com.fasterxml.jackson.databind.deser.BeanDeserializer.vanillaDeserialize(BeanDeserializer.java:290)
at com.fasterxml.jackson.databind.deser.BeanDeserializer.deserialize(BeanDeserializer.java:151)
at com.fasterxml.jackson.databind.ObjectMapper._readMapAndClose(ObjectMapper.java:4014)
at com.fasterxml.jackson.databind.ObjectMapper.readValue(ObjectMapper.java:3092)
at org.keycloak.util.JsonSerialization.readValue(JsonSerialization.java:71)
at org.keycloak.jose.jws.JWSInput.readJsonContent(JWSInput.java:102)
... 76 more
Caused by: com.fasterxml.jackson.core.JsonParseException: Numeric value (2225265999) out of range of int
at [Source: (byte[])"{"at_hash":"c_ZGpdmc4SRhqu_HuKraMg","aud":"CLIENT-ID","sub":"0000-0000-0000-0000","auth_time":1594127478,"iss":"https:\/\/orcid.org","exp":2225265999,"given_name":"Name","iat":1594127480,"nonce":"xiYL_3IyrnkbPel78RtPgQ","family_name":"Lastname","jti":"25414b35-39a0-44c2-8333-d69378d878f9"}"; line: 1, column: 161]
at com.fasterxml.jackson.core.JsonParser._constructError(JsonParser.java:1804)
at com.fasterxml.jackson.core.base.ParserMinimalBase._reportError(ParserMinimalBase.java:693)
at com.fasterxml.jackson.core.base.ParserBase.convertNumberToInt(ParserBase.java:886)
at com.fasterxml.jackson.core.base.ParserBase._parseIntValue(ParserBase.java:801)
at com.fasterxml.jackson.core.base.ParserBase.getIntValue(ParserBase.java:645)
at com.fasterxml.jackson.databind.deser.std.NumberDeserializers$IntegerDeserializer.deserialize(NumberDeserializers.java:472)
at com.fasterxml.jackson.databind.deser.std.NumberDeserializers$IntegerDeserializer.deserialize(NumberDeserializers.java:452)
at com.fasterxml.jackson.databind.deser.impl.FieldProperty.deserializeAndSet(FieldProperty.java:138)
at com.fasterxml.jackson.databind.deser.BeanDeserializer.vanillaDeserialize(BeanDeserializer.java:288)
... 81 more
** 我意识到这个问题类似于
** 编辑 (2020-10-06):此问题已通过更新 ORCiD 代码得到解决。
目前正在 ORCID product roadmap 上解决这个问题。它正在积极开展工作,但没有关于何时会发生的时间表。您可以在 link.
处关注进度 上也有关于此的讨论帖此信息是由 ORCiD 代表提供给我的。
** 编辑 (2020-10-06):此问题已通过更新 ORCiD 代码得到解决。
以防其他人来到这里 - 这个问题现在已经解决,ORCID 可以用作密钥斗篷身份提供者。