SAML Federation process reexecute when no all IDPs are added

CHANGELOG.md

@@ -10,6 +10,11 @@ Full Keycloak upstream jira issue can be shown if filtered by Fix version.
 
 Our Keycloak version is working well with PostgreSQL database. For using other SQL databases, text field in database need to be evaluated.
 
+## [Unreleased]
+
+### Changed
+- SAML Federation process reexecute when no all IDPs are added
+
 ## [22.0.11-1.9] - 2024-10-10
 
 ### Fixed

pom.xml

@@ -47,7 +47,7 @@
 
         <quarkus.version>3.2.12.Final</quarkus.version>
         <quarkus.build.version>3.2.12.Final</quarkus.build.version>
-        <eosc-kc.version>${project.version}-1.9</eosc-kc.version>
+        <eosc-kc.version>${project.version}-1.10rc1</eosc-kc.version>
 
         <project.build-time>${timestamp}</project.build-time>
 

services/src/main/java/org/keycloak/broker/saml/federation/SAMLFederationProvider.java

@@ -173,8 +173,9 @@ public void updateSamlEntities() {
 
 		List<EntityDescriptorType> entities = new ArrayList<EntityDescriptorType>();
 		Date validUntil = null;
+		InputStream inputStream = null;
 		try {
-			InputStream inputStream = session.getProvider(HttpClientProvider.class).get(model.getUrl());
+			inputStream = session.getProvider(HttpClientProvider.class).get(model.getUrl());
 			Object parsedObject = SAMLParser.getInstance().parse(inputStream);
 			EntitiesDescriptorType entitiesDescriptorType = (EntitiesDescriptorType) parsedObject;
 			if (entitiesDescriptorType.getValidUntil() != null ) {
@@ -184,10 +185,18 @@ public void updateSamlEntities() {
 	        entities = getEntityDescriptors(entitiesDescriptorType);
 		} catch (ParsingException | IOException e) {
 			e.printStackTrace();
+		} finally {
+			try {
+				if (inputStream != null)
+					inputStream.close();
+			}
+			catch (IOException e) {
+				logger.error("Cannot close InputStream");
+			}
 		}
 
 		if(entities.isEmpty())
-         {
+		{
             return;
         }
 
@@ -215,6 +224,7 @@ public void updateSamlEntities() {
 		logger.info("Start parsing the SAML federation (id): " + model.getAlias());
 		try {
 			Integer addIdPsBatchSize = realm.getAttribute(FEDERATION_INSERT_BATCH_SIZE, DEFAULT_BATCH_SIZE);
+			boolean reExecute = false;
 			for (EntityDescriptorType entity : entities) {
 
 				if (!parseEntity(entity)) {
@@ -261,6 +271,7 @@ public void updateSamlEntities() {
 								identityProviderModel = new SAMLIdentityProviderConfig(identityProviderModel);
 							} else {
 								if (addedIdps.size() > addIdPsBatchSize) {
+									reExecute = true;
 									//do not parse and add more than addIdPsBatchSize IdPs
 									continue;
 								}
@@ -364,6 +375,12 @@ public void updateSamlEntities() {
 
 			model.setLastMetadataRefreshTimestamp(new Date().getTime());
 			realm.taskExecutionFederation(model, addedIdps, updatedIdps, existingIdps);
+			if (reExecute) {
+				TimerProvider timer = session.getProvider(TimerProvider.class);
+				UpdateFederation updateFederation = new UpdateFederation(model.getInternalId(),realmId);
+				ClusterAwareScheduledTaskRunner taskRunner = new ClusterAwareScheduledTaskRunner(session.getKeycloakSessionFactory(), updateFederation,180 * 1000);
+				timer.scheduleOnce(taskRunner, 180 * 1000, "UpdateFederationPart" + Instant.now().toString());
+			}
 
 			logger.info("Finished updating IdPs of federation (id): " + model.getInternalId());
 		} catch (Exception e) {