Skip to content

Navigation Menu

Sign in
Appearance settings

Search code, repositories, users, issues, pull requests...

Provide feedback

We read every piece of feedback, and take your input very seriously.

Saved searches

Use saved searches to filter your results more quickly
Appearance settings

Unable to create user with additional security attributes: Dangling Name #2063

New issue
Copy link
New issue
Copy link
Closed
Closed
Unable to create user with additional security attributes: Dangling Name#2063
Copy link
Labels
type:bugA broken experienceA broken experience
@cascer1

Description

@cascer1
cascer1
opened on Jun 26, 2024
Issue body actions

Describe the bug

I am trying to create a new user in Entra using the Graph API, and include some custom security attributes that I've defined earlier in the Azure portal.

My attribute set is called UserManagementAPI with attributes userType, userRoles, lastEnabledDate, and organizationIds. All attributes are of type string, plural names indicate that multiple values are allowed.

I suspect that there's a problem somewhere in the backing store for the CustomSecurityAttributeValue class.

Expected behavior

It should be possible to create users with custom security attributes

How to reproduce

First, create a user without custom security attributes to verify that this works. Then, try adding custom security attributes to the request and observe exceptions.

Code sample:

User newUser = new User();
newUser.setAccountEnabled(true);
newUser.setDisplayName("Test User");
// truncated extra fields for brevity

CustomSecurityAttributeValue attributeValue = new CustomSecurityAttributeValue();
HashMap<String, Object> additionalData = new HashMap<>();

JsonObject additionalUserProperties = new JsonObject();

additionalUserProperties.add("@odata.type", new JsonPrimitive("#Microsoft.DirectoryServices.CustomSecurityAttributeValue"));

// Set organization IDs
JsonArray organizationIds = new JsonArray();
organizationIds.add("123");
organizationIds.add("321");
additionalUserProperties.add("organizationIds", organizationIds);

// Set user type
additionalUserProperties.add("userType", new JsonPrimitive("basic"));

// Finalize custom attribute object
additionalData.put("UserManagementAPI", additionalUserProperties);
attributeValue.setAdditionalData(additionalData);

newUser.setCustomSecurityAttributes(attributeValue); // <-- Creating a user works until this line is uncommented

User createdUser = graphClient.users().post(requestUser); // <-- Exception is thrown here

SDK Version

6.13.0

Latest version known to work for scenario above?

No response

Known Workarounds

No response

Debug output

Click to expand log 
java.lang.IllegalStateException: Dangling name: UserManagementAPI
	at com.google.gson.stream.JsonWriter.close(JsonWriter.java:346)
	at com.google.gson.stream.JsonWriter.endObject(JsonWriter.java:321)
	at com.microsoft.kiota.serialization.JsonSerializationWriter.writeObjectValue(JsonSerializationWriter.java:316)
	at com.microsoft.graph.models.User.serialize(User.java:1215)
	at com.microsoft.kiota.serialization.JsonSerializationWriter.writeObjectValue(JsonSerializationWriter.java:301)
	at com.microsoft.kiota.RequestInformation.setContentFromParsable(RequestInformation.java:337)
	at com.microsoft.graph.users.UsersRequestBuilder.toPostRequestInformation(UsersRequestBuilder.java:190)
	at com.microsoft.graph.users.UsersRequestBuilder.post(UsersRequestBuilder.java:144)
	at com.microsoft.graph.users.UsersRequestBuilder.post(UsersRequestBuilder.java:131)
	at com.example.user.management.api.comm.graphapi.GraphApiCommunicatorImpl.createUser(GraphApiCommunicatorImpl.java:85)
	at com.example.user.management.api.comm.graphapi.GraphApiCommunicatorImpl_ClientProxy.createUser(Unknown Source)
	at com.example.user.management.api.logic.UserFacade.createEntraUser(UserFacade.java:64)
	at com.example.user.management.api.logic.UserFacade.createOrganizationUser(UserFacade.java:50)
	at com.example.user.management.api.logic.UserFacade.createUser(UserFacade.java:44)
	at com.example.user.management.api.logic.UserFacade_Subclass.createUser$$superforward(Unknown Source)
	at com.example.user.management.api.logic.UserFacade_Subclass$$function$$36.apply(Unknown Source)
	at io.quarkus.arc.impl.AroundInvokeInvocationContext.proceed(AroundInvokeInvocationContext.java:73)
	at io.quarkus.arc.impl.AroundInvokeInvocationContext.proceed(AroundInvokeInvocationContext.java:62)
	at com.example.user.management.api.security.propertybased.PropertyBasedPolicyInterceptor.enforcePolicy(PropertyBasedPolicyInterceptor.java:34)
	at com.example.user.management.api.security.propertybased.PropertyBasedPolicyInterceptor_Bean.intercept(Unknown Source)
	at io.quarkus.arc.impl.InterceptorInvocation.invoke(InterceptorInvocation.java:42)
	at io.quarkus.arc.impl.AroundInvokeInvocationContext.perform(AroundInvokeInvocationContext.java:30)
	at io.quarkus.arc.impl.InvocationContexts.performAroundInvoke(InvocationContexts.java:27)
	at com.example.user.management.api.logic.UserFacade_Subclass.createUser(Unknown Source)
	at com.example.user.management.api.logic.UserFacade_ClientProxy.createUser(Unknown Source)
	at com.example.user.management.api.api.UserApiImpl.createUser(UserApiImpl.java:27)
	at com.example.user.management.api.api.UserApiImpl_Subclass.createUser$$superforward(Unknown Source)
	at com.example.user.management.api.api.UserApiImpl_Subclass$$function$$26.apply(Unknown Source)
	at io.quarkus.arc.impl.AroundInvokeInvocationContext.proceed(AroundInvokeInvocationContext.java:73)
	at io.quarkus.arc.impl.AroundInvokeInvocationContext.proceed(AroundInvokeInvocationContext.java:62)
	at io.quarkus.hibernate.validator.runtime.interceptor.AbstractMethodValidationInterceptor.validateMethodInvocation(AbstractMethodValidationInterceptor.java:71)
	at io.quarkus.hibernate.validator.runtime.jaxrs.JaxrsEndPointValidationInterceptor.validateMethodInvocation(JaxrsEndPointValidationInterceptor.java:38)
	at io.quarkus.hibernate.validator.runtime.jaxrs.JaxrsEndPointValidationInterceptor_Bean.intercept(Unknown Source)
	at io.quarkus.arc.impl.InterceptorInvocation.invoke(InterceptorInvocation.java:42)
	at io.quarkus.arc.impl.AroundInvokeInvocationContext.perform(AroundInvokeInvocationContext.java:30)
	at io.quarkus.arc.impl.InvocationContexts.performAroundInvoke(InvocationContexts.java:27)
	at com.example.user.management.api.api.UserApiImpl_Subclass.createUser(Unknown Source)
	at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
	at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
	at java.base/jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
	at java.base/java.lang.reflect.Method.invoke(Method.java:566)
	at org.jboss.resteasy.core.MethodInjectorImpl.invoke(MethodInjectorImpl.java:154)
	at org.jboss.resteasy.core.MethodInjectorImpl.invoke(MethodInjectorImpl.java:118)
	at org.jboss.resteasy.core.ResourceMethodInvoker.internalInvokeOnTarget(ResourceMethodInvoker.java:560)
	at org.jboss.resteasy.core.ResourceMethodInvoker.invokeOnTargetAfterFilter(ResourceMethodInvoker.java:452)
	at org.jboss.resteasy.core.ResourceMethodInvoker.lambda$invokeOnTarget$2(ResourceMethodInvoker.java:413)
	at org.jboss.resteasy.core.interception.jaxrs.PreMatchContainerRequestContext.filter(PreMatchContainerRequestContext.java:321)
	at org.jboss.resteasy.core.ResourceMethodInvoker.invokeOnTarget(ResourceMethodInvoker.java:415)
	at org.jboss.resteasy.core.ResourceMethodInvoker.invoke(ResourceMethodInvoker.java:378)
	at org.jboss.resteasy.core.ResourceMethodInvoker.invoke(ResourceMethodInvoker.java:356)
	at org.jboss.resteasy.core.ResourceMethodInvoker.invoke(ResourceMethodInvoker.java:70)
	at org.jboss.resteasy.core.SynchronousDispatcher.invoke(SynchronousDispatcher.java:429)
	at org.jboss.resteasy.core.SynchronousDispatcher.lambda$invoke$4(SynchronousDispatcher.java:240)
	at org.jboss.resteasy.core.SynchronousDispatcher.lambda$preprocess$0(SynchronousDispatcher.java:154)
	at org.jboss.resteasy.core.interception.jaxrs.PreMatchContainerRequestContext.filter(PreMatchContainerRequestContext.java:321)
	at org.jboss.resteasy.core.SynchronousDispatcher.preprocess(SynchronousDispatcher.java:157)
	at org.jboss.resteasy.core.SynchronousDispatcher.invoke(SynchronousDispatcher.java:229)
	at io.quarkus.resteasy.runtime.standalone.RequestDispatcher.service(RequestDispatcher.java:82)
	at io.quarkus.resteasy.runtime.standalone.VertxRequestHandler.dispatch(VertxRequestHandler.java:147)
	at io.quarkus.resteasy.runtime.standalone.VertxRequestHandler$1.run(VertxRequestHandler.java:93)
	at io.quarkus.vertx.core.runtime.VertxCoreRecorder$14.runWith(VertxCoreRecorder.java:582)
	at org.jboss.threads.EnhancedQueueExecutor$Task.run(EnhancedQueueExecutor.java:2513)
	at org.jboss.threads.EnhancedQueueExecutor$ThreadBody.run(EnhancedQueueExecutor.java:1538)
	at org.jboss.threads.DelegatingRunnable.run(DelegatingRunnable.java:29)
	at org.jboss.threads.ThreadLocalResettingRunnable.run(ThreadLocalResettingRunnable.java:29)
	at io.netty.util.concurrent.FastThreadLocalRunnable.run(FastThreadLocalRunnable.java:30)
	at java.base/java.lang.Thread.run(Thread.java:829)
	Suppressed: java.io.IOException: Incomplete document
		at com.google.gson.stream.JsonWriter.close(JsonWriter.java:610)
		at com.microsoft.kiota.serialization.JsonSerializationWriter.close(JsonSerializationWriter.java:441)
		at com.microsoft.kiota.RequestInformation.setContentFromParsable(RequestInformation.java:327)
		... 61 more

Configuration

No response

Other information

No response

Metadata

Metadata

Assignees

No one assigned

    Labels

    type:bugA broken experienceA broken experience

    Type

    No type

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions
      Morty Proxy This is a proxified and sanitized view of the page, visit original site.