Group management fails with case sensitivity

[col-panic]

Current Behavior

I have a realm in json format, where multiple groups are defined, such as

"groups": [
    {
      "name": "GroupArzt",
      "path": "/GroupArzt"
    },
    {
      "name": "GroupAssistent",
      "path": "/GroupAssistent"
    },
    {
      "name": "GroupMPA",
      "path": "/GroupMPA"
    },
    {
      "name": "GroupMPK",
      "path": "/GroupMPK"
    },
    {
      "name": "GroupPraktikant",
      "path": "/GroupPraktikant"
    },
    {
      "name": "GroupIntern",
      "path": "/GroupIntern"
    },
    {
      "name": "GroupThirdParty",
      "path": "/GroupThirdParty"
    }
  ]

On executing like

java -jar $KC_CONFIG_CLI_JAR \
	--keycloak.url=http://keycloak:8080/keycloak/auth \
	--keycloak.ssl-verify=false \
   	--keycloak.user=KeycloakAdmin \
  	--keycloak.password=${ADMIN_PASSWORD} \
 	--import.validate=true \
    --import.var-substitution.enabled=true \
    --import.files.locations=$RESULT_FILE

I started to receive messages like

2024-05-15 08:52:27.015 ERROR 157 --- [           main] d.a.k.config.KeycloakConfigRunner        : Create method returned status Conflict (Code: 409); expected status: Created (201)

with the respective keycloak message

keycloak-1  | 2024-05-15 08:54:43,415 WARN  [org.hibernate.engine.jdbc.spi.SqlExceptionHelper] (executor-thread-4) SQL Error: 1062, SQLState: 23000
keycloak-1  | 2024-05-15 08:54:43,415 ERROR [org.hibernate.engine.jdbc.spi.SqlExceptionHelper] (executor-thread-4) Duplicate entry '8379d9e8-3a17-49f4-93a5-4e6235ab0f1a- -GroupMPA' for key 'SIBLING_NAMES'

The database entry is

my:eemaster_keycloak@192/eemaster_keycloak=> select * from KEYCLOAK_GROUP;
                  ID                  |      NAME       | PARENT_GROUP |               REALM_ID               
--------------------------------------+-----------------+--------------+--------------------------------------
 8b5e5de8-a142-4e8c-bed5-539bb5e67bde | GroupArzt       |              | 8379d9e8-3a17-49f4-93a5-4e6235ab0f1a 
 41dd284d-c730-434b-bb9a-c475f94564fb | GroupAssistent  |              | 8379d9e8-3a17-49f4-93a5-4e6235ab0f1a 
 efded937-212b-4c6b-acbb-51f902ebcb54 | GroupIntern     |              | 8379d9e8-3a17-49f4-93a5-4e6235ab0f1a 
 638b5fa8-d69e-46cc-bee8-ea6448c7e41c | GroupMpa        |              | 8379d9e8-3a17-49f4-93a5-4e6235ab0f1a 
 bb242305-8878-4430-88f5-fd22a19c0648 | GroupMpk        |              | 8379d9e8-3a17-49f4-93a5-4e6235ab0f1a 
 4ff4c67c-cf74-46f9-8cc0-2746ee6974d7 | GroupPraktikant |              | 8379d9e8-3a17-49f4-93a5-4e6235ab0f1a 
 d272d980-98b2-464a-92ae-ca486448e286 | GroupThirdParty |              | 8379d9e8-3a17-49f4-93a5-4e6235ab0f1a 
(7 rows)

Expected Behavior

There should not be an ERROR happening.

Steps To Reproduce

See above

Environment

• Keycloak Version: 23.0.7
• keycloak-config-cli Version: 5.12.0 for 23.0.7
• Java Version: 17

Anything else?

No response

[col-panic]

In the test examples https://github.com/adorsys/keycloak-config-cli/blob/main/src/test/resources/import-files/groups/01_update_realm_add_group.json no path attribute was used. Thus I removed the path values, yet the error stays the same.

[col-panic]

--import.managed.group=full also does not solve the problem

[col-panic]

Debug info shows, that for some reason, GroupImportService fails to correctly find the existing group, and
tries to add it again?

ee-config-1  | Caused by: jakarta.ws.rs.WebApplicationException: Create method returned status Conflict (Code: 409); expected status: Created (201)
ee-config-1  | 	at org.keycloak.admin.client.CreatedResponseUtil.getCreatedId(CreatedResponseUtil.java:43)
ee-config-1  | 	at de.adorsys.keycloak.config.repository.GroupRepository.createGroup(GroupRepository.java:102)
ee-config-1  | 	at de.adorsys.keycloak.config.service.GroupImportService.createGroup(GroupImportService.java:144)
ee-config-1  | 	at de.adorsys.keycloak.config.service.GroupImportService.createOrUpdateRealmGroup(GroupImportService.java:139)
ee-config-1  | 	at de.adorsys.keycloak.config.service.GroupImportService.lambda$createOrUpdateGroups$0(GroupImportService.java:77)
ee-config-1  | 	at java.base/java.util.ArrayList.forEach(Unknown Source)
ee-config-1  | 	at de.adorsys.keycloak.config.service.GroupImportService.createOrUpdateGroups(GroupImportService.java:81)
ee-config-1  | 	at de.adorsys.keycloak.config.service.GroupImportService.importGroups(GroupImportService.java:69)
ee-config-1  | 	at de.adorsys.keycloak.config.service.RealmImportService.configureRealm(RealmImportService.java:203)
ee-config-1  | 	at de.adorsys.keycloak.config.service.RealmImportService.updateRealm(RealmImportService.java:195)
ee-config-1  | 	at de.adorsys.keycloak.config.service.RealmImportService.updateRealmIfNecessary(RealmImportService.java:153)
ee-config-1  | 	at de.adorsys.keycloak.config.service.RealmImportService.doImport(RealmImportService.java:144)
ee-config-1  | 	at de.adorsys.keycloak.config.KeycloakConfigRunner.run(KeycloakConfigRunner.java:79)
ee-config-1  | 	at org.springframework.boot.SpringApplication.callRunner(SpringApplication.java:768)
ee-config-1  | 	... 13 common frames omitted
ee-config-1  | 

[col-panic]

I manually renamed the group entries GroupMpa -> GroupMPA and GroupMpk to GroupMPK in the
database. After this the problem does NOT occur anymore.

It seems that while the code is case sensitive in finding the group, the database is case-insensitive in accepting
group names!