keycloak-uncached

Merge pull request #5200 from martel-innovate/KEYCLOAK-7337 [KEYCLOAK-7337] …

5/14/2018 9:07:48 AM

Implement return of requester in UMA permissions

Pedro Igor

Commit: 6882f7a

Tree: 5f18867

Parents: 943c850
5cbe595

Changes

core/src/main/java/org/keycloak/representations/idm/authorization/PermissionTicketRepresentation.java 27(+27 -0)

server-spi-private/src/main/java/org/keycloak/models/utils/ModelToRepresentation.java 13(+10 -3)

services/src/main/java/org/keycloak/authorization/protection/permission/PermissionService.java 2(+1 -1)

Details

core/src/main/java/org/keycloak/representations/idm/authorization/PermissionTicketRepresentation.java 27(+27 -0)

diff --git a/core/src/main/java/org/keycloak/representations/idm/authorization/PermissionTicketRepresentation.java b/core/src/main/java/org/keycloak/representations/idm/authorization/PermissionTicketRepresentation.java
index 2a3e020..af03373 100644
--- a/core/src/main/java/org/keycloak/representations/idm/authorization/PermissionTicketRepresentation.java
+++ b/core/src/main/java/org/keycloak/representations/idm/authorization/PermissionTicketRepresentation.java
@@ -28,6 +28,9 @@ public class PermissionTicketRepresentation {
     private boolean granted;
     private String scopeName;
     private String resourceName;
+    private String requester; 
+    private String ownerName;
+    private String requesterName;
 
     public String getId() {
         return id;
@@ -84,4 +87,28 @@ public class PermissionTicketRepresentation {
     public String getResourceName() {
         return resourceName;
     }
+    
+    public void setRequesterName(String requesterName) {
+        this.requesterName = requesterName;
+    }
+
+    public String getRequesterName() {
+        return requesterName;
+    }
+    
+    public void setRequester(String requester) {
+        this.requester = requester;
+    }
+
+    public String getRequester() {
+        return requester;
+    }
+    
+    public void setOwnerName(String ownerName) {
+        this.ownerName = ownerName;
+    }
+
+    public String getOwnerName() {
+        return ownerName;
+    }
 }

server-spi-private/src/main/java/org/keycloak/models/utils/ModelToRepresentation.java 13(+10 -3)

diff --git a/server-spi-private/src/main/java/org/keycloak/models/utils/ModelToRepresentation.java b/server-spi-private/src/main/java/org/keycloak/models/utils/ModelToRepresentation.java
index e793cb2..d35eb8d 100755
--- a/server-spi-private/src/main/java/org/keycloak/models/utils/ModelToRepresentation.java
+++ b/server-spi-private/src/main/java/org/keycloak/models/utils/ModelToRepresentation.java
@@ -848,16 +848,17 @@ public class ModelToRepresentation {
         return resource;
     }
 
-    public static PermissionTicketRepresentation toRepresentation(PermissionTicket ticket) {
-        return toRepresentation(ticket, false);
+    public static PermissionTicketRepresentation toRepresentation(PermissionTicket ticket, AuthorizationProvider authorization) {
+        return toRepresentation(ticket, authorization, false);
     }
 
-    public static PermissionTicketRepresentation toRepresentation(PermissionTicket ticket, boolean returnNames) {
+    public static PermissionTicketRepresentation toRepresentation(PermissionTicket ticket, AuthorizationProvider authorization, boolean returnNames) {
         PermissionTicketRepresentation representation = new PermissionTicketRepresentation();
 
         representation.setId(ticket.getId());
         representation.setGranted(ticket.isGranted());
         representation.setOwner(ticket.getOwner());
+        representation.setRequester(ticket.getRequester());
 
         Resource resource = ticket.getResource();
 
@@ -865,6 +866,12 @@ public class ModelToRepresentation {
 
         if (returnNames) {
             representation.setResourceName(resource.getName());
+            KeycloakSession keycloakSession = authorization.getKeycloakSession();
+            RealmModel realm = authorization.getRealm();
+            UserModel owner = keycloakSession.users().getUserById(ticket.getOwner(), realm);
+            UserModel requester = keycloakSession.users().getUserById(ticket.getRequester(), realm);
+            representation.setRequesterName(requester.getUsername());
+            representation.setOwnerName(owner.getUsername());
         }
 
         Scope scope = ticket.getScope();

services/src/main/java/org/keycloak/authorization/protection/permission/PermissionService.java 2(+1 -1)

diff --git a/services/src/main/java/org/keycloak/authorization/protection/permission/PermissionService.java b/services/src/main/java/org/keycloak/authorization/protection/permission/PermissionService.java
index e30f7d0..6434f19 100644
--- a/services/src/main/java/org/keycloak/authorization/protection/permission/PermissionService.java
+++ b/services/src/main/java/org/keycloak/authorization/protection/permission/PermissionService.java
@@ -138,7 +138,7 @@ public class PermissionService extends AbstractPermissionService {
 
         return Response.ok().entity(permissionTicketStore.find(filters, resourceServer.getId(), firstResult != null ? firstResult : -1, maxResult != null ? maxResult : Constants.DEFAULT_MAX_RESULTS)
                     .stream()
-                        .map(permissionTicket -> ModelToRepresentation.toRepresentation(permissionTicket, returnNames == null ? false : returnNames))
+                        .map(permissionTicket -> ModelToRepresentation.toRepresentation(permissionTicket, authorization, returnNames == null ? false : returnNames))
                         .collect(Collectors.toList()))
                 .build();
     }