Use session level cache and avoid resolving by ID too often

Closes #12381

model/map-jpa/src/main/java/org/keycloak/models/map/storage/jpa/JpaMapKeycloakTransaction.java

@@ -104,13 +104,19 @@ public abstract class JpaMapKeycloakTransaction<RE extends JpaRootEntity, E exte
     @Override
     public E read(String key) {
         if (key == null) return null;
+        E e = null;
+        if (!LockObjectsForModification.isEnabled(session, modelType)) {
+            e = cacheWithinSession.get(key);
+        }
+        if (e == null) {
             UUID uuid = StringKeyConverter.UUIDKey.INSTANCE.fromStringSafe(key);
             if (uuid == null) return null;
-        E e = mapToEntityDelegateUnique(
+            e = mapToEntityDelegateUnique(
                     LockObjectsForModification.isEnabled(session, modelType) ?
                             em.find(entityType, uuid, LockModeType.PESSIMISTIC_WRITE) :
                             em.find(entityType, uuid)
             );
+        }
         return e != null && isExpirableEntity && isExpired((ExpirableEntity) e, true) ? null : e;
     }
 

model/map/src/main/java/org/keycloak/models/map/role/MapRoleProvider.java

@@ -191,13 +191,10 @@ public class MapRoleProvider implements RoleProvider {
                  .compare(SearchableFields.IS_CLIENT_ROLE, Operator.NE, true)
                  .compare(SearchableFields.NAME, Operator.EQ, name);
 
-        String roleId = tx.read(withCriteria(mcb))
+        return tx.read(withCriteria(mcb))
                 .map(entityToAdapterFunc(realm))
-                .map(RoleModel::getId)
                 .findFirst()
                 .orElse(null);
-        //we need to go via session.roles() not to bypass cache
-        return roleId == null ? null : session.roles().getRoleById(realm, roleId);
     }
 
     @Override
@@ -212,13 +209,10 @@ public class MapRoleProvider implements RoleProvider {
           .compare(SearchableFields.CLIENT_ID, Operator.EQ, client.getId())
           .compare(SearchableFields.NAME, Operator.EQ, name);
 
-        String roleId = tx.read(withCriteria(mcb))
+        return tx.read(withCriteria(mcb))
                 .map(entityToAdapterFunc(client.getRealm()))
-                .map(RoleModel::getId)
                 .findFirst()
                 .orElse(null);
-        //we need to go via session.roles() not to bypass cache
-        return roleId == null ? null : session.roles().getRoleById(client.getRealm(), roleId);
     }
 
     @Override