From 4e8b18f560c26f85529070c2c7847be7cca6ac09 Mon Sep 17 00:00:00 2001 From: vramik Date: Sun, 23 May 2021 21:51:36 +0200 Subject: [PATCH] KEYCLOAK-17752 Avoid iterating over all clients in UserResource.getConsents() --- .../resources/admin/UserResource.java | 52 ++++++++++++------- 1 file changed, 34 insertions(+), 18 deletions(-) diff --git a/services/src/main/java/org/keycloak/services/resources/admin/UserResource.java b/services/src/main/java/org/keycloak/services/resources/admin/UserResource.java index 91b3922c70..29361b8a60 100755 --- a/services/src/main/java/org/keycloak/services/resources/admin/UserResource.java +++ b/services/src/main/java/org/keycloak/services/resources/admin/UserResource.java @@ -440,33 +440,49 @@ public class UserResource { Set offlineClients = new UserSessionManager(session).findClientsWithOfflineToken(realm, user); - return realm.getClientsStream() - .map(client -> toConsent(client, offlineClients)) - .filter(Objects::nonNull); + return Stream.concat( + session.users().getConsentsStream(realm, user.getId()) + .map(consent -> toConsent(consent, offlineClients)), + + offlineClients.stream().map(this::toConsent) + ); } - private Map toConsent(ClientModel client, Set offlineClients) { - UserConsentModel consent = session.users().getConsentByClient(realm, user.getId(), client.getId()); - boolean hasOfflineToken = offlineClients.contains(client); - - if (consent == null && !hasOfflineToken) { - return null; - } - - UserConsentRepresentation rep = (consent == null) ? null : ModelToRepresentation.toRepresentation(consent); - + private Map toConsent(ClientModel client) { Map currentRep = new HashMap<>(); currentRep.put("clientId", client.getClientId()); - currentRep.put("grantedClientScopes", (rep == null ? Collections.emptyList() : rep.getGrantedClientScopes())); - currentRep.put("createdDate", (rep == null ? null : rep.getCreatedDate())); - currentRep.put("lastUpdatedDate", (rep == null ? null : rep.getLastUpdatedDate())); + currentRep.put("grantedClientScopes", Collections.emptyList()); + currentRep.put("createdDate", null); + currentRep.put("lastUpdatedDate", null); List> additionalGrants = new LinkedList<>(); - if (hasOfflineToken) { + + Map offlineTokens = new HashMap<>(); + offlineTokens.put("client", client.getId()); + offlineTokens.put("key", "Offline Token"); + additionalGrants.add(offlineTokens); + + currentRep.put("additionalGrants", additionalGrants); + return currentRep; + } + + private Map toConsent(UserConsentModel consent, Set offlineClients) { + + UserConsentRepresentation rep = ModelToRepresentation.toRepresentation(consent); + + Map currentRep = new HashMap<>(); + currentRep.put("clientId", consent.getClient().getClientId()); + currentRep.put("grantedClientScopes", rep.getGrantedClientScopes()); + currentRep.put("createdDate", rep.getCreatedDate()); + currentRep.put("lastUpdatedDate", rep.getLastUpdatedDate()); + + List> additionalGrants = new LinkedList<>(); + if (offlineClients.contains(consent.getClient())) { Map offlineTokens = new HashMap<>(); - offlineTokens.put("client", client.getId()); + offlineTokens.put("client", consent.getClient().getId()); offlineTokens.put("key", "Offline Token"); additionalGrants.add(offlineTokens); + offlineClients.remove(consent.getClient()); } currentRep.put("additionalGrants", additionalGrants); return currentRep;