libre.sh/keycloak-scim
4
0
Fork 0
Code Issues 15 Pull requests Releases 1 Activity Actions

KEYCLOAK-17752 Avoid iterating over all clients in UserResource.getConsents()

Browse source
This commit is contained in:
vramik 2021-05-23 21:51:36 +02:00 committed by Hynek Mlnařík
parent 94f676cb95
commit 4e8b18f560
1 changed files with 34 additions and 18 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

52
services/src/main/java/org/keycloak/services/resources/admin/UserResource.java
View file

@ -440,33 +440,49 @@ public class UserResource {
Set<ClientModel> offlineClients = new UserSessionManager(session).findClientsWithOfflineToken(realm, user); Set<ClientModel> offlineClients = new UserSessionManager(session).findClientsWithOfflineToken(realm, user);
return realm.getClientsStream() return Stream.concat(
.map(client -> toConsent(client, offlineClients)) session.users().getConsentsStream(realm, user.getId())
.filter(Objects::nonNull); .map(consent -> toConsent(consent, offlineClients)),
offlineClients.stream().map(this::toConsent)
);
} }
private Map<String, Object> toConsent(ClientModel client, Set<ClientModel> offlineClients) { private Map<String, Object> toConsent(ClientModel client) {
UserConsentModel consent = session.users().getConsentByClient(realm, user.getId(), client.getId());
boolean hasOfflineToken = offlineClients.contains(client);
if (consent == null && !hasOfflineToken) {
return null;
}
UserConsentRepresentation rep = (consent == null) ? null : ModelToRepresentation.toRepresentation(consent);
Map<String, Object> currentRep = new HashMap<>(); Map<String, Object> currentRep = new HashMap<>();
currentRep.put("clientId", client.getClientId()); currentRep.put("clientId", client.getClientId());
currentRep.put("grantedClientScopes", (rep == null ? Collections.emptyList() : rep.getGrantedClientScopes())); currentRep.put("grantedClientScopes", Collections.emptyList());
currentRep.put("createdDate", (rep == null ? null : rep.getCreatedDate())); currentRep.put("createdDate", null);
currentRep.put("lastUpdatedDate", (rep == null ? null : rep.getLastUpdatedDate())); currentRep.put("lastUpdatedDate", null);
List<Map<String, String>> additionalGrants = new LinkedList<>(); List<Map<String, String>> additionalGrants = new LinkedList<>();
if (hasOfflineToken) {
Map<String, String> offlineTokens = new HashMap<>();
offlineTokens.put("client", client.getId());
offlineTokens.put("key", "Offline Token");
additionalGrants.add(offlineTokens);
currentRep.put("additionalGrants", additionalGrants);
return currentRep;
}
private Map<String, Object> toConsent(UserConsentModel consent, Set<ClientModel> offlineClients) {
UserConsentRepresentation rep = ModelToRepresentation.toRepresentation(consent);
Map<String, Object> currentRep = new HashMap<>();
currentRep.put("clientId", consent.getClient().getClientId());
currentRep.put("grantedClientScopes", rep.getGrantedClientScopes());
currentRep.put("createdDate", rep.getCreatedDate());
currentRep.put("lastUpdatedDate", rep.getLastUpdatedDate());
List<Map<String, String>> additionalGrants = new LinkedList<>();
if (offlineClients.contains(consent.getClient())) {
Map<String, String> offlineTokens = new HashMap<>(); Map<String, String> offlineTokens = new HashMap<>();
offlineTokens.put("client", client.getId()); offlineTokens.put("client", consent.getClient().getId());
offlineTokens.put("key", "Offline Token"); offlineTokens.put("key", "Offline Token");
additionalGrants.add(offlineTokens); additionalGrants.add(offlineTokens);
offlineClients.remove(consent.getClient());
} }
currentRep.put("additionalGrants", additionalGrants); currentRep.put("additionalGrants", additionalGrants);
return currentRep; return currentRep;