diff --git a/core/src/main/java/org/keycloak/representations/idm/authorization/PermissionTicketRepresentation.java b/core/src/main/java/org/keycloak/representations/idm/authorization/PermissionTicketRepresentation.java index 2a3e020b2b..af03373b5a 100644 --- a/core/src/main/java/org/keycloak/representations/idm/authorization/PermissionTicketRepresentation.java +++ b/core/src/main/java/org/keycloak/representations/idm/authorization/PermissionTicketRepresentation.java @@ -28,6 +28,9 @@ public class PermissionTicketRepresentation { private boolean granted; private String scopeName; private String resourceName; + private String requester; + private String ownerName; + private String requesterName; public String getId() { return id; @@ -84,4 +87,28 @@ public class PermissionTicketRepresentation { public String getResourceName() { return resourceName; } + + public void setRequesterName(String requesterName) { + this.requesterName = requesterName; + } + + public String getRequesterName() { + return requesterName; + } + + public void setRequester(String requester) { + this.requester = requester; + } + + public String getRequester() { + return requester; + } + + public void setOwnerName(String ownerName) { + this.ownerName = ownerName; + } + + public String getOwnerName() { + return ownerName; + } } diff --git a/server-spi-private/src/main/java/org/keycloak/models/utils/ModelToRepresentation.java b/server-spi-private/src/main/java/org/keycloak/models/utils/ModelToRepresentation.java index e793cb2dbb..d35eb8d9c9 100755 --- a/server-spi-private/src/main/java/org/keycloak/models/utils/ModelToRepresentation.java +++ b/server-spi-private/src/main/java/org/keycloak/models/utils/ModelToRepresentation.java @@ -848,16 +848,17 @@ public class ModelToRepresentation { return resource; } - public static PermissionTicketRepresentation toRepresentation(PermissionTicket ticket) { - return toRepresentation(ticket, false); + public static PermissionTicketRepresentation toRepresentation(PermissionTicket ticket, AuthorizationProvider authorization) { + return toRepresentation(ticket, authorization, false); } - public static PermissionTicketRepresentation toRepresentation(PermissionTicket ticket, boolean returnNames) { + public static PermissionTicketRepresentation toRepresentation(PermissionTicket ticket, AuthorizationProvider authorization, boolean returnNames) { PermissionTicketRepresentation representation = new PermissionTicketRepresentation(); representation.setId(ticket.getId()); representation.setGranted(ticket.isGranted()); representation.setOwner(ticket.getOwner()); + representation.setRequester(ticket.getRequester()); Resource resource = ticket.getResource(); @@ -865,6 +866,12 @@ public class ModelToRepresentation { if (returnNames) { representation.setResourceName(resource.getName()); + KeycloakSession keycloakSession = authorization.getKeycloakSession(); + RealmModel realm = authorization.getRealm(); + UserModel owner = keycloakSession.users().getUserById(ticket.getOwner(), realm); + UserModel requester = keycloakSession.users().getUserById(ticket.getRequester(), realm); + representation.setRequesterName(requester.getUsername()); + representation.setOwnerName(owner.getUsername()); } Scope scope = ticket.getScope(); diff --git a/services/src/main/java/org/keycloak/authorization/protection/permission/PermissionService.java b/services/src/main/java/org/keycloak/authorization/protection/permission/PermissionService.java index e30f7d0bdf..6434f19b54 100644 --- a/services/src/main/java/org/keycloak/authorization/protection/permission/PermissionService.java +++ b/services/src/main/java/org/keycloak/authorization/protection/permission/PermissionService.java @@ -138,7 +138,7 @@ public class PermissionService extends AbstractPermissionService { return Response.ok().entity(permissionTicketStore.find(filters, resourceServer.getId(), firstResult != null ? firstResult : -1, maxResult != null ? maxResult : Constants.DEFAULT_MAX_RESULTS) .stream() - .map(permissionTicket -> ModelToRepresentation.toRepresentation(permissionTicket, returnNames == null ? false : returnNames)) + .map(permissionTicket -> ModelToRepresentation.toRepresentation(permissionTicket, authorization, returnNames == null ? false : returnNames)) .collect(Collectors.toList())) .build(); }