From 73564c5815436e803b9d009e6efc25b3eb8e8335 Mon Sep 17 00:00:00 2001
From: Elisabeth Schulz <elisabeth.schulz@codecentric.de>
Date: Fri, 7 Aug 2020 11:27:10 +0200
Subject: [PATCH] KEYCLOAK-13983 Include algorithm parameters

Lazy initialization of additional parameters
---
 .../dto/PasswordCredentialData.java           | 10 +++++++---
 .../credential/dto/PasswordSecretData.java    | 19 +++++++++++--------
 2 files changed, 18 insertions(+), 11 deletions(-)

diff --git a/server-spi/src/main/java/org/keycloak/models/credential/dto/PasswordCredentialData.java b/server-spi/src/main/java/org/keycloak/models/credential/dto/PasswordCredentialData.java
index 1a46857a60..8b4912a89f 100644
--- a/server-spi/src/main/java/org/keycloak/models/credential/dto/PasswordCredentialData.java
+++ b/server-spi/src/main/java/org/keycloak/models/credential/dto/PasswordCredentialData.java
@@ -11,7 +11,8 @@ import java.util.Map;
 public class PasswordCredentialData {
     private final int hashIterations;
     private final String algorithm;
-    private final MultivaluedHashMap<String, String> additionalParameters;
+
+    private MultivaluedHashMap<String, String> additionalParameters;
 
     /**
      * Creator for standard algorithms (no algorithm tuning beyond hash iterations)
@@ -19,7 +20,7 @@ public class PasswordCredentialData {
      * @param algorithm algorithm id
      */
     public PasswordCredentialData(int hashIterations, String algorithm) {
-        this(hashIterations, algorithm, Collections.emptyMap());
+        this(hashIterations, algorithm, null);
     }
 
     /**
@@ -32,7 +33,7 @@ public class PasswordCredentialData {
     public PasswordCredentialData(@JsonProperty("hashIterations") int hashIterations, @JsonProperty("algorithm") String algorithm, @JsonProperty("algorithmData") Map<String, List<String>> additionalParameters) {
         this.hashIterations = hashIterations;
         this.algorithm = algorithm;
-        this.additionalParameters = new MultivaluedHashMap<>(additionalParameters == null ? Collections.emptyMap() : additionalParameters);
+        this.additionalParameters = additionalParameters != null ?  new MultivaluedHashMap<>(additionalParameters) : null;
     }
 
 
@@ -51,6 +52,9 @@ public class PasswordCredentialData {
      * @return algorithm data
      */
     public MultivaluedHashMap<String, String> getAdditionalParameters() {
+        if (additionalParameters == null) {
+            additionalParameters = new MultivaluedHashMap<>();
+        }
         return additionalParameters;
     }
 }
diff --git a/server-spi/src/main/java/org/keycloak/models/credential/dto/PasswordSecretData.java b/server-spi/src/main/java/org/keycloak/models/credential/dto/PasswordSecretData.java
index 0dd9ac4be5..8fba1bb6fa 100644
--- a/server-spi/src/main/java/org/keycloak/models/credential/dto/PasswordSecretData.java
+++ b/server-spi/src/main/java/org/keycloak/models/credential/dto/PasswordSecretData.java
@@ -1,23 +1,23 @@
 package org.keycloak.models.credential.dto;
 
-import java.io.IOException;
-import java.util.Collections;
-import java.util.List;
-import java.util.Map;
-
 import com.fasterxml.jackson.annotation.JsonCreator;
 import com.fasterxml.jackson.annotation.JsonProperty;
 import org.jboss.logging.Logger;
 import org.keycloak.common.util.Base64;
 import org.keycloak.common.util.MultivaluedHashMap;
 
+import java.io.IOException;
+import java.util.List;
+import java.util.Map;
+
 public class PasswordSecretData {
 
     public static final Logger logger = Logger.getLogger(PasswordSecretData.class);
 
     private final String value;
     private final byte[] salt;
-    private final MultivaluedHashMap<String, String> additionalParameters;
+
+    private MultivaluedHashMap<String, String> additionalParameters;
 
     /**
      * Creator with the option to provide customized secret data (multiple salt values, chiefly)
@@ -28,7 +28,7 @@ public class PasswordSecretData {
      */
     @JsonCreator
     public PasswordSecretData(@JsonProperty("value") String value, @JsonProperty("salt") String salt, @JsonProperty("algorithmData") Map<String, List<String>> additionalParameters) throws IOException {
-        this.additionalParameters = new MultivaluedHashMap<>(additionalParameters == null ? Collections.emptyMap() : additionalParameters);
+        this.additionalParameters = additionalParameters != null ? new MultivaluedHashMap<>( additionalParameters) : null;
 
         if (salt == null || "__SALT__".equals(salt)) {
             this.value = value;
@@ -48,7 +48,7 @@ public class PasswordSecretData {
     public PasswordSecretData(String value, byte[] salt) {
         this.value = value;
         this.salt = salt;
-        this.additionalParameters = new MultivaluedHashMap<>();
+        this.additionalParameters = null;
     }
 
     public String getValue() {
@@ -60,6 +60,9 @@ public class PasswordSecretData {
     }
 
     public MultivaluedHashMap<String, String> getAdditionalParameters() {
+        if (additionalParameters == null) {
+            additionalParameters = new MultivaluedHashMap<>();
+        }
         return additionalParameters;
     }
 }