[KEYCLOAK-4992] - Using query parameter metadata for GET requests

authz/client/src/main/java/org/keycloak/authorization/client/representation/AuthorizationRequestMetadata.java

@@ -23,7 +23,9 @@ import com.fasterxml.jackson.annotation.JsonProperty;
  */
 public class AuthorizationRequestMetadata {
 
-    @JsonProperty("include_resource_name")
+    public static final String INCLUDE_RESOURCE_NAME = "include_resource_name";
+
+    @JsonProperty(INCLUDE_RESOURCE_NAME)
     private boolean includeResourceName;
 
     public boolean isIncludeResourceName() {

authz/client/src/main/java/org/keycloak/authorization/client/resource/EntitlementResource.java

@@ -41,7 +41,11 @@ public class EntitlementResource {
                     .authorizationBearer(this.eat);
 
             if (metadata != null) {
-                method.param("include_resource_name", String.valueOf(metadata.isIncludeResourceName()));
+                StringBuilder params = new StringBuilder();
+
+                params.append(AuthorizationRequestMetadata.INCLUDE_RESOURCE_NAME).append("=").append(metadata.isIncludeResourceName());
+
+                method.param("metadata", params.toString());
             }
 
             return method.response().json(EntitlementResponse.class).execute();

services/src/main/java/org/keycloak/authorization/authorization/representation/AuthorizationRequestMetadata.java

@@ -16,16 +16,31 @@
  */
 package org.keycloak.authorization.authorization.representation;
 
+import java.util.Map;
+
 import com.fasterxml.jackson.annotation.JsonProperty;
+import com.sun.org.apache.xpath.internal.operations.Bool;
 
 /**
  * @author <a href="mailto:psilva@redhat.com">Pedro Igor</a>
  */
 public class AuthorizationRequestMetadata {
 
-    @JsonProperty("include_resource_name")
+    public static final String INCLUDE_RESOURCE_NAME = "include_resource_name";
+
+    @JsonProperty(INCLUDE_RESOURCE_NAME)
     private boolean includeResourceName;
 
+    public AuthorizationRequestMetadata() {
+        this(null);
+    }
+
+    public AuthorizationRequestMetadata(Map<String, String> claims) {
+        if (claims != null) {
+            includeResourceName = Boolean.valueOf(claims.getOrDefault(INCLUDE_RESOURCE_NAME, "true")).booleanValue();
+        }
+    }
+
     public boolean isIncludeResourceName() {
         return includeResourceName;
     }

services/src/main/java/org/keycloak/authorization/entitlement/EntitlementService.java

@@ -102,7 +102,7 @@ public class EntitlementService {
     @GET()
     @Produces("application/json")
     @Consumes("application/json")
-    public Response getAll(@PathParam("resource_server_id") String resourceServerId, @QueryParam("include_resource_name") Boolean includeResourceName) {
+    public Response getAll(@PathParam("resource_server_id") String resourceServerId, @QueryParam("metadata") String metadataParam) {
         KeycloakIdentity identity = new KeycloakIdentity(this.authorization.getKeycloakSession());
 
         if (resourceServerId == null) {
@@ -123,16 +123,7 @@ public class EntitlementService {
             throw new ErrorResponseException(OAuthErrorException.INVALID_REQUEST, "Client does not support permissions", Status.FORBIDDEN);
         }
 
-        AuthorizationRequestMetadata metadata;
-
-        if (includeResourceName != null) {
-            metadata = new AuthorizationRequestMetadata();
-            metadata.setIncludeResourceName(includeResourceName);
-        } else {
-            metadata = null;
-        }
-
-        return evaluate(metadata, Permissions.all(resourceServer, identity, authorization), identity, resourceServer);
+        return evaluate(getMetadata(metadataParam), Permissions.all(resourceServer, identity, authorization), identity, resourceServer);
     }
 
     @Path("{resource_server_id}")
@@ -306,4 +297,27 @@ public class EntitlementService {
                     }
                 }).collect(Collectors.toList());
     }
+
+    private AuthorizationRequestMetadata getMetadata(@QueryParam("metadata") String metadataParam) {
+        AuthorizationRequestMetadata metadata;
+
+        if (metadataParam != null) {
+            Map<String, String> claims = new HashMap<>();
+
+            for (String claim : metadataParam.split(",")) {
+                String[] values = claim.split("=");
+
+                if (values.length < 2) {
+                    throw new ErrorResponseException("invalid_metadata", "Invalid metadata", Status.BAD_REQUEST);
+                }
+
+                claims.put(values[0], values[1]);
+            }
+
+            metadata = new AuthorizationRequestMetadata(claims);
+        } else {
+            metadata = null;
+        }
+        return metadata;
+    }
 }