[KEYCLOAK-4992] - Using query parameter metadata for GET requests

This commit is contained in:
Pedro Igor 2017-06-02 16:13:04 -03:00
parent dcd1a68d95
commit 813af5d757
4 changed files with 49 additions and 14 deletions

View file

@ -23,7 +23,9 @@ import com.fasterxml.jackson.annotation.JsonProperty;
*/
public class AuthorizationRequestMetadata {
@JsonProperty("include_resource_name")
public static final String INCLUDE_RESOURCE_NAME = "include_resource_name";
@JsonProperty(INCLUDE_RESOURCE_NAME)
private boolean includeResourceName;
public boolean isIncludeResourceName() {

View file

@ -41,7 +41,11 @@ public class EntitlementResource {
.authorizationBearer(this.eat);
if (metadata != null) {
method.param("include_resource_name", String.valueOf(metadata.isIncludeResourceName()));
StringBuilder params = new StringBuilder();
params.append(AuthorizationRequestMetadata.INCLUDE_RESOURCE_NAME).append("=").append(metadata.isIncludeResourceName());
method.param("metadata", params.toString());
}
return method.response().json(EntitlementResponse.class).execute();

View file

@ -16,16 +16,31 @@
*/
package org.keycloak.authorization.authorization.representation;
import java.util.Map;
import com.fasterxml.jackson.annotation.JsonProperty;
import com.sun.org.apache.xpath.internal.operations.Bool;
/**
* @author <a href="mailto:psilva@redhat.com">Pedro Igor</a>
*/
public class AuthorizationRequestMetadata {
@JsonProperty("include_resource_name")
public static final String INCLUDE_RESOURCE_NAME = "include_resource_name";
@JsonProperty(INCLUDE_RESOURCE_NAME)
private boolean includeResourceName;
public AuthorizationRequestMetadata() {
this(null);
}
public AuthorizationRequestMetadata(Map<String, String> claims) {
if (claims != null) {
includeResourceName = Boolean.valueOf(claims.getOrDefault(INCLUDE_RESOURCE_NAME, "true")).booleanValue();
}
}
public boolean isIncludeResourceName() {
return includeResourceName;
}

View file

@ -102,7 +102,7 @@ public class EntitlementService {
@GET()
@Produces("application/json")
@Consumes("application/json")
public Response getAll(@PathParam("resource_server_id") String resourceServerId, @QueryParam("include_resource_name") Boolean includeResourceName) {
public Response getAll(@PathParam("resource_server_id") String resourceServerId, @QueryParam("metadata") String metadataParam) {
KeycloakIdentity identity = new KeycloakIdentity(this.authorization.getKeycloakSession());
if (resourceServerId == null) {
@ -123,16 +123,7 @@ public class EntitlementService {
throw new ErrorResponseException(OAuthErrorException.INVALID_REQUEST, "Client does not support permissions", Status.FORBIDDEN);
}
AuthorizationRequestMetadata metadata;
if (includeResourceName != null) {
metadata = new AuthorizationRequestMetadata();
metadata.setIncludeResourceName(includeResourceName);
} else {
metadata = null;
}
return evaluate(metadata, Permissions.all(resourceServer, identity, authorization), identity, resourceServer);
return evaluate(getMetadata(metadataParam), Permissions.all(resourceServer, identity, authorization), identity, resourceServer);
}
@Path("{resource_server_id}")
@ -306,4 +297,27 @@ public class EntitlementService {
}
}).collect(Collectors.toList());
}
private AuthorizationRequestMetadata getMetadata(@QueryParam("metadata") String metadataParam) {
AuthorizationRequestMetadata metadata;
if (metadataParam != null) {
Map<String, String> claims = new HashMap<>();
for (String claim : metadataParam.split(",")) {
String[] values = claim.split("=");
if (values.length < 2) {
throw new ErrorResponseException("invalid_metadata", "Invalid metadata", Status.BAD_REQUEST);
}
claims.put(values[0], values[1]);
}
metadata = new AuthorizationRequestMetadata(claims);
} else {
metadata = null;
}
return metadata;
}
}