From 82423f38a17a3198fa17a68d36fe7a58153053d1 Mon Sep 17 00:00:00 2001
From: Yohan Siguret <yohan.siguret@gmail.com>
Date: Tue, 21 Feb 2023 18:42:03 +0100
Subject: [PATCH] Add user id to TOKEN_EXCHANGE events

Co-authored-by: thaDude <ogdude@googlemail.com>
---
 .../protocol/oidc/DefaultTokenExchangeProvider.java        | 7 +++++--
 1 file changed, 5 insertions(+), 2 deletions(-)

diff --git a/services/src/main/java/org/keycloak/protocol/oidc/DefaultTokenExchangeProvider.java b/services/src/main/java/org/keycloak/protocol/oidc/DefaultTokenExchangeProvider.java
index aa458fc4cd..56534f4423 100644
--- a/services/src/main/java/org/keycloak/protocol/oidc/DefaultTokenExchangeProvider.java
+++ b/services/src/main/java/org/keycloak/protocol/oidc/DefaultTokenExchangeProvider.java
@@ -411,7 +411,8 @@ public class DefaultTokenExchangeProvider implements TokenExchangeProvider {
         }
 
         AccessTokenResponse res = responseBuilder.build();
-        event.detail(Details.AUDIENCE, targetClient.getClientId());
+        event.detail(Details.AUDIENCE, targetClient.getClientId())
+            .user(targetUser);
 
         event.success();
 
@@ -460,7 +461,9 @@ public class DefaultTokenExchangeProvider implements TokenExchangeProvider {
         res.setExpiresIn(assertionLifespan <= 0 ? realm.getAccessCodeLifespan() : assertionLifespan);
         res.setOtherClaims(OAuth2Constants.ISSUED_TOKEN_TYPE, requestedTokenType);
 
-        event.detail(Details.AUDIENCE, targetClient.getClientId());
+        event.detail(Details.AUDIENCE, targetClient.getClientId())
+            .user(targetUser);
+
         event.success();
 
         return cors.builder(Response.ok(res, MediaType.APPLICATION_JSON_TYPE)).build();