From 8f719885fd451e6277b8c2b4c29bd865979ae908 Mon Sep 17 00:00:00 2001
From: stefvdwel <stefvdwel@hotmail.com>
Date: Tue, 16 Feb 2021 15:37:23 +0100
Subject: [PATCH] Fixed tests. Removed styling changes.

---
 .../client/resource/PermissionResource.java   | 13 +++++-----
 .../permission/PermissionTicketService.java   | 26 +++++++++----------
 2 files changed, 19 insertions(+), 20 deletions(-)

diff --git a/authz/client/src/main/java/org/keycloak/authorization/client/resource/PermissionResource.java b/authz/client/src/main/java/org/keycloak/authorization/client/resource/PermissionResource.java
index d4c4bfdbdc..0c7c07248f 100644
--- a/authz/client/src/main/java/org/keycloak/authorization/client/resource/PermissionResource.java
+++ b/authz/client/src/main/java/org/keycloak/authorization/client/resource/PermissionResource.java
@@ -65,10 +65,10 @@ public class PermissionResource {
                       final String requester,
                       final Boolean granted,
                       final Boolean returnNames) {
-        Callable<Map<String, Long>> callable = new Callable<Map<String, Long>>() {
+        Callable<Long> callable = new Callable<Long>() {
             @Override
-            public Map<String, Long> call() throws Exception {
-                return http.<Map<String, Long>>get(serverConfiguration.getPermissionEndpoint()+"/ticket/count")
+            public Long call() throws Exception {
+                return http.<Long>get(serverConfiguration.getPermissionEndpoint()+"/ticket/count")
                         .authorizationBearer(pat.call())
                         .param("resourceId", resourceId)
                         .param("scopeId", scopeId)
@@ -76,14 +76,13 @@ public class PermissionResource {
                         .param("requester", requester)
                         .param("granted", granted == null ? null : granted.toString())
                         .param("returnNames", returnNames == null ? null : returnNames.toString())
-                        .response().json(new TypeReference<Map<String, Long>>(){}).execute();
+                        .response().json(new TypeReference<Long>(){}).execute();
             }
         };
         try {
-            return callable.call().get("count");
+            return callable.call();
         } catch (Exception cause) {
-            return Throwables.retryAndWrapExceptionIfNecessary(callable, pat, "Error querying permission ticket count", cause)
-                    .get("count");
+            return Throwables.retryAndWrapExceptionIfNecessary(callable, pat, "Error querying permission ticket count", cause);
         }
     }
 
diff --git a/services/src/main/java/org/keycloak/authorization/protection/permission/PermissionTicketService.java b/services/src/main/java/org/keycloak/authorization/protection/permission/PermissionTicketService.java
index 880e4b214f..3a8069c1a3 100644
--- a/services/src/main/java/org/keycloak/authorization/protection/permission/PermissionTicketService.java
+++ b/services/src/main/java/org/keycloak/authorization/protection/permission/PermissionTicketService.java
@@ -81,23 +81,23 @@ public class PermissionTicketService {
             throw new ErrorResponseException("invalid_permission", "created permissions should have scope or scopeName", Response.Status.BAD_REQUEST);
         if (representation.getRequester() == null && representation.getRequesterName() == null)
             throw new ErrorResponseException("invalid_permission", "created permissions should have requester or requesterName", Response.Status.BAD_REQUEST);
-
+         
         ResourceStore rstore = this.authorization.getStoreFactory().getResourceStore();
         Resource resource = rstore.findById(representation.getResource(), resourceServer.getId());
         if (resource == null ) throw new ErrorResponseException("invalid_resource_id", "Resource set with id [" + representation.getResource() + "] does not exists in this server.", Response.Status.BAD_REQUEST);
-
+        
         if (!resource.getOwner().equals(this.identity.getId()))
             throw new ErrorResponseException("not_authorised", "permissions for [" + representation.getResource() + "] can be only created by the owner", Response.Status.FORBIDDEN);
-
+        
         UserModel user = null;
         if(representation.getRequester() != null)
             user = this.authorization.getKeycloakSession().userStorageManager().getUserById(this.authorization.getRealm(), representation.getRequester());
-        else
+        else 
             user = this.authorization.getKeycloakSession().userStorageManager().getUserByUsername(this.authorization.getRealm(), representation.getRequesterName());
-
+        
         if (user == null)
             throw new ErrorResponseException("invalid_permission", "Requester does not exists in this server as user.", Response.Status.BAD_REQUEST);
-
+        
         Scope scope = null;
         ScopeStore sstore = this.authorization.getStoreFactory().getScopeStore();
 
@@ -114,16 +114,16 @@ public class PermissionTicketService {
         boolean match = resource.getScopes().contains(scope);
 
         if (!match)
-           throw new ErrorResponseException("invalid_resource_id", "Resource set with id [" + representation.getResource() + "] does not have Scope [" + scope.getName() + "]", Response.Status.BAD_REQUEST);
-
+           throw new ErrorResponseException("invalid_resource_id", "Resource set with id [" + representation.getResource() + "] does not have Scope [" + scope.getName() + "]", Response.Status.BAD_REQUEST);     
+        
         Map<String, String> attributes = new HashMap<>();
         attributes.put(PermissionTicket.RESOURCE, resource.getId());
         attributes.put(PermissionTicket.SCOPE, scope.getId());
         attributes.put(PermissionTicket.REQUESTER, user.getId());
-
+        
         if (!ticketStore.find(attributes, resourceServer.getId(), -1, -1).isEmpty())
             throw new ErrorResponseException("invalid_permission", "Permission already exists", Response.Status.BAD_REQUEST);
-
+        
         PermissionTicket ticket = ticketStore.create(resource.getId(), scope.getId(), user.getId(), resourceServer);
         if(representation.isGranted())
                 ticket.setGrantedTimestamp(java.lang.System.currentTimeMillis());
@@ -144,7 +144,7 @@ public class PermissionTicketService {
         if (ticket == null) {
             throw new ErrorResponseException(OAuthErrorException.INVALID_REQUEST, "invalid_ticket", Response.Status.BAD_REQUEST);
         }
-
+        
         if (!ticket.getOwner().equals(this.identity.getId()) && !this.identity.isResourceServer())
             throw new ErrorResponseException("not_authorised", "permissions for [" + representation.getResource() + "] can be updated only by the owner or by the resource server", Response.Status.FORBIDDEN);
 
@@ -153,7 +153,7 @@ public class PermissionTicketService {
         return Response.noContent().build();
     }
 
-
+    
     @Path("{id}")
     @DELETE
     @Consumes("application/json")
@@ -168,7 +168,7 @@ public class PermissionTicketService {
         if (ticket == null) {
             throw new ErrorResponseException(OAuthErrorException.INVALID_REQUEST, "invalid_ticket", Response.Status.BAD_REQUEST);
         }
-
+        
         if (!ticket.getOwner().equals(this.identity.getId()) && !this.identity.isResourceServer() && !ticket.getRequester().equals(this.identity.getId()))
             throw new ErrorResponseException("not_authorised", "permissions for [" + ticket.getResource() + "] can be deleted only by the owner, the requester, or the resource server", Response.Status.FORBIDDEN);