From c5b06f23e95536a0c64402a4f65a3b93b0ce684c Mon Sep 17 00:00:00 2001
From: pedroigor <pigor.craveiro@gmail.com>
Date: Tue, 28 Nov 2017 19:45:49 -0200
Subject: [PATCH] [KEYCLOAK-5900] - Returning error response when resource does
 not exist

---
 .../entitlement/EntitlementService.java              | 12 +++++++++---
 1 file changed, 9 insertions(+), 3 deletions(-)

diff --git a/services/src/main/java/org/keycloak/authorization/entitlement/EntitlementService.java b/services/src/main/java/org/keycloak/authorization/entitlement/EntitlementService.java
index cf7c57e559..f8f777e4c2 100644
--- a/services/src/main/java/org/keycloak/authorization/entitlement/EntitlementService.java
+++ b/services/src/main/java/org/keycloak/authorization/entitlement/EntitlementService.java
@@ -211,16 +211,22 @@ public class EntitlementService {
                 break;
             }
 
-            Resource resource;
+            Resource resource = null;
 
             if (requestedResource.getResourceSetId() != null) {
                 resource = storeFactory.getResourceStore().findById(requestedResource.getResourceSetId(), resourceServer.getId());
-            } else {
+                if (resource == null) {
+                    throw new ErrorResponseException("invalid_resource", "Resource with id [" + requestedResource.getResourceSetId() + "] does not exist.", Status.FORBIDDEN);
+                }
+            } else if (requestedResource.getResourceSetName() != null) {
                 resource = storeFactory.getResourceStore().findByName(requestedResource.getResourceSetName(), resourceServer.getId());
+                if (resource == null) {
+                    throw new ErrorResponseException("invalid_resource", "Resource with name [" + requestedResource.getResourceSetName() + "] does not exist.", Status.FORBIDDEN);
+                }
             }
 
             if (resource == null && (requestedResource.getScopes() == null || requestedResource.getScopes().isEmpty())) {
-                throw new ErrorResponseException("invalid_resource", "Resource with id [" + requestedResource.getResourceSetId() + "] or name [" + requestedResource.getResourceSetName() + "] does not exist.", Status.FORBIDDEN);
+                throw new ErrorResponseException("invalid_request", "You must provide a resource and/or scopes.", Status.FORBIDDEN);
             }
 
             Set<ScopeRepresentation> requestedScopes = requestedResource.getScopes().stream().map(ScopeRepresentation::new).collect(Collectors.toSet());