Use find by name for resources|scopes|policies

CHANGELOG.md

@@ -6,6 +6,13 @@ The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/),
 
 ## [Unreleased]
 
+### Fixed
+- Crash after inserting more than 100 roles in realm-management authorization
+  [#1090](/adorsys/keycloak-config-cli/issues/1090):
+
+- NPE when using custom policy in AuthorizationPolicy [#1095](/adorsys/keycloak-config-cli/issues/1095):
+
+
 ## [6.1.6] - 2024-07-26
 
 ## [6.1.5] - 2024-06-27

src/main/java/de/adorsys/keycloak/config/repository/ClientRepository.java

@@ -195,11 +195,19 @@ public void removeAuthorizationResource(String realmName, String id, String reso
     }
 
     private String getResourceId(ClientResource clientResource, String resourceName) {
-        return clientResource.authorization().resources().resources().stream()
-            .filter(resource -> resourceName.equals(resource.getName()))
-            .findFirst()
-            .map(ResourceRepresentation::getId)
-            .orElse(null);
+        String clientId = clientResource.toRepresentation().getClientId();
+        // find it with name and owner(clientId)
+        // Note: findByName is not exact filter the resource with the exact name
+        return clientResource.authorization().resources().findByName(resourceName, clientId).stream()
+                .filter(r -> resourceName.equals(r.getName()))
+                .findFirst().map(ResourceRepresentation::getId)
+                .orElseGet(
+                    () -> clientResource.authorization().resources()
+                            .findByName(resourceName).stream()
+                            .filter(r -> resourceName.equals(r.getName())
+                                    && !clientId.equals(r.getOwner().getName()))
+                            .findFirst().map(ResourceRepresentation::getId)
+                    .orElse(null));
     }
 
     public void addAuthorizationScope(String realmName, String id, String name) {
@@ -225,11 +233,11 @@ public void removeAuthorizationScope(String realmName, String id, String scopeNa
     }
 
     private String getScopeId(ClientResource clientResource, String scopeName) {
-        return clientResource.authorization().scopes().scopes().stream()
-            .filter(scope -> scopeName.equals(scope.getName()))
-            .findFirst()
-            .map(ScopeRepresentation::getId)
-            .orElse(null);
+        ScopeRepresentation scopeRepresentation = clientResource.authorization().scopes().findByName(scopeName);
+        if (scopeRepresentation != null) {
+            return scopeRepresentation.getId();
+        }
+        return null;
     }
 
     public void createAuthorizationPolicy(String realmName, String id, PolicyRepresentation policy) {
@@ -255,11 +263,11 @@ public void removeAuthorizationPolicy(String realmName, String id, String policy
     }
 
     private String getPolicyId(ClientResource clientResource, String policyName) {
-        return clientResource.authorization().policies().policies().stream()
-            .filter(policy -> policyName.equals(policy.getName()))
-            .findFirst()
-            .map(PolicyRepresentation::getId)
-            .orElse(null);
+        PolicyRepresentation policyRepresentation = clientResource.authorization().policies().findByName(policyName);
+        if (policyRepresentation != null) {
+            return policyRepresentation.getId();
+        }
+        return null;
     }
 
     public void addScopeMapping(String realmName, String clientId,

src/main/java/de/adorsys/keycloak/config/service/ClientAuthorizationImportService.java

@@ -298,7 +298,9 @@ private void updateAuthorizationResource(
             existingClientAuthorizationResource.getOwner().setName(null);
         }
 
-        if (existingClientAuthorizationResource.getAttributes().isEmpty() && authorizationResourceToImport.getAttributes() == null) {
+        if (existingClientAuthorizationResource.getAttributes() != null
+                && existingClientAuthorizationResource.getAttributes().isEmpty()
+                && authorizationResourceToImport.getAttributes() == null) {
             existingClientAuthorizationResource.setAttributes(null);
         }
 

src/test/java/de/adorsys/keycloak/config/service/ImportClientsIT.java

@@ -2339,6 +2339,12 @@ void shouldNotTriggerErrorWhenReferencingInvalidUuidInFineGrainedAuthz() throws
         assertDoesNotThrow(() -> realmImportService.doImport(foundImport4));
     }
 
+    @Test
+    @Order(51)
+    void updateRealmWithClientWithMoreThan100RolesInRealmManagementAuthorization() throws IOException {
+        doImport("51_update_realm_with_client_with_more_than_100_roles_in_realm_management_authorization.json");
+    }
+
     @Test
     @Order(71)
     void shouldAddClientWithAuthenticationFlowBindingOverrides() throws IOException {