[keycloak-user] Requesting permission by resource name from another resource server results in "Resource Doesn't exist"
Or Harary
or at myobligo.com
Tue Sep 10 10:23:46 EDT 2019
Hey,
When I'm logged in as a user (grant_type=password), and I'm trying to
request a permission ticket for a resource by its name, and I'm using the
token endpoint and grant type
"urn:ietf:params:oauth:grant-type:uma-ticket", everything works well.
But if I'm using a resource server token (from a login using
client_credentials), and i'm trying to request permissions for a resource
in another resource server, by the resource name, it results with the
following error:
{
error: 'invalid_resource',
error_description: 'Resource with id [my-resource-name] does not exist.'
}
When I'm requesting the resource with its ID, everything works as expected.
In version 3.4 it worked well. I now checked it in version 6.0.1 and
version 7.0.0 and it doesn't work and it seems to be because of this line:
https://github.com/keycloak/keycloak/blob/9c2525ec1afb6737dd012d3c744a4098b787b3f7/services/src/main/java/org/keycloak/authorization/authorization/AuthorizationTokenService.java#L464
Is this the expected behaviour or a bug?
Thanks in advance,
Or
More information about the keycloak-user
mailing list