Hello
Currently, I used the setting “http-method-as-scope” for keycloak integrated in java spring boot project.
I have 2 API with same URI but different method (Scope)
- GET /resource/{id} (view permission), scope = GET
- PUT /resource/{id} (update permission), scope = PUT
These 2 resources will have different permission. User may have a view a resources but can not update it.
However, the getPathConfig function always return the path with PUT scope.
So, when I call the API with get method, it’s always blocked.
When I check the code in matches(String targetUri) function in the library keycloak-adapter-core, I foun that the targetResource is always the first element from the matched resources returned by keycloak server.
ResourceRepresentation targetResource = (ResourceRepresentation)matchingResources.get(0);
Please advice me on how should I handle this case.
One solution I can think of is to change the uri to different values but then it’s not follow correct RESTFUL standard anymore.
