Fix authentication cast to OpenAIREAuthentication while it is not a instance of. Check cookie existance to avoid extra calls for get user info.

2 years ago · 3f59a7e387
parent 639dc02108
commit 3f59a7e387
2 changed files with 32 additions and 8 deletions
--- a/src/main/java/eu/dnetlib/uoaauthorizationlibrary/security/AuthorizationService.java
+++ b/src/main/java/eu/dnetlib/uoaauthorizationlibrary/security/AuthorizationService.java
@ -1,6 +1,7 @@
 package eu.dnetlib.uoaauthorizationlibrary.security;

 import org.apache.log4j.Logger;
+import org.springframework.security.core.Authentication;
 import org.springframework.security.core.GrantedAuthority;
 import org.springframework.security.core.context.SecurityContextHolder;
 import org.springframework.stereotype.Component;
@ -69,7 +70,7 @@ public class AuthorizationService {
    }

    public List<String> getRoles() {
-        OpenAIREAuthentication authentication = (OpenAIREAuthentication) SecurityContextHolder.getContext().getAuthentication();
+        OpenAIREAuthentication authentication = getAuthentication();
        if (authentication != null && authentication.isAuthenticated()) {
            return authentication.getAuthorities().stream().map(GrantedAuthority::getAuthority).collect(Collectors.toList());
        }
@ -77,7 +78,7 @@ public class AuthorizationService {
    }

    public String getAaiId() {
-        OpenAIREAuthentication authentication = (OpenAIREAuthentication) SecurityContextHolder.getContext().getAuthentication();
+        OpenAIREAuthentication authentication = getAuthentication();
        if (authentication != null && authentication.isAuthenticated()) {
            return authentication.getUser().getSub();
        }
@ -85,10 +86,19 @@ public class AuthorizationService {
    }

    public String getEmail() {
-        OpenAIREAuthentication authentication = (OpenAIREAuthentication) SecurityContextHolder.getContext().getAuthentication();
+        OpenAIREAuthentication authentication = getAuthentication();
        if (authentication != null && authentication.isAuthenticated()) {
            return authentication.getUser().getEmail();
        }
        return null;
    }
+
+    private OpenAIREAuthentication getAuthentication() {
+        Authentication authentication = SecurityContextHolder.getContext().getAuthentication();
+        if(authentication instanceof OpenAIREAuthentication) {
+            return (OpenAIREAuthentication) authentication;
+        } else {
+            return null;
+        }
+    }
 }
--- a/src/main/java/eu/dnetlib/uoaauthorizationlibrary/utils/AuthorizationUtils.java
+++ b/src/main/java/eu/dnetlib/uoaauthorizationlibrary/utils/AuthorizationUtils.java
@ -10,12 +10,15 @@ import org.springframework.web.client.RestTemplate;

 import javax.servlet.http.Cookie;
 import javax.servlet.http.HttpServletRequest;
+import java.util.Arrays;
 import java.util.Collections;

@Component
 public class AuthorizationUtils {
    private final Logger log = Logger.getLogger(this.getClass());
    private final SecurityConfig securityConfig;
+    private final static String TOKEN = "AccessToken";
+    private final static String SESSION = "OpenAIRESession";

    @Autowired
    AuthorizationUtils(SecurityConfig securityConfig) {
@ -27,10 +30,9 @@ public class AuthorizationUtils {
            return null;
        }
        for (Cookie c : request.getCookies()) {
-            if (c.getName().equals("AccessToken")) {
+            if (c.getName().equals(TOKEN)) {
                return c.getValue();
            }
-
        }
        return null;
    }
@ -39,14 +41,26 @@ public class AuthorizationUtils {
        String url = securityConfig.getUserInfoUrl() + (securityConfig.isDeprecated()?getToken(request):"");
        RestTemplate restTemplate = new RestTemplate();
        try {
-            ResponseEntity<UserInfo> response = restTemplate.exchange(url, HttpMethod.GET, createHeaders(request), UserInfo.class);
-            return  response.getBody();
+            if(hasCookie(request)) {
+                ResponseEntity<UserInfo> response = restTemplate.exchange(url, HttpMethod.GET, createHeaders(request), UserInfo.class);
+                return  response.getBody();
+            }
+            return null;
        } catch (RestClientException e) {
-            log.error(e.getMessage());
+            log.error(url + ":" + e.getMessage());
            return null;
        }
    }

+    private boolean hasCookie(HttpServletRequest request) {
+        Cookie[] cookies = request.getCookies();
+        if(securityConfig.isDeprecated()) {
+            return Arrays.stream(cookies).anyMatch(cookie -> cookie.getName().equalsIgnoreCase(TOKEN));
+        } else {
+            return Arrays.stream(cookies).anyMatch(cookie -> cookie.getName().equalsIgnoreCase(SESSION));
+        }
+    }
+
    private HttpEntity<HttpHeaders> createHeaders(HttpServletRequest request) {
        HttpHeaders headers = new HttpHeaders();
        headers.setAccept(Collections.singletonList(MediaType.APPLICATION_JSON));