Change authorities mapper property in order to check if its value exists in scope.
This commit is contained in:
parent
b2f77d3e2e
commit
327307b7a0
|
@ -2,9 +2,11 @@ package eu.dnetlib.loginservice.security.initiliazers;
|
|||
|
||||
import com.sun.org.apache.xpath.internal.operations.Bool;
|
||||
import eu.dnetlib.loginservice.properties.Properties;
|
||||
import eu.dnetlib.loginservice.security.oidc.OpenAIREAuthoritiesMapper;
|
||||
import eu.dnetlib.loginservice.utils.ScopeReader;
|
||||
import org.mitre.oauth2.model.ClientDetailsEntity;
|
||||
import org.mitre.oauth2.model.RegisteredClient;
|
||||
import org.mitre.openid.connect.client.OIDCAuthenticationProvider;
|
||||
import org.mitre.openid.connect.config.ServerConfiguration;
|
||||
import org.springframework.beans.factory.annotation.Autowired;
|
||||
import org.springframework.beans.factory.annotation.Value;
|
||||
|
@ -18,11 +20,22 @@ public class Configurations {
|
|||
|
||||
private final Properties properties;
|
||||
private final ScopeReader scopeReader;
|
||||
private final OpenAIREAuthoritiesMapper authoritiesMapper;
|
||||
|
||||
@Autowired
|
||||
public Configurations(Properties properties, ScopeReader scopeReader) {
|
||||
public Configurations(Properties properties, OpenAIREAuthoritiesMapper authoritiesMapper, ScopeReader scopeReader) {
|
||||
this.properties = properties;
|
||||
this.scopeReader = scopeReader;
|
||||
this.authoritiesMapper = authoritiesMapper;
|
||||
}
|
||||
|
||||
@Bean
|
||||
public OIDCAuthenticationProvider provider() {
|
||||
OIDCAuthenticationProvider provider = new OIDCAuthenticationProvider();
|
||||
if(this.properties.getAuthoritiesMapper() != null && this.scopeReader.getScopes().contains(this.properties.getAuthoritiesMapper())) {
|
||||
provider.setAuthoritiesMapper(this.authoritiesMapper);
|
||||
}
|
||||
return provider;
|
||||
}
|
||||
|
||||
@Bean
|
||||
|
|
|
@ -17,12 +17,11 @@ import org.springframework.security.web.access.expression.DefaultWebSecurityExpr
|
|||
public class Primitives {
|
||||
|
||||
private final Properties properties;
|
||||
private final OpenAIREAuthoritiesMapper authoritiesMapper;;
|
||||
|
||||
@Autowired
|
||||
public Primitives(Properties properties, OpenAIREAuthoritiesMapper authoritiesMapper) {
|
||||
public Primitives(Properties properties) {
|
||||
this.properties = properties;
|
||||
this.authoritiesMapper = authoritiesMapper;
|
||||
|
||||
}
|
||||
|
||||
@Bean
|
||||
|
@ -40,15 +39,6 @@ public class Primitives {
|
|||
return new PlainAuthRequestUrlBuilder();
|
||||
}
|
||||
|
||||
@Bean
|
||||
public OIDCAuthenticationProvider provider() {
|
||||
OIDCAuthenticationProvider provider = new OIDCAuthenticationProvider();
|
||||
if(this.properties.getAuthoritiesMapper() != null) {
|
||||
provider.setAuthoritiesMapper(this.authoritiesMapper);
|
||||
}
|
||||
return provider;
|
||||
}
|
||||
|
||||
@Bean
|
||||
public StaticSingleIssuerService issuerService() {
|
||||
StaticSingleIssuerService issuerService = new StaticSingleIssuerService();
|
||||
|
|
|
@ -12,7 +12,7 @@ authentication.session=openAIRESession
|
|||
authentication.accessToken=AccessToken
|
||||
authentication.redirect=http://mpagasas.di.uoa.gr:4600/reload
|
||||
|
||||
#authentication.authorities-mapper=edu_person_entitlements
|
||||
#authentication.authorities-mapper=eduperson_entitlement
|
||||
|
||||
## API Documentation Properties
|
||||
api.title = Login Service
|
||||
|
|
Loading…
Reference in New Issue