diff --git a/src/main/java/eu/dnetlib/loginservice/controllers/HealthController.java b/src/main/java/eu/dnetlib/loginservice/controllers/HealthController.java index 1dacdc9..580a4d7 100644 --- a/src/main/java/eu/dnetlib/loginservice/controllers/HealthController.java +++ b/src/main/java/eu/dnetlib/loginservice/controllers/HealthController.java @@ -44,7 +44,7 @@ public class HealthController { response.put("authentication.session", properties.getSession()); response.put("authentication.accessToken", properties.getAccessToken()); response.put("authentication.redirect", properties.getRedirect()); - response.put("authentication.authorities-mappe", properties.getAuthoritiesMapper()); + response.put("authentication.authorities-mapper", properties.getAuthoritiesMapper()); return response; } } diff --git a/src/main/java/eu/dnetlib/loginservice/security/initiliazers/Primitives.java b/src/main/java/eu/dnetlib/loginservice/security/initiliazers/Primitives.java index ca56c8a..680ad4a 100644 --- a/src/main/java/eu/dnetlib/loginservice/security/initiliazers/Primitives.java +++ b/src/main/java/eu/dnetlib/loginservice/security/initiliazers/Primitives.java @@ -43,7 +43,7 @@ public class Primitives { @Bean public OIDCAuthenticationProvider provider() { OIDCAuthenticationProvider provider = new OIDCAuthenticationProvider(); - if(this.properties.getAuthoritiesMapper() != null && this.properties.getAuthoritiesMapper().equals("openAIREMapper")) { + if(this.properties.getAuthoritiesMapper() != null) { provider.setAuthoritiesMapper(this.authoritiesMapper); } return provider; diff --git a/src/main/java/eu/dnetlib/loginservice/security/oidc/OpenAIREAuthoritiesMapper.java b/src/main/java/eu/dnetlib/loginservice/security/oidc/OpenAIREAuthoritiesMapper.java index 29d7cf9..c1d5af0 100644 --- a/src/main/java/eu/dnetlib/loginservice/security/oidc/OpenAIREAuthoritiesMapper.java +++ b/src/main/java/eu/dnetlib/loginservice/security/oidc/OpenAIREAuthoritiesMapper.java @@ -2,9 +2,11 @@ package eu.dnetlib.loginservice.security.oidc; import com.google.gson.JsonArray; import com.nimbusds.jwt.JWT; +import eu.dnetlib.loginservice.properties.Properties; import eu.dnetlib.loginservice.utils.AuthoritiesMapper; import org.mitre.openid.connect.client.OIDCAuthoritiesMapper; import org.mitre.openid.connect.model.UserInfo; +import org.springframework.beans.factory.annotation.Autowired; import org.springframework.security.core.GrantedAuthority; import org.springframework.stereotype.Component; @@ -13,9 +15,16 @@ import java.util.Collection; @Component public class OpenAIREAuthoritiesMapper implements OIDCAuthoritiesMapper { + private final Properties properties; + + @Autowired + OpenAIREAuthoritiesMapper(Properties properties) { + this.properties = properties; + } + @Override public Collection mapAuthorities(JWT jwtToken, UserInfo userInfo) { - JsonArray entitlements = userInfo.getSource().getAsJsonArray("edu_person_entitlements"); + JsonArray entitlements = userInfo.getSource().getAsJsonArray(properties.getAuthoritiesMapper()); return AuthoritiesMapper.map(entitlements); } } diff --git a/src/main/resources/authentication.properties b/src/main/resources/authentication.properties index 07868b3..73e8a2d 100644 --- a/src/main/resources/authentication.properties +++ b/src/main/resources/authentication.properties @@ -12,10 +12,9 @@ authentication.session=openAIRESession authentication.accessToken=AccessToken authentication.redirect=http://mpagasas.di.uoa.gr:4600/reload -# Currently, this is the only available mapper, set to null or anything else will ignore this. -authentication.authorities-mapper=openAIREMapper +#authentication.authorities-mapper=edu_person_entitlements ## API Documentation Properties api.title = Login Service api.description = Login service provides methods to authenticate users through AAI provider and retrieve information of authenticated user. -api.version = ${project.version} \ No newline at end of file +api.version = ${project.version}