Change authorities mapper property to the field name of the array.
This commit is contained in:
parent
deaedfb86e
commit
b2f77d3e2e
|
@ -44,7 +44,7 @@ public class HealthController {
|
||||||
response.put("authentication.session", properties.getSession());
|
response.put("authentication.session", properties.getSession());
|
||||||
response.put("authentication.accessToken", properties.getAccessToken());
|
response.put("authentication.accessToken", properties.getAccessToken());
|
||||||
response.put("authentication.redirect", properties.getRedirect());
|
response.put("authentication.redirect", properties.getRedirect());
|
||||||
response.put("authentication.authorities-mappe", properties.getAuthoritiesMapper());
|
response.put("authentication.authorities-mapper", properties.getAuthoritiesMapper());
|
||||||
return response;
|
return response;
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
|
@ -43,7 +43,7 @@ public class Primitives {
|
||||||
@Bean
|
@Bean
|
||||||
public OIDCAuthenticationProvider provider() {
|
public OIDCAuthenticationProvider provider() {
|
||||||
OIDCAuthenticationProvider provider = new OIDCAuthenticationProvider();
|
OIDCAuthenticationProvider provider = new OIDCAuthenticationProvider();
|
||||||
if(this.properties.getAuthoritiesMapper() != null && this.properties.getAuthoritiesMapper().equals("openAIREMapper")) {
|
if(this.properties.getAuthoritiesMapper() != null) {
|
||||||
provider.setAuthoritiesMapper(this.authoritiesMapper);
|
provider.setAuthoritiesMapper(this.authoritiesMapper);
|
||||||
}
|
}
|
||||||
return provider;
|
return provider;
|
||||||
|
|
|
@ -2,9 +2,11 @@ package eu.dnetlib.loginservice.security.oidc;
|
||||||
|
|
||||||
import com.google.gson.JsonArray;
|
import com.google.gson.JsonArray;
|
||||||
import com.nimbusds.jwt.JWT;
|
import com.nimbusds.jwt.JWT;
|
||||||
|
import eu.dnetlib.loginservice.properties.Properties;
|
||||||
import eu.dnetlib.loginservice.utils.AuthoritiesMapper;
|
import eu.dnetlib.loginservice.utils.AuthoritiesMapper;
|
||||||
import org.mitre.openid.connect.client.OIDCAuthoritiesMapper;
|
import org.mitre.openid.connect.client.OIDCAuthoritiesMapper;
|
||||||
import org.mitre.openid.connect.model.UserInfo;
|
import org.mitre.openid.connect.model.UserInfo;
|
||||||
|
import org.springframework.beans.factory.annotation.Autowired;
|
||||||
import org.springframework.security.core.GrantedAuthority;
|
import org.springframework.security.core.GrantedAuthority;
|
||||||
import org.springframework.stereotype.Component;
|
import org.springframework.stereotype.Component;
|
||||||
|
|
||||||
|
@ -13,9 +15,16 @@ import java.util.Collection;
|
||||||
@Component
|
@Component
|
||||||
public class OpenAIREAuthoritiesMapper implements OIDCAuthoritiesMapper {
|
public class OpenAIREAuthoritiesMapper implements OIDCAuthoritiesMapper {
|
||||||
|
|
||||||
|
private final Properties properties;
|
||||||
|
|
||||||
|
@Autowired
|
||||||
|
OpenAIREAuthoritiesMapper(Properties properties) {
|
||||||
|
this.properties = properties;
|
||||||
|
}
|
||||||
|
|
||||||
@Override
|
@Override
|
||||||
public Collection<? extends GrantedAuthority> mapAuthorities(JWT jwtToken, UserInfo userInfo) {
|
public Collection<? extends GrantedAuthority> mapAuthorities(JWT jwtToken, UserInfo userInfo) {
|
||||||
JsonArray entitlements = userInfo.getSource().getAsJsonArray("edu_person_entitlements");
|
JsonArray entitlements = userInfo.getSource().getAsJsonArray(properties.getAuthoritiesMapper());
|
||||||
return AuthoritiesMapper.map(entitlements);
|
return AuthoritiesMapper.map(entitlements);
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
|
@ -12,10 +12,9 @@ authentication.session=openAIRESession
|
||||||
authentication.accessToken=AccessToken
|
authentication.accessToken=AccessToken
|
||||||
authentication.redirect=http://mpagasas.di.uoa.gr:4600/reload
|
authentication.redirect=http://mpagasas.di.uoa.gr:4600/reload
|
||||||
|
|
||||||
# Currently, this is the only available mapper, set to null or anything else will ignore this.
|
#authentication.authorities-mapper=edu_person_entitlements
|
||||||
authentication.authorities-mapper=openAIREMapper
|
|
||||||
|
|
||||||
## API Documentation Properties
|
## API Documentation Properties
|
||||||
api.title = Login Service
|
api.title = Login Service
|
||||||
api.description = Login service provides methods to authenticate users through AAI provider and retrieve information of authenticated user.
|
api.description = Login service provides methods to authenticate users through AAI provider and retrieve information of authenticated user.
|
||||||
api.version = ${project.version}
|
api.version = ${project.version}
|
||||||
|
|
Loading…
Reference in New Issue