Add default empty authorities mapper and initialize openaire authorities mapper only if property has value eduperson_entitlement.

src/main/java/eu/dnetlib/authentication/security/initiliazers/Configurations.java

@@ -1,12 +1,13 @@
 package eu.dnetlib.authentication.security.initiliazers;
 
 import eu.dnetlib.authentication.configuration.Properties;
-import eu.dnetlib.authentication.security.oidc.OpenAIREAuthoritiesMapper;
+import eu.dnetlib.authentication.security.oidc.DefaultAuthoritiesMapper;
 import eu.dnetlib.authentication.security.oidc.OpenAIREUserInfoFetcher;
 import eu.dnetlib.authentication.utils.PropertyReader;
 import org.mitre.oauth2.model.ClientDetailsEntity;
 import org.mitre.oauth2.model.RegisteredClient;
 import org.mitre.openid.connect.client.OIDCAuthenticationProvider;
+import org.mitre.openid.connect.client.OIDCAuthoritiesMapper;
 import org.mitre.openid.connect.config.ServerConfiguration;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.context.annotation.Bean;
@@ -14,19 +15,20 @@ import org.springframework.context.annotation.Configuration;
 
 import java.util.Arrays;
 import java.util.HashSet;
+import java.util.Optional;
 
 @Configuration
 public class Configurations {
 
     private final Properties properties;
     private final PropertyReader scopeReader;
-    private final OpenAIREAuthoritiesMapper authoritiesMapper;
     private final OpenAIREUserInfoFetcher userInfoFetcher;
+    private final OIDCAuthoritiesMapper authoritiesMapper;
 
     @Autowired
-    public Configurations(Properties properties, OpenAIREAuthoritiesMapper authoritiesMapper, OpenAIREUserInfoFetcher userInfoFetcher, PropertyReader scopeReader) {
+    public Configurations(Properties properties, Optional<OIDCAuthoritiesMapper> authoritiesMapper, OpenAIREUserInfoFetcher userInfoFetcher, PropertyReader scopeReader) {
         this.properties = properties;
-        this.authoritiesMapper = authoritiesMapper;
+        this.authoritiesMapper = authoritiesMapper.orElse(new DefaultAuthoritiesMapper());
         this.userInfoFetcher = userInfoFetcher;
         this.scopeReader = scopeReader;
     }
@@ -37,7 +39,7 @@ public class Configurations {
         if(properties.getKeycloak()) {
             provider.setUserInfoFetcher(this.userInfoFetcher);
         }
-        if(this.properties.getAuthoritiesMapper() != null && this.scopeReader.getScopes().contains(this.properties.getAuthoritiesMapper())) {
+        if(this.authoritiesMapper != null) {
             provider.setAuthoritiesMapper(this.authoritiesMapper);
         }
         return provider;

src/main/java/eu/dnetlib/authentication/security/oidc/DefaultAuthoritiesMapper.java

@@ -0,0 +1,17 @@
+package eu.dnetlib.authentication.security.oidc;
+
+import com.nimbusds.jwt.JWT;
+import org.mitre.openid.connect.client.OIDCAuthoritiesMapper;
+import org.mitre.openid.connect.model.UserInfo;
+import org.springframework.security.core.GrantedAuthority;
+
+import java.util.Collection;
+import java.util.HashSet;
+
+public class DefaultAuthoritiesMapper implements OIDCAuthoritiesMapper {
+
+    @Override
+    public Collection<? extends GrantedAuthority> mapAuthorities(JWT jwtToken, UserInfo userInfo) {
+        return new HashSet<>();
+    }
+}

src/main/java/eu/dnetlib/authentication/security/oidc/OpenAIREAuthoritiesMapper.java

@@ -7,12 +7,16 @@ import eu.dnetlib.authentication.utils.AuthoritiesMapper;
 import org.mitre.openid.connect.client.OIDCAuthoritiesMapper;
 import org.mitre.openid.connect.model.UserInfo;
 import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.boot.autoconfigure.condition.ConditionalOnProperty;
 import org.springframework.security.core.GrantedAuthority;
 import org.springframework.stereotype.Component;
 
 import java.util.Collection;
 
 @Component
+@ConditionalOnProperty(
+        value="authentication.authorities-mapper",
+        havingValue = "eduperson_entitlement")
 public class OpenAIREAuthoritiesMapper implements OIDCAuthoritiesMapper {
 
     private final Properties properties;