Add default empty authorities mapper and initialize openaire authorities mapper only if property has value eduperson_entitlement.
This commit is contained in:
parent
43f0d8f3da
commit
aecbab92a5
|
@ -1,12 +1,13 @@
|
|||
package eu.dnetlib.authentication.security.initiliazers;
|
||||
|
||||
import eu.dnetlib.authentication.configuration.Properties;
|
||||
import eu.dnetlib.authentication.security.oidc.OpenAIREAuthoritiesMapper;
|
||||
import eu.dnetlib.authentication.security.oidc.DefaultAuthoritiesMapper;
|
||||
import eu.dnetlib.authentication.security.oidc.OpenAIREUserInfoFetcher;
|
||||
import eu.dnetlib.authentication.utils.PropertyReader;
|
||||
import org.mitre.oauth2.model.ClientDetailsEntity;
|
||||
import org.mitre.oauth2.model.RegisteredClient;
|
||||
import org.mitre.openid.connect.client.OIDCAuthenticationProvider;
|
||||
import org.mitre.openid.connect.client.OIDCAuthoritiesMapper;
|
||||
import org.mitre.openid.connect.config.ServerConfiguration;
|
||||
import org.springframework.beans.factory.annotation.Autowired;
|
||||
import org.springframework.context.annotation.Bean;
|
||||
|
@ -14,19 +15,20 @@ import org.springframework.context.annotation.Configuration;
|
|||
|
||||
import java.util.Arrays;
|
||||
import java.util.HashSet;
|
||||
import java.util.Optional;
|
||||
|
||||
@Configuration
|
||||
public class Configurations {
|
||||
|
||||
private final Properties properties;
|
||||
private final PropertyReader scopeReader;
|
||||
private final OpenAIREAuthoritiesMapper authoritiesMapper;
|
||||
private final OpenAIREUserInfoFetcher userInfoFetcher;
|
||||
private final OIDCAuthoritiesMapper authoritiesMapper;
|
||||
|
||||
@Autowired
|
||||
public Configurations(Properties properties, OpenAIREAuthoritiesMapper authoritiesMapper, OpenAIREUserInfoFetcher userInfoFetcher, PropertyReader scopeReader) {
|
||||
public Configurations(Properties properties, Optional<OIDCAuthoritiesMapper> authoritiesMapper, OpenAIREUserInfoFetcher userInfoFetcher, PropertyReader scopeReader) {
|
||||
this.properties = properties;
|
||||
this.authoritiesMapper = authoritiesMapper;
|
||||
this.authoritiesMapper = authoritiesMapper.orElse(new DefaultAuthoritiesMapper());
|
||||
this.userInfoFetcher = userInfoFetcher;
|
||||
this.scopeReader = scopeReader;
|
||||
}
|
||||
|
@ -37,7 +39,7 @@ public class Configurations {
|
|||
if(properties.getKeycloak()) {
|
||||
provider.setUserInfoFetcher(this.userInfoFetcher);
|
||||
}
|
||||
if(this.properties.getAuthoritiesMapper() != null && this.scopeReader.getScopes().contains(this.properties.getAuthoritiesMapper())) {
|
||||
if(this.authoritiesMapper != null) {
|
||||
provider.setAuthoritiesMapper(this.authoritiesMapper);
|
||||
}
|
||||
return provider;
|
||||
|
|
|
@ -0,0 +1,17 @@
|
|||
package eu.dnetlib.authentication.security.oidc;
|
||||
|
||||
import com.nimbusds.jwt.JWT;
|
||||
import org.mitre.openid.connect.client.OIDCAuthoritiesMapper;
|
||||
import org.mitre.openid.connect.model.UserInfo;
|
||||
import org.springframework.security.core.GrantedAuthority;
|
||||
|
||||
import java.util.Collection;
|
||||
import java.util.HashSet;
|
||||
|
||||
public class DefaultAuthoritiesMapper implements OIDCAuthoritiesMapper {
|
||||
|
||||
@Override
|
||||
public Collection<? extends GrantedAuthority> mapAuthorities(JWT jwtToken, UserInfo userInfo) {
|
||||
return new HashSet<>();
|
||||
}
|
||||
}
|
|
@ -7,12 +7,16 @@ import eu.dnetlib.authentication.utils.AuthoritiesMapper;
|
|||
import org.mitre.openid.connect.client.OIDCAuthoritiesMapper;
|
||||
import org.mitre.openid.connect.model.UserInfo;
|
||||
import org.springframework.beans.factory.annotation.Autowired;
|
||||
import org.springframework.boot.autoconfigure.condition.ConditionalOnProperty;
|
||||
import org.springframework.security.core.GrantedAuthority;
|
||||
import org.springframework.stereotype.Component;
|
||||
|
||||
import java.util.Collection;
|
||||
|
||||
@Component
|
||||
@ConditionalOnProperty(
|
||||
value="authentication.authorities-mapper",
|
||||
havingValue = "eduperson_entitlement")
|
||||
public class OpenAIREAuthoritiesMapper implements OIDCAuthoritiesMapper {
|
||||
|
||||
private final Properties properties;
|
||||
|
|
Loading…
Reference in New Issue