43 lines
1.6 KiB
Java
43 lines
1.6 KiB
Java
package eu.dnetlib.repo.manager.config;
|
|
|
|
import com.nimbusds.jwt.JWT;
|
|
import org.mitre.openid.connect.client.OIDCAuthoritiesMapper;
|
|
import org.mitre.openid.connect.model.UserInfo;
|
|
import org.slf4j.Logger;
|
|
import org.slf4j.LoggerFactory;
|
|
import org.springframework.security.core.GrantedAuthority;
|
|
import org.springframework.security.core.authority.SimpleGrantedAuthority;
|
|
|
|
import java.util.*;
|
|
|
|
public class OpenAireProviderAuthoritiesMapper implements OIDCAuthoritiesMapper {
|
|
|
|
private static Logger logger = LoggerFactory.getLogger(OpenAireProviderAuthoritiesMapper.class);
|
|
|
|
private final static String ROLE_CLAIMS = "edu_person_entitlements";
|
|
|
|
private Map<String,SimpleGrantedAuthority> userRolesMap;
|
|
|
|
OpenAireProviderAuthoritiesMapper(Map<String,String> userRoles) {
|
|
userRolesMap = new HashMap<>();
|
|
userRoles.forEach((openaireRole, appRole) -> userRolesMap.put(openaireRole, new SimpleGrantedAuthority(appRole)));
|
|
}
|
|
|
|
@Override
|
|
public Collection<? extends GrantedAuthority> mapAuthorities(JWT idToken, UserInfo userInfo) {
|
|
Set<GrantedAuthority> out = new HashSet<>();
|
|
out.add(new SimpleGrantedAuthority("ROLE_USER"));
|
|
|
|
if(userInfo.getSource().getAsJsonArray(ROLE_CLAIMS) != null) {
|
|
userInfo.getSource().getAsJsonArray(ROLE_CLAIMS).forEach(role -> {
|
|
SimpleGrantedAuthority authority = userRolesMap.get(role.getAsString());
|
|
if (authority != null) {
|
|
logger.debug(String.format("Role mapped %s",role));
|
|
out.add(authority);
|
|
}
|
|
});
|
|
}
|
|
return out;
|
|
}
|
|
}
|