gCubeSystem
/
common-smartgears-legacy
15
0
Fork 1
Code Issues Pull Requests Releases 2 Wiki Activity

Make valid tokens that come without resource_access to be granted for minimal privileges on context identified by audience #1

Merged
lucio.lelii merged 1 commits from m.lettere/common-smartgears:master into minimal_privilege 2021-07-23 16:45:01 +02:00
Conversation 2 Commits 1 Files Changed 1 +3 -1
1 changed files with 3 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
src/main/java/org/gcube/smartgears/utils/GcubeJwt.java
View File

@ -14,6 +14,8 @@ import org.gcube.com.fasterxml.jackson.annotation.JsonProperty;
@JsonIgnoreProperties(ignoreUnknown = true)
public class GcubeJwt {
protected final static List<String> MINIMAL_ROLES = List.of("Member");
@JsonProperty("aud")
private String context;
@ -33,7 +35,7 @@ public class GcubeJwt {
private String email;
public List<String> getRoles(){
return contextAccess.get(this.context).roles;
return contextAccess.get(this.context) == null ? MINIMAL_ROLES : contextAccess.get(this.context).roles;
}
public String getContext() {