Make valid tokens that come without resource_access to be granted for minimal privileges on context identified by audience #1

Merged
lucio.lelii merged 1 commits from m.lettere/common-smartgears:master into minimal_privilege 2021-07-23 16:45:01 +02:00
1 changed files with 3 additions and 1 deletions

View File

@ -14,6 +14,8 @@ import org.gcube.com.fasterxml.jackson.annotation.JsonProperty;
@JsonIgnoreProperties(ignoreUnknown = true)
public class GcubeJwt {
protected final static List<String> MINIMAL_ROLES = List.of("Member");
@JsonProperty("aud")
private String context;
@ -33,7 +35,7 @@ public class GcubeJwt {
private String email;
public List<String> getRoles(){
return contextAccess.get(this.context).roles;
return contextAccess.get(this.context) == null ? MINIMAL_ROLES : contextAccess.get(this.context).roles;
}
public String getContext() {