gCubeSystem
/
common-smartgears
16
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Merge pull request 'Make valid tokens that come without resource_access to be granted for minimal privileges on context identified by audience' (!1) from m.lettere/common-smartgears:master into minimal_privilege 

Reviewed-on: #1
This commit is contained in:
Lucio Lelii 2021-07-23 16:45:00 +02:00
parent 406016cd29 db87ad7f3b
commit 3441742d44
1 changed files with 3 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
src/main/java/org/gcube/smartgears/utils/GcubeJwt.java
View File

@ -14,6 +14,8 @@ import org.gcube.com.fasterxml.jackson.annotation.JsonProperty;
@JsonIgnoreProperties(ignoreUnknown = true) @JsonIgnoreProperties(ignoreUnknown = true)
public class GcubeJwt { public class GcubeJwt {
protected final static List<String> MINIMAL_ROLES = List.of("Member");
@JsonProperty("aud") @JsonProperty("aud")
private String context; private String context;
@ -33,7 +35,7 @@ public class GcubeJwt {
private String email; private String email;
public List<String> getRoles(){ public List<String> getRoles(){
return contextAccess.get(this.context).roles; return contextAccess.get(this.context) == null ? MINIMAL_ROLES : contextAccess.get(this.context).roles;
} }
public String getContext() { public String getContext() {