From db87ad7f3b8c195f55529e55455f798934dbd04f Mon Sep 17 00:00:00 2001
From: "m.lettere" <marco.lettere@nubisware.com>
Date: Fri, 2 Jul 2021 15:26:59 +0000
Subject: [PATCH] Make valid tokens that come without resource_access to be
 granted for minimal privileges on context identified by audience

---
 src/main/java/org/gcube/smartgears/utils/GcubeJwt.java | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/src/main/java/org/gcube/smartgears/utils/GcubeJwt.java b/src/main/java/org/gcube/smartgears/utils/GcubeJwt.java
index 524d2b9..cde52ba 100644
--- a/src/main/java/org/gcube/smartgears/utils/GcubeJwt.java
+++ b/src/main/java/org/gcube/smartgears/utils/GcubeJwt.java
@@ -14,6 +14,8 @@ import org.gcube.com.fasterxml.jackson.annotation.JsonProperty;
 @JsonIgnoreProperties(ignoreUnknown = true)
 public class GcubeJwt {
 
+	protected final static List<String> MINIMAL_ROLES = List.of("Member");
+
 	@JsonProperty("aud")
 	private String context;
 		
@@ -33,7 +35,7 @@ public class GcubeJwt {
 	private String email;
 
 	public List<String> getRoles(){
-		return contextAccess.get(this.context).roles;
+		return contextAccess.get(this.context) == null ? MINIMAL_ROLES : contextAccess.get(this.context).roles;
 	}
 	
 	public String getContext() {