gCubeSystem
/
common-smartgears
16
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Make valid tokens that come without resource_access to be granted for minimal privileges on context identified by audience

This commit is contained in:
Marco Lettere 2021-07-02 15:26:59 +00:00
parent 406016cd29
commit db87ad7f3b
1 changed files with 3 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
src/main/java/org/gcube/smartgears/utils/GcubeJwt.java
View File

@ -14,6 +14,8 @@ import org.gcube.com.fasterxml.jackson.annotation.JsonProperty;
@JsonIgnoreProperties(ignoreUnknown = true)
public class GcubeJwt {
protected final static List<String> MINIMAL_ROLES = List.of("Member");
@JsonProperty("aud")
private String context;
@ -33,7 +35,7 @@ public class GcubeJwt {
private String email;
public List<String> getRoles(){
return contextAccess.get(this.context).roles;
return contextAccess.get(this.context) == null ? MINIMAL_ROLES : contextAccess.get(this.context).roles;
}
public String getContext() {