realm access roles

2024-04-16 12:06:50 +02:00 · 2024-04-16 12:06:50 +02:00 · 3a09d7515c
parent de087326b7
commit 3a09d7515c
2 changed files with 9 additions and 1 deletions
--- a/src/main/java/org/gcube/common/security/secrets/GCubeJWTObject.java
+++ b/src/main/java/org/gcube/common/security/secrets/GCubeJWTObject.java
@ -23,6 +23,9 @@ public class GCubeJWTObject {
 	@JsonProperty("resource_access")
 	private Map<String, Roles> contextAccess = new HashMap<>();

+	@JsonProperty("realm_access")
+	private List<String> realmAccess = new ArrayList<>();
+
 	@JsonProperty("preferred_username")
 	private String username;

@ -60,6 +63,11 @@ public class GCubeJWTObject {
 		return contextAccess.get(this.context) == null ? MINIMAL_ROLES : contextAccess.get(this.context).roles;
 	}

+	public List<String> getRealmRoles(){
+		return realmAccess;
+	}
+
+
 	public String getContext() {
 		try {
 			return  URLDecoder.decode(context, StandardCharsets.UTF_8.toString());
--- a/src/main/java/org/gcube/common/security/secrets/UmaTokenSecret.java
+++ b/src/main/java/org/gcube/common/security/secrets/UmaTokenSecret.java
@ -77,7 +77,7 @@ public class UmaTokenSecret extends Secret {

 				this.accessToken = objectMapper.readValue(decodedAccessPart, AccessToken.class);
 				GCubeJWTObject obj = objectMapper.readValue(decodedAccessPart, GCubeJWTObject.class);
-				owner = new Owner(obj.getUsername(), obj.getRoles(), obj.getEmail(), obj.getFirstName(),
+				owner = new Owner(obj.getUsername(), obj.getRoles(), obj.getRealmRoles(), obj.getEmail(), obj.getFirstName(),
 						obj.getLastName(), obj.isExternalService(), obj.isApplication());
 				owner.setClientName(obj.getClientName());
 				owner.setContactOrganisation(obj.getContactOrganisation());