1 |
51525
|
panagiotis
|
package eu.dnetlib.repo.manager.service.config;
|
2 |
51239
|
panagiotis
|
|
3 |
|
|
import com.nimbusds.jwt.JWT;
|
4 |
|
|
import org.mitre.openid.connect.client.OIDCAuthoritiesMapper;
|
5 |
|
|
import org.mitre.openid.connect.model.UserInfo;
|
6 |
|
|
import org.slf4j.Logger;
|
7 |
|
|
import org.slf4j.LoggerFactory;
|
8 |
|
|
import org.springframework.security.core.GrantedAuthority;
|
9 |
|
|
import org.springframework.security.core.authority.SimpleGrantedAuthority;
|
10 |
|
|
|
11 |
|
|
import java.util.*;
|
12 |
|
|
|
13 |
51525
|
panagiotis
|
public class OpenAireProviderAuthoritiesMapper implements OIDCAuthoritiesMapper {
|
14 |
51239
|
panagiotis
|
|
15 |
51525
|
panagiotis
|
private static Logger logger = LoggerFactory.getLogger(OpenAireProviderAuthoritiesMapper.class);
|
16 |
51239
|
panagiotis
|
|
17 |
|
|
final private static String ROLE_CLAIMS = "edu_person_entitlements";
|
18 |
|
|
|
19 |
|
|
private Map<String,SimpleGrantedAuthority> userRolesMap;
|
20 |
|
|
|
21 |
51525
|
panagiotis
|
OpenAireProviderAuthoritiesMapper(Map<String,String> userRoles) {
|
22 |
51239
|
panagiotis
|
userRolesMap = new HashMap<>();
|
23 |
51525
|
panagiotis
|
userRoles.forEach((openaireRole, appRole) -> userRolesMap.put(openaireRole, new SimpleGrantedAuthority(appRole)));
|
24 |
51239
|
panagiotis
|
}
|
25 |
|
|
|
26 |
|
|
@Override
|
27 |
|
|
public Collection<? extends GrantedAuthority> mapAuthorities(JWT idToken, UserInfo userInfo) {
|
28 |
|
|
Set<GrantedAuthority> out = new HashSet<>();
|
29 |
|
|
out.add(new SimpleGrantedAuthority("ROLE_USER"));
|
30 |
51525
|
panagiotis
|
|
31 |
51239
|
panagiotis
|
if(userInfo.getSource().getAsJsonArray(ROLE_CLAIMS) != null) {
|
32 |
|
|
userInfo.getSource().getAsJsonArray(ROLE_CLAIMS).forEach(role -> {
|
33 |
|
|
SimpleGrantedAuthority authority = userRolesMap.get(role.getAsString());
|
34 |
|
|
if (authority != null) {
|
35 |
|
|
logger.debug("Role mapped " + role);
|
36 |
|
|
out.add(authority);
|
37 |
|
|
}
|
38 |
|
|
});
|
39 |
|
|
}
|
40 |
|
|
return out;
|
41 |
|
|
}
|
42 |
51525
|
panagiotis
|
}
|