Revision 59162
Added by Katerina Iatropoulou almost 4 years ago
| modules/uoa-login-core/trunk/src/main/java/eu/dnetlib/openaire/user/login/authorization/OpenAIREAuthoritiesMapper.java | ||
|---|---|---|
| 48 | 48 |
|
| 49 | 49 |
return out; |
| 50 | 50 |
} |
| 51 |
|
|
| 52 |
/* In case of special roles. Not to be used now |
|
| 53 |
private GrantedAuthoritiesMapper userAuthoritiesMapper() {
|
|
| 54 |
|
|
| 55 |
return (authorities) -> {
|
|
| 56 |
Set<GrantedAuthority> mappedAuthorities = new HashSet<>(); |
|
| 57 |
mappedAuthorities.add(new SimpleGrantedAuthority("ROLE_USER"));
|
|
| 58 |
System.out.println(mappedAuthorities); |
|
| 59 |
|
|
| 60 |
authorities.forEach(authority -> {
|
|
| 61 |
if (OidcUserAuthority.class.isInstance(authority)) {
|
|
| 62 |
OidcUserAuthority oidcUserAuthority = (OidcUserAuthority)authority; |
|
| 63 |
|
|
| 64 |
OidcUserInfo userInfo = oidcUserAuthority.getUserInfo(); |
|
| 65 |
//System.out.println(userInfo.getClaims().keySet()); |
|
| 66 |
//System.out.println(userInfo.containsClaim("edu_person_entitlements"));
|
|
| 67 |
if (userInfo.containsClaim("edu_person_entitlements")){
|
|
| 68 |
System.out.println(userInfo.getClaimAsStringList("edu_person_entitlements"));
|
|
| 69 |
for (String entitlement:userInfo.getClaimAsStringList("edu_person_entitlements")) {
|
|
| 70 |
//System.out.println("en " + entitlement);
|
|
| 71 |
//mappedAuthorities.add(new SimpleGrantedAuthority("ROLE_" + entitlement));
|
|
| 72 |
|
|
| 73 |
String regex = "urn:geant:openaire.eu:group:(\\w+).(\\w+):role=(\\w+)#aai.openaire.eu"; |
|
| 74 |
Matcher matcher = Pattern.compile(regex).matcher(entitlement); |
|
| 75 |
if (matcher.find()) {
|
|
| 76 |
mappedAuthorities.add(new SimpleGrantedAuthority |
|
| 77 |
(new StringBuilder().append("ROLE_").append(matcher.group(1).toUpperCase()).append(".").append(matcher.group(3).toUpperCase()).toString()));
|
|
| 78 |
} |
|
| 79 |
} |
|
| 80 |
} |
|
| 81 |
} else if (OAuth2UserAuthority.class.isInstance(authority)) {
|
|
| 82 |
OAuth2UserAuthority oauth2UserAuthority = (OAuth2UserAuthority)authority; |
|
| 83 |
Map<String, Object> userAttributes = oauth2UserAuthority.getAttributes(); |
|
| 84 |
|
|
| 85 |
if (userAttributes.containsKey("role")){
|
|
| 86 |
String roleName = "ROLE_" + (String)userAttributes.get("role");
|
|
| 87 |
mappedAuthorities.add(new SimpleGrantedAuthority(roleName)); |
|
| 88 |
} |
|
| 89 |
} |
|
| 90 |
}); |
|
| 91 |
|
|
| 92 |
System.out.println(mappedAuthorities); |
|
| 93 |
return mappedAuthorities; |
|
| 94 |
}; |
|
| 95 |
} */ |
|
| 51 | 96 |
} |
Also available in: Unified diff
added method with openaire specific role parsing that adds a notion of role hierarchy