Project

General

Profile

« Previous | Next » 

Revision 61064

Added by Konstantinos Triantafyllou almost 3 years ago

[Login-core]: Revert openAIREUser on cookie. Change authorities mapper to cover provide roles.

View differences:

AuthoritiesMapper.java
2 2 

  		




  3
  3
  
    
import com.google.gson.JsonArray;


  		




  4
  4
  
    
import com.google.gson.JsonElement;


  		




  5
  
  
    
import com.nimbusds.jwt.JWTClaimsSet;


  		




  6
  
  
    
import eu.dnetlib.openaire.user.login.authorization.OpenAIREAuthoritiesMapper;


  		




  7
  5
  
    
import org.apache.log4j.Logger;


  		




  8
  6
  
    
import org.springframework.security.core.GrantedAuthority;


  		




  9
  7
  
    
import org.springframework.security.core.authority.SimpleGrantedAuthority;


  		




  10
  8
  
    

  		




  11
  
  
    
import java.text.ParseException;


  		




  12
  
  
    
import java.util.Collection;


  		




  13
  
  
    
import java.util.HashSet;


  		




  
  9
  
    
import java.util.*;


  		




  14
  10
  
    
import java.util.regex.Matcher;


  		




  15
  11
  
    
import java.util.regex.Pattern;


  		




  16
  12
  
    

  		




  ......




  20
  16
  
    

  		




  21
  17
  
    
    public static Collection<? extends GrantedAuthority> map(JsonArray entitlements) {


  		




  22
  18
  
    
        HashSet<SimpleGrantedAuthority> authorities = new HashSet<>();


  		




  23
  
  
    
        logger.info("entitlements" + entitlements.size());


  		




  24
  
  
    
        String  regex = "urn:geant:openaire[.]eu:group:(\\w+[\\W]*\\w+[-\\w]*):?(.*)?:role=member#aai[.]openaire[.]eu";


  		




  25
  
  
    
        authorities.add(new SimpleGrantedAuthority("REGISTERED_USER"));


  		




  
  19
  
    
        //entitlements.add("urn:geant:openaire.eu:group:datasource.opendoar____$$3469:role=member#aai.openaire.eu");


  		




  
  20
  
    
        provideRoles(entitlements, authorities);


  		




  
  21
  
    
        entityRoles(entitlements, authorities);


  		




  
  22
  
    
        return authorities;


  		




  
  23
  
    
    }


  		




  
  24
  
    

  		




  
  25
  
    
    private static void entityRoles(JsonArray entitlements, Set<SimpleGrantedAuthority> authorities) {


  		




  
  26
  
    
        String  regex = "urn:geant:openaire[.]eu:group:([^:]*):?(.*)?:role=member#aai[.]openaire[.]eu";


  		




  26
  27
  
    
        for(JsonElement obj: entitlements) {


  		




  27
  28
  
    
            Matcher matcher = Pattern.compile(regex).matcher(obj.getAsString());


  		




  28
  29
  
    
            if (matcher.find()) {


  		




  29
  30
  
    
                StringBuilder sb = new StringBuilder();


  		




  30
  31
  
    
                if(matcher.group(1) != null && matcher.group(1).length() > 0) {


  		




  31
  
  
    
                    sb.append(matcher.group(1).replaceFirst("[\\W]+", "_").toUpperCase());


  		




  
  32
  
    
                    sb.append(matcher.group(1).replace("+-+", "_").replaceAll("[+.]", "_").toUpperCase());


  		




  32
  33
  
    
                }


  		




  33
  34
  
    
                if(matcher.group(2).length() > 0) {


  		




  34
  
  
    
                    if(sb.toString().length() > 0) {


  		




  35
  
  
    
                        sb.append("_");


  		




  36
  
  
    
                    }


  		




  
  35
  
    
                    sb.append("_");


  		




  37
  36
  
    
                    if(matcher.group(2).equals("admins")) {


  		




  38
  37
  
    
                        sb.append("MANAGER");


  		




  39
  38
  
    
                    } else  {


  		




  40
  39
  
    
                        sb.append(matcher.group(2).toUpperCase());


  		




  41
  40
  
    
                    }


  		




  42
  41
  
    
                }


  		




  43
  
  
    
                authorities.add(new SimpleGrantedAuthority


  		




  44
  
  
    
                        (sb.toString()));


  		




  
  42
  
    
                authorities.add(new SimpleGrantedAuthority(sb.toString()));


  		




  45
  43
  
    
            }


  		




  46
  44
  
    
        }


  		




  47
  
  
    
        return authorities;


  		




  48
  45
  
    
    }


  		




  
  46
  
    

  		




  
  47
  
    
    private static void provideRoles(JsonArray entitlements, Set<SimpleGrantedAuthority> authorities) {


  		




  
  48
  
    
        Map<String, String> userRoles = new HashMap(){{


  		




  
  49
  
    
            put("urn:geant:openaire.eu:group:Super+Administrator:role=member#aai.openaire.eu", "ROLE_ADMIN");


  		




  
  50
  
    
            put("urn:geant:openaire.eu:group:Content+Provider+Dashboard+Administrator:role=member#aai.openaire.eu","ROLE_PROVIDE_ADMIN");


  		




  
  51
  
    
        }};


  		




  
  52
  
    
        Map<String,SimpleGrantedAuthority> userRolesMap = new HashMap<>();


  		




  
  53
  
    
        userRoles.forEach((openaireRole, appRole) -> userRolesMap.put(openaireRole, new SimpleGrantedAuthority(appRole)));


  		




  
  54
  
    
        authorities.add(new SimpleGrantedAuthority("ROLE_USER"));


  		




  
  55
  
    
        if(entitlements != null) {


  		




  
  56
  
    
            entitlements.forEach(role -> {


  		




  
  57
  
    
                SimpleGrantedAuthority authority = userRolesMap.get(role.getAsString());


  		




  
  58
  
    
                if (authority != null) {


  		




  
  59
  
    
                    authorities.add(authority);


  		




  
  60
  
    
                }


  		




  
  61
  
    
            });


  		




  
  62
  
    
        }


  		




  
  63
  
    
    }


  		




  49
  64
  
    
}


  		












Also available in:  Unified diff