Skip to content

Commit

Permalink
fixing conflicts / compilation / testsuite after rebasing
Browse files Browse the repository at this point in the history
  • Loading branch information
pmauduit committed Jan 31, 2024
1 parent b694e67 commit 885806f
Show file tree
Hide file tree
Showing 8 changed files with 29 additions and 23 deletions.
Original file line number Diff line number Diff line change
Expand Up @@ -50,8 +50,8 @@ protected Optional<GeorchestraUser> find(GeorchestraUser mappedUser) {
}

protected Optional<GeorchestraUser> findInternal(GeorchestraUser mappedUser) {
if (null != mappedUser.getOAuth2ProviderId()) {
return findByOAuth2ProviderId(mappedUser.getOAuth2ProviderId());
if ((null != mappedUser.getOAuth2Provider()) && (null != mappedUser.getOAuth2Uid())) {
return findByOAuth2Uid(mappedUser.getOAuth2Provider(), mappedUser.getOAuth2Uid());
}
return findByUsername(mappedUser.getUsername());
}
Expand All @@ -73,7 +73,7 @@ GeorchestraUser createIfMissing(GeorchestraUser mapped) {
}
}

protected abstract Optional<GeorchestraUser> findByOAuth2ProviderId(String oauth2ProviderId);
protected abstract Optional<GeorchestraUser> findByOAuth2Uid(String oauth2Provider, String oauth2Uid);

protected abstract Optional<GeorchestraUser> findByUsername(String username);

Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -61,7 +61,7 @@ public class CreateAccountUserCustomizer implements GeorchestraUserCustomizerExt
final boolean isOauth2 = auth instanceof OAuth2AuthenticationToken;
final boolean isPreAuth = auth instanceof PreAuthenticatedAuthenticationToken;
if (isOauth2) {
Objects.requireNonNull(mappedUser.getOAuth2ProviderId(), "GeorchestraUser.oAuth2ProviderId is null");
Objects.requireNonNull(mappedUser.getOAuth2Uid(), "GeorchestraUser.oAuth2ProviderId is null");
}
if (isPreAuth) {
Objects.requireNonNull(mappedUser.getUsername(), "GeorchestraUser.username is null");
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -73,8 +73,8 @@ public LdapAccountsManager(Consumer<AccountCreated> eventPublisher, AccountDao a
}

@Override
protected Optional<GeorchestraUser> findByOAuth2ProviderId(@NonNull String oauth2ProviderId) {
return usersApi.findByOAuth2ProviderId(oauth2ProviderId).map(this::ensureRolesPrefixed);
protected Optional<GeorchestraUser> findByOAuth2Uid(@NonNull String oAuth2Provider, @NonNull String oAuth2Uid) {
return usersApi.findByOAuth2Uid(oAuth2Provider, oAuth2Uid).map(this::ensureRolesPrefixed);
}

@Override
Expand Down Expand Up @@ -145,10 +145,11 @@ private Account mapToAccountBrief(@NonNull GeorchestraUser preAuth) {
String phone = "";
String title = "";
String description = "";
final @javax.annotation.Nullable String oAuth2ProviderId = preAuth.getOAuth2ProviderId();
final @javax.annotation.Nullable String oAuth2Provider = preAuth.getOAuth2Provider();
final @javax.annotation.Nullable String oAuth2Uid = preAuth.getOAuth2Uid();

Account newAccount = AccountFactory.createBrief(username, password, firstName, lastName, email, phone, title,
description, oAuth2ProviderId);
description, oAuth2Provider, oAuth2Uid);
newAccount.setPending(false);
if (StringUtils.isEmpty(org) && !StringUtils.isBlank(defaultOrganization)) {
newAccount.setOrg(defaultOrganization);
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -44,23 +44,28 @@ public RabbitmqAccountCreatedEventSender(AmqpTemplate eventTemplate) {
@EventListener(AccountCreated.class)
public void on(AccountCreated event) {
GeorchestraUser user = event.getUser();
final String oAuth2ProviderId = user.getOAuth2ProviderId();
if (null != oAuth2ProviderId) {
final String oAuth2Provider = user.getOAuth2Provider();
if (null != oAuth2Provider) {
String fullName = user.getFirstName() + " " + user.getLastName();
String localUid = user.getUsername();
String email = user.getEmail();
String provider = oAuth2ProviderId;
sendNewOAuthAccountMessage(fullName, email, provider);
String organization = user.getOrganization();
String oAuth2Uid = user.getOAuth2Uid();
sendNewOAuthAccountMessage(fullName, localUid, email, organization, oAuth2Provider, oAuth2Uid);
}
}

public void sendNewOAuthAccountMessage(String fullName, String email, String provider) {
// beans getting a reference to the sender
public void sendNewOAuthAccountMessage(String fullName, String localUid, String email, String organization,
String providerName, String providerUid) {
JSONObject jsonObj = new JSONObject();
jsonObj.put("uid", UUID.randomUUID());
jsonObj.put("subject", OAUTH2_ACCOUNT_CREATION);
jsonObj.put("username", fullName); // bean
jsonObj.put("email", email); // bean
jsonObj.put("provider", provider); // bean
jsonObj.put("fullName", fullName);
jsonObj.put("localUid", localUid);
jsonObj.put("email", email);
jsonObj.put("organization", organization);
jsonObj.put("providerName", providerName);
jsonObj.put("providerUid", providerUid);
eventTemplate.convertAndSend("routing-gateway", jsonObj.toString());// send
}
}
Original file line number Diff line number Diff line change
Expand Up @@ -83,7 +83,6 @@ public SecurityWebFilterChain securityWebFilterChain(ServerHttpSecurity http,

log.info("Security filter chain initialized");


ServerHttpSecurity.LogoutSpec logoutUrl = http.formLogin().loginPage("/login").and().logout()
.logoutUrl("/logout");
if (oidcLogoutSuccessHandler != null) {
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -83,9 +83,8 @@ protected Optional<GeorchestraUser> map(OAuth2AuthenticationToken token) {

OAuth2User oAuth2User = token.getPrincipal();
GeorchestraUser user = new GeorchestraUser();
final String oAuth2ProviderId = String.format("%s;%s", token.getAuthorizedClientRegistrationId(),
token.getName());
user.setOAuth2ProviderId(oAuth2ProviderId);
user.setOAuth2Provider(token.getAuthorizedClientRegistrationId());
user.setOAuth2Uid(token.getName());
Map<String, Object> attributes = oAuth2User.getAttributes();

List<String> roles = resolveRoles(oAuth2User.getAuthorities());
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -156,6 +156,8 @@ public OpenIdConnectUserMapper(@NonNull OAuth2ConfigurationProperties config) {
try {
applyStandardClaims(oidcUser, user);
applyNonStandardClaims(oidcUser.getClaims(), user);
user.setUsername((token.getAuthorizedClientRegistrationId() + "_" + user.getUsername())
.replaceAll("[^a-zA-Z0-9-_]", "_").toLowerCase());
} catch (Exception e) {
log.error("Error mapping non-standard OIDC claims for authenticated user", e);
throw new IllegalStateException(e);
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -151,7 +151,7 @@ private void verifyMappedUser(String expected) {
oidcRolesMappingConfig.setNormalize(true);
oidcRolesMappingConfig.setUppercase(true);

verifyMappedUser("{\"GeorchestraUser\":{\"username\":\"user\","
verifyMappedUser("{\"GeorchestraUser\":{\"username\":\"testclient_user\","
+ "\"roles\":[\"ROLE_AUTHORITY_1\",\"ROLE_GP.OIDC.ROLE_1\",\"ROLE_GP.OIDC.ROLE_2\"]}}");
}

Expand All @@ -168,7 +168,7 @@ private void verifyMappedUser(String expected) {
oidcRolesMappingConfig.getJson().setSplit(true);
oidcRolesMappingConfig.getJson().getPath().add("$.permission");

verifyMappedUser("{\"GeorchestraUser\":{\"username\":\"user\","
verifyMappedUser("{\"GeorchestraUser\":{\"username\":\"testclient_user\","
+ "\"roles\":[\"ROLE_AUTHORITY_1\",\"ROLE_GP.OIDC.ROLE 1\",\"ROLE_GP.OIDC.ROLE 2\"]}}");
}
}

0 comments on commit 885806f

Please sign in to comment.