Example 1 with BaseOidcScopeAttributeReleasePolicy
use of org.apereo.cas.oidc.claims.BaseOidcScopeAttributeReleasePolicy in project cas by apereo.
the class OidcProfileScopeToAttributesFilter method reconcile.
@Override
public void reconcile(final RegisteredService service) {
if (!(service instanceof OidcRegisteredService)) {
super.reconcile(service);
return;
}
final List<String> otherScopes = new ArrayList<>();
final ChainingAttributeReleasePolicy policy = new ChainingAttributeReleasePolicy();
final OidcRegisteredService oidc = OidcRegisteredService.class.cast(service);
oidc.getScopes().forEach(s -> {
switch(s.trim().toLowerCase()) {
case OidcConstants.EMAIL:
policy.getPolicies().add(new OidcEmailScopeAttributeReleasePolicy());
break;
case OidcConstants.ADDRESS:
policy.getPolicies().add(new OidcAddressScopeAttributeReleasePolicy());
break;
case OidcConstants.PROFILE:
policy.getPolicies().add(new OidcProfileScopeAttributeReleasePolicy());
break;
case OidcConstants.PHONE:
policy.getPolicies().add(new OidcPhoneScopeAttributeReleasePolicy());
break;
case OidcConstants.OFFLINE_ACCESS:
oidc.setGenerateRefreshToken(true);
break;
case OidcCustomScopeAttributeReleasePolicy.SCOPE_CUSTOM:
otherScopes.add(s.trim());
break;
default:
final BaseOidcScopeAttributeReleasePolicy userPolicy = userScopes.stream().filter(t -> t.getScopeName().equals(s.trim())).findFirst().orElse(null);
if (userPolicy != null) {
policy.getPolicies().add(userPolicy);
}
}
});
otherScopes.remove(OidcConstants.OPENID);
if (!otherScopes.isEmpty()) {
policy.getPolicies().add(new OidcCustomScopeAttributeReleasePolicy(otherScopes));
}
if (policy.getPolicies().isEmpty()) {
oidc.setAttributeReleasePolicy(new DenyAllAttributeReleasePolicy());
} else {
oidc.setAttributeReleasePolicy(policy);
}
this.servicesManager.save(oidc);
}
Also used :
DenyAllAttributeReleasePolicy(org.apereo.cas.services.DenyAllAttributeReleasePolicy)
OidcProfileScopeAttributeReleasePolicy(org.apereo.cas.oidc.claims.OidcProfileScopeAttributeReleasePolicy)
OidcCustomScopeAttributeReleasePolicy(org.apereo.cas.oidc.claims.OidcCustomScopeAttributeReleasePolicy)
BaseOidcScopeAttributeReleasePolicy(org.apereo.cas.oidc.claims.BaseOidcScopeAttributeReleasePolicy)
OidcRegisteredService(org.apereo.cas.services.OidcRegisteredService)
ArrayList(java.util.ArrayList)
ChainingAttributeReleasePolicy(org.apereo.cas.services.ChainingAttributeReleasePolicy)
OidcPhoneScopeAttributeReleasePolicy(org.apereo.cas.oidc.claims.OidcPhoneScopeAttributeReleasePolicy)
OidcAddressScopeAttributeReleasePolicy(org.apereo.cas.oidc.claims.OidcAddressScopeAttributeReleasePolicy)
OidcEmailScopeAttributeReleasePolicy(org.apereo.cas.oidc.claims.OidcEmailScopeAttributeReleasePolicy)
Example 2 with BaseOidcScopeAttributeReleasePolicy
use of org.apereo.cas.oidc.claims.BaseOidcScopeAttributeReleasePolicy in project cas by apereo.
the class OidcProfileScopeToAttributesFilter method filterAttributesByScope.
private void filterAttributesByScope(final Collection<String> stream, final Map<String, Object> attributes, final Principal principal, final RegisteredService registeredService) {
stream.stream().distinct().filter(s -> this.filters.containsKey(s)).forEach(s -> {
final BaseOidcScopeAttributeReleasePolicy policy = filters.get(s);
attributes.putAll(policy.getAttributes(principal, registeredService));
});
}
Also used :
OidcProfileScopeAttributeReleasePolicy(org.apereo.cas.oidc.claims.OidcProfileScopeAttributeReleasePolicy)
LoggerFactory(org.slf4j.LoggerFactory)
OAuthUtils(org.apereo.cas.support.oauth.util.OAuthUtils)
OidcCustomScopeAttributeReleasePolicy(org.apereo.cas.oidc.claims.OidcCustomScopeAttributeReleasePolicy)
HashMap(java.util.HashMap)
Reflections(org.reflections.Reflections)
OidcEmailScopeAttributeReleasePolicy(org.apereo.cas.oidc.claims.OidcEmailScopeAttributeReleasePolicy)
ArrayList(java.util.ArrayList)
BaseOidcScopeAttributeReleasePolicy(org.apereo.cas.oidc.claims.BaseOidcScopeAttributeReleasePolicy)
PrincipalFactory(org.apereo.cas.authentication.principal.PrincipalFactory)
DefaultOAuth20ProfileScopeToAttributesFilter(org.apereo.cas.support.oauth.profile.DefaultOAuth20ProfileScopeToAttributesFilter)
FilterBuilder(org.reflections.util.FilterBuilder)
Map(java.util.Map)
OidcAddressScopeAttributeReleasePolicy(org.apereo.cas.oidc.claims.OidcAddressScopeAttributeReleasePolicy)
ConfigurationBuilder(org.reflections.util.ConfigurationBuilder)
ChainingAttributeReleasePolicy(org.apereo.cas.services.ChainingAttributeReleasePolicy)
ServicesManager(org.apereo.cas.services.ServicesManager)
Unchecked(org.jooq.lambda.Unchecked)
Logger(org.slf4j.Logger)
OidcConstants(org.apereo.cas.oidc.OidcConstants)
Collection(java.util.Collection)
OidcPhoneScopeAttributeReleasePolicy(org.apereo.cas.oidc.claims.OidcPhoneScopeAttributeReleasePolicy)
Set(java.util.Set)
DenyAllAttributeReleasePolicy(org.apereo.cas.services.DenyAllAttributeReleasePolicy)
RegisteredService(org.apereo.cas.services.RegisteredService)
ClasspathHelper(org.reflections.util.ClasspathHelper)
SubTypesScanner(org.reflections.scanners.SubTypesScanner)
List(java.util.List)
OidcRegisteredService(org.apereo.cas.services.OidcRegisteredService)
Service(org.apereo.cas.authentication.principal.Service)
J2EContext(org.pac4j.core.context.J2EContext)
Principal(org.apereo.cas.authentication.principal.Principal)
BaseOidcScopeAttributeReleasePolicy(org.apereo.cas.oidc.claims.BaseOidcScopeAttributeReleasePolicy)
Aggregations
ArrayList (java.util.ArrayList)2
BaseOidcScopeAttributeReleasePolicy (org.apereo.cas.oidc.claims.BaseOidcScopeAttributeReleasePolicy)2
OidcAddressScopeAttributeReleasePolicy (org.apereo.cas.oidc.claims.OidcAddressScopeAttributeReleasePolicy)2
OidcCustomScopeAttributeReleasePolicy (org.apereo.cas.oidc.claims.OidcCustomScopeAttributeReleasePolicy)2
OidcEmailScopeAttributeReleasePolicy (org.apereo.cas.oidc.claims.OidcEmailScopeAttributeReleasePolicy)2
OidcPhoneScopeAttributeReleasePolicy (org.apereo.cas.oidc.claims.OidcPhoneScopeAttributeReleasePolicy)2
OidcProfileScopeAttributeReleasePolicy (org.apereo.cas.oidc.claims.OidcProfileScopeAttributeReleasePolicy)2
ChainingAttributeReleasePolicy (org.apereo.cas.services.ChainingAttributeReleasePolicy)2
DenyAllAttributeReleasePolicy (org.apereo.cas.services.DenyAllAttributeReleasePolicy)2
OidcRegisteredService (org.apereo.cas.services.OidcRegisteredService)2
Collection (java.util.Collection)1
HashMap (java.util.HashMap)1
List (java.util.List)1
Map (java.util.Map)1
Set (java.util.Set)1
Principal (org.apereo.cas.authentication.principal.Principal)1
PrincipalFactory (org.apereo.cas.authentication.principal.PrincipalFactory)1
Service (org.apereo.cas.authentication.principal.Service)1
OidcConstants (org.apereo.cas.oidc.OidcConstants)1
RegisteredService (org.apereo.cas.services.RegisteredService)1
