Search in sources :

Example 1 with OidcProfileScopeAttributeReleasePolicy

use of org.apereo.cas.oidc.claims.OidcProfileScopeAttributeReleasePolicy in project cas by apereo.

the class OidcProfileScopeToAttributesFilter method reconcile.

@Override
public void reconcile(final RegisteredService service) {
    if (!(service instanceof OidcRegisteredService)) {
        super.reconcile(service);
        return;
    }
    final List<String> otherScopes = new ArrayList<>();
    final ChainingAttributeReleasePolicy policy = new ChainingAttributeReleasePolicy();
    final OidcRegisteredService oidc = OidcRegisteredService.class.cast(service);
    oidc.getScopes().forEach(s -> {
        switch(s.trim().toLowerCase()) {
            case OidcConstants.EMAIL:
                policy.getPolicies().add(new OidcEmailScopeAttributeReleasePolicy());
                break;
            case OidcConstants.ADDRESS:
                policy.getPolicies().add(new OidcAddressScopeAttributeReleasePolicy());
                break;
            case OidcConstants.PROFILE:
                policy.getPolicies().add(new OidcProfileScopeAttributeReleasePolicy());
                break;
            case OidcConstants.PHONE:
                policy.getPolicies().add(new OidcPhoneScopeAttributeReleasePolicy());
                break;
            case OidcConstants.OFFLINE_ACCESS:
                oidc.setGenerateRefreshToken(true);
                break;
            case OidcCustomScopeAttributeReleasePolicy.SCOPE_CUSTOM:
                otherScopes.add(s.trim());
                break;
            default:
                final BaseOidcScopeAttributeReleasePolicy userPolicy = userScopes.stream().filter(t -> t.getScopeName().equals(s.trim())).findFirst().orElse(null);
                if (userPolicy != null) {
                    policy.getPolicies().add(userPolicy);
                }
        }
    });
    otherScopes.remove(OidcConstants.OPENID);
    if (!otherScopes.isEmpty()) {
        policy.getPolicies().add(new OidcCustomScopeAttributeReleasePolicy(otherScopes));
    }
    if (policy.getPolicies().isEmpty()) {
        oidc.setAttributeReleasePolicy(new DenyAllAttributeReleasePolicy());
    } else {
        oidc.setAttributeReleasePolicy(policy);
    }
    this.servicesManager.save(oidc);
}
Also used : DenyAllAttributeReleasePolicy(org.apereo.cas.services.DenyAllAttributeReleasePolicy) OidcProfileScopeAttributeReleasePolicy(org.apereo.cas.oidc.claims.OidcProfileScopeAttributeReleasePolicy) OidcCustomScopeAttributeReleasePolicy(org.apereo.cas.oidc.claims.OidcCustomScopeAttributeReleasePolicy) BaseOidcScopeAttributeReleasePolicy(org.apereo.cas.oidc.claims.BaseOidcScopeAttributeReleasePolicy) OidcRegisteredService(org.apereo.cas.services.OidcRegisteredService) ArrayList(java.util.ArrayList) ChainingAttributeReleasePolicy(org.apereo.cas.services.ChainingAttributeReleasePolicy) OidcPhoneScopeAttributeReleasePolicy(org.apereo.cas.oidc.claims.OidcPhoneScopeAttributeReleasePolicy) OidcAddressScopeAttributeReleasePolicy(org.apereo.cas.oidc.claims.OidcAddressScopeAttributeReleasePolicy) OidcEmailScopeAttributeReleasePolicy(org.apereo.cas.oidc.claims.OidcEmailScopeAttributeReleasePolicy)

Aggregations

ArrayList (java.util.ArrayList)1 BaseOidcScopeAttributeReleasePolicy (org.apereo.cas.oidc.claims.BaseOidcScopeAttributeReleasePolicy)1 OidcAddressScopeAttributeReleasePolicy (org.apereo.cas.oidc.claims.OidcAddressScopeAttributeReleasePolicy)1 OidcCustomScopeAttributeReleasePolicy (org.apereo.cas.oidc.claims.OidcCustomScopeAttributeReleasePolicy)1 OidcEmailScopeAttributeReleasePolicy (org.apereo.cas.oidc.claims.OidcEmailScopeAttributeReleasePolicy)1 OidcPhoneScopeAttributeReleasePolicy (org.apereo.cas.oidc.claims.OidcPhoneScopeAttributeReleasePolicy)1 OidcProfileScopeAttributeReleasePolicy (org.apereo.cas.oidc.claims.OidcProfileScopeAttributeReleasePolicy)1 ChainingAttributeReleasePolicy (org.apereo.cas.services.ChainingAttributeReleasePolicy)1 DenyAllAttributeReleasePolicy (org.apereo.cas.services.DenyAllAttributeReleasePolicy)1 OidcRegisteredService (org.apereo.cas.services.OidcRegisteredService)1