use of org.orcid.jaxb.model.message.ScopePathType in project ORCID-Source by ORCID.
the class OrcidSecurityManagerImpl method checkScopes.
@Override
public void checkScopes(ScopePathType requiredScope) {
//Verify the client is not a public client
checkClientType();
OAuth2Authentication oAuth2Authentication = getOAuth2Authentication();
OAuth2Request authorizationRequest = oAuth2Authentication.getOAuth2Request();
Set<ScopePathType> requestedScopes = ScopePathType.getScopesFromStrings(authorizationRequest.getScope());
for (ScopePathType scope : requestedScopes) {
if (scope.hasScope(requiredScope)) {
return;
}
}
throw new OrcidAccessControlException();
}
use of org.orcid.jaxb.model.message.ScopePathType in project ORCID-Source by ORCID.
the class OrcidSecurityManagerImpl method isNonClientCredentialScope.
private boolean isNonClientCredentialScope(OAuth2Authentication oAuth2Authentication) {
OAuth2Request authorizationRequest = oAuth2Authentication.getOAuth2Request();
Set<String> requestedScopes = ScopePathType.getCombinedScopesFromStringsAsStrings(authorizationRequest.getScope());
for (String scopeName : requestedScopes) {
ScopePathType scopePathType = ScopePathType.fromValue(scopeName);
if (!scopePathType.isClientCreditalScope()) {
return true;
}
}
return false;
}
use of org.orcid.jaxb.model.message.ScopePathType in project ORCID-Source by ORCID.
the class SecurityContextTestUtils method setUpSecurityContext.
public static void setUpSecurityContext(String userOrcid, String clientId, ScopePathType... scopePathTypes) {
SecurityContextImpl securityContext = new SecurityContextImpl();
OrcidOAuth2Authentication mockedAuthentication = mock(OrcidOAuth2Authentication.class);
securityContext.setAuthentication(mockedAuthentication);
SecurityContextHolder.setContext(securityContext);
ProfileEntity userProfileEntity = new ProfileEntity(userOrcid);
when(mockedAuthentication.getPrincipal()).thenReturn(userProfileEntity);
Authentication userAuthentication = mock(Authentication.class);
when(userAuthentication.getPrincipal()).thenReturn(userProfileEntity);
when(mockedAuthentication.getUserAuthentication()).thenReturn(userAuthentication);
Set<String> scopes = new HashSet<String>();
if (scopePathTypes != null) {
for (ScopePathType scopePathType : scopePathTypes) {
scopes.add(scopePathType.value());
}
}
OAuth2Request authorizationRequest = new OAuth2Request(Collections.<String, String>emptyMap(), clientId, Collections.<GrantedAuthority>emptyList(), true, scopes, Collections.<String>emptySet(), null, Collections.<String>emptySet(), Collections.<String, Serializable>emptyMap());
when(mockedAuthentication.getOAuth2Request()).thenReturn(authorizationRequest);
when(mockedAuthentication.isAuthenticated()).thenReturn(true);
}
use of org.orcid.jaxb.model.message.ScopePathType in project ORCID-Source by ORCID.
the class SecurityContextTestUtils method setUpSecurityContextForClientOnly.
public static void setUpSecurityContextForClientOnly(String clientId, ScopePathType... scopePathTypes) {
Set<String> scopes = new HashSet<String>();
for (ScopePathType scope : scopePathTypes) {
scopes.add(scope.value());
}
setUpSecurityContextForClientOnly(clientId, scopes);
}
use of org.orcid.jaxb.model.message.ScopePathType in project ORCID-Source by ORCID.
the class GroupAdministratorController method getAvailableRedirectUriScopes.
@RequestMapping(value = "/get-available-scopes.json", method = RequestMethod.GET)
@Produces(value = { MediaType.APPLICATION_JSON })
@ResponseBody
public List<String> getAvailableRedirectUriScopes() {
List<String> scopes = new ArrayList<String>();
// Ignore these scopes
List<ScopePathType> ignoreScopes = new ArrayList<ScopePathType>(Arrays.asList(ScopePathType.ORCID_PATENTS_CREATE, ScopePathType.ORCID_PATENTS_READ_LIMITED, ScopePathType.ORCID_PATENTS_UPDATE, ScopePathType.WEBHOOK, ScopePathType.ORCID_PROFILE_CREATE, ScopePathType.FUNDING_READ_LIMITED, ScopePathType.AFFILIATIONS_READ_LIMITED, ScopePathType.READ_PUBLIC));
for (ScopePathType t : ScopePathType.values()) {
if (!ignoreScopes.contains(t))
scopes.add(t.value());
}
Collections.sort(scopes);
return scopes;
}
Aggregations