use of org.python.google.common.base.Function in project oxAuth by GluuFederation.
the class UmaValidationService method validateScopes.
/**
* @param scope scope string from token request
* @param permissions permissions
* @return map of loaded scope and boolean, true - if client requested scope and false if it is permission ticket scope
*/
public Map<Scope, Boolean> validateScopes(String scope, List<UmaPermission> permissions, Client client) {
scope = ServerUtil.urlDecode(scope);
final String[] scopesRequested = StringUtils.isNotBlank(scope) ? scope.split(" ") : new String[0];
final Map<Scope, Boolean> result = new HashMap<Scope, Boolean>();
if (ArrayUtils.isNotEmpty(scopesRequested)) {
final Set<String> resourceScopes = resourceService.getResourceScopes(permissions.stream().map(UmaPermission::getResourceId).collect(Collectors.toSet()));
for (String scopeId : scopesRequested) {
final Scope ldapScope = umaScopeService.getOrCreate(client, scopeId, resourceScopes);
if (ldapScope != null) {
result.put(ldapScope, true);
} else {
log.trace("Skip requested scope because it's not allowed, scope: " + scopeId);
}
}
}
for (UmaPermission permission : permissions) {
for (Scope s : umaScopeService.getScopesByDns(permission.getScopeDns())) {
result.put(s, false);
}
}
if (result.isEmpty()) {
log.error("There are no any scopes requested in the request.");
throw errorResponseFactory.createWebApplicationException(BAD_REQUEST, UmaErrorResponseType.INVALID_SCOPE, "There are no any scopes requested in give request.");
}
log.trace("CandidateGrantedScopes: " + Joiner.on(", ").join(Iterables.transform(result.keySet(), new Function<Scope, String>() {
@Override
public String apply(Scope scope) {
return scope.getId();
}
})));
return result;
}
Aggregations