use of org.springframework.security.oauth2.core.OAuth2Error in project dhis2-core by dhis2.
the class DhisOidcUserService method loadUser.
@Override
public OidcUser loadUser(OidcUserRequest userRequest) throws OAuth2AuthenticationException {
ClientRegistration clientRegistration = userRequest.getClientRegistration();
DhisOidcClientRegistration oidcClientRegistration = clientRegistrationRepository.getDhisOidcClientRegistration(clientRegistration.getRegistrationId());
String mappingClaimKey = oidcClientRegistration.getMappingClaimKey();
OidcUser oidcUser = super.loadUser(userRequest);
OidcUserInfo userInfo = oidcUser.getUserInfo();
Map<String, Object> attributes = oidcUser.getAttributes();
Object claimValue = attributes.get(mappingClaimKey);
if (claimValue == null && userInfo != null) {
claimValue = userInfo.getClaim(mappingClaimKey);
}
if (log.isDebugEnabled()) {
log.debug(String.format("Trying to look up DHIS2 user with OidcUser mapping mappingClaimKey='%s', claim value='%s'", mappingClaimKey, claimValue));
}
if (claimValue != null) {
User user = userService.getUserByOpenId((String) claimValue);
if (user != null) {
return new DhisOidcUser(user, attributes, IdTokenClaimNames.SUB, oidcUser.getIdToken());
}
}
String errorMessage = String.format("Failed to look up DHIS2 user with OidcUser mapping mappingClaimKey='%s', claim value='%s'", mappingClaimKey, claimValue);
if (log.isDebugEnabled()) {
log.debug(errorMessage);
}
OAuth2Error oauth2Error = new OAuth2Error("could_not_map_oidc_user_to_dhis2_user", errorMessage, null);
throw new OAuth2AuthenticationException(oauth2Error, oauth2Error.toString());
}
Aggregations