Search in sources :

Example 21 with DefaultOAuth2User

use of org.springframework.security.oauth2.core.user.DefaultOAuth2User in project OsmAnd-tools by osmandapp.

the class WebSecurityConfiguration method oauthGithubUserService.

private DefaultOAuth2UserService oauthGithubUserService() {
    // authorize with admin for specific group
    RestTemplate restTemplate = new RestTemplate();
    restTemplate.setErrorHandler(new DefaultResponseErrorHandler() {

        @Override
        public void handleError(ClientHttpResponse response) throws IOException {
        }
    });
    DefaultOAuth2UserService service = new DefaultOAuth2UserService() {

        @Override
        public OAuth2User loadUser(OAuth2UserRequest userRequest) throws OAuth2AuthenticationException {
            OAuth2User user = super.loadUser(userRequest);
            if (user == null) {
                return null;
            }
            Set<GrantedAuthority> authorities = new LinkedHashSet<>();
            if (!Algorithms.isEmpty(adminOauth2Url) && user.getAttribute("url") != null && user.getAttribute("url").toString().contains("github.com")) {
                Map<String, Object> orgs = checkPermissionAccess(adminOauth2Url, userRequest, user);
                // orgs.get("privacy").equals("closed");
                if (orgs != null) {
                    authorities.add(new SimpleGrantedAuthority(ROLE_ADMIN));
                }
            }
            String userNameAttributeName = userRequest.getClientRegistration().getProviderDetails().getUserInfoEndpoint().getUserNameAttributeName();
            return new DefaultOAuth2User(authorities, user.getAttributes(), userNameAttributeName);
        }

        private Map<String, Object> checkPermissionAccess(Object orgUrl, OAuth2UserRequest userRequest, OAuth2User user) {
            String organizationUrl = String.valueOf(orgUrl);
            HttpHeaders headers = new HttpHeaders();
            headers.setBearerAuth(userRequest.getAccessToken().getTokenValue());
            headers.setAccept(Collections.singletonList(MediaType.APPLICATION_JSON));
            URI uri = UriComponentsBuilder.fromUriString(organizationUrl).build().toUri();
            RequestEntity<?> request = new RequestEntity<>(headers, HttpMethod.GET, uri);
            ResponseEntity<Map<String, Object>> res = restTemplate.exchange(request, new ParameterizedTypeReference<Map<String, Object>>() {
            });
            if (!res.getStatusCode().is2xxSuccessful()) {
                return null;
            }
            return res.getBody();
        }
    };
    return service;
}
Also used : LinkedHashSet(java.util.LinkedHashSet) DefaultOAuth2User(org.springframework.security.oauth2.core.user.DefaultOAuth2User) OAuth2User(org.springframework.security.oauth2.core.user.OAuth2User) HttpHeaders(org.springframework.http.HttpHeaders) DefaultResponseErrorHandler(org.springframework.web.client.DefaultResponseErrorHandler) GrantedAuthority(org.springframework.security.core.GrantedAuthority) SimpleGrantedAuthority(org.springframework.security.core.authority.SimpleGrantedAuthority) OAuth2UserRequest(org.springframework.security.oauth2.client.userinfo.OAuth2UserRequest) IOException(java.io.IOException) DefaultOAuth2UserService(org.springframework.security.oauth2.client.userinfo.DefaultOAuth2UserService) URI(java.net.URI) SimpleGrantedAuthority(org.springframework.security.core.authority.SimpleGrantedAuthority) RestTemplate(org.springframework.web.client.RestTemplate) DefaultOAuth2User(org.springframework.security.oauth2.core.user.DefaultOAuth2User) RequestEntity(org.springframework.http.RequestEntity) ClientHttpResponse(org.springframework.http.client.ClientHttpResponse) Map(java.util.Map)

Aggregations

DefaultOAuth2User (org.springframework.security.oauth2.core.user.DefaultOAuth2User)21 Test (org.junit.jupiter.api.Test)15 OAuth2User (org.springframework.security.oauth2.core.user.OAuth2User)15 GrantedAuthority (org.springframework.security.core.GrantedAuthority)7 HashMap (java.util.HashMap)6 SimpleGrantedAuthority (org.springframework.security.core.authority.SimpleGrantedAuthority)6 OAuth2AuthorizedClient (org.springframework.security.oauth2.client.OAuth2AuthorizedClient)5 OAuth2AuthenticationException (org.springframework.security.oauth2.core.OAuth2AuthenticationException)5 Map (java.util.Map)4 OAuth2AuthenticationToken (org.springframework.security.oauth2.client.authentication.OAuth2AuthenticationToken)4 ClientRegistration (org.springframework.security.oauth2.client.registration.ClientRegistration)4 OAuth2AccessToken (org.springframework.security.oauth2.core.OAuth2AccessToken)4 Collections (java.util.Collections)3 BeforeEach (org.junit.jupiter.api.BeforeEach)3 ExtendWith (org.junit.jupiter.api.extension.ExtendWith)3 HttpHeaders (org.springframework.http.HttpHeaders)3 RegisteredOAuth2AuthorizedClient (org.springframework.security.oauth2.client.annotation.RegisteredOAuth2AuthorizedClient)3 OAuth2AccessTokenResponse (org.springframework.security.oauth2.core.endpoint.OAuth2AccessTokenResponse)3 Collection (java.util.Collection)2 LinkedHashSet (java.util.LinkedHashSet)2