Search in sources :

Example 51 with OAuth2User

use of org.springframework.security.oauth2.core.user.OAuth2User in project OsmAnd-tools by osmandapp.

the class WebSecurityConfiguration method oauthGithubUserService.

private DefaultOAuth2UserService oauthGithubUserService() {
    // authorize with admin for specific group
    RestTemplate restTemplate = new RestTemplate();
    restTemplate.setErrorHandler(new DefaultResponseErrorHandler() {

        @Override
        public void handleError(ClientHttpResponse response) throws IOException {
        }
    });
    DefaultOAuth2UserService service = new DefaultOAuth2UserService() {

        @Override
        public OAuth2User loadUser(OAuth2UserRequest userRequest) throws OAuth2AuthenticationException {
            OAuth2User user = super.loadUser(userRequest);
            if (user == null) {
                return null;
            }
            Set<GrantedAuthority> authorities = new LinkedHashSet<>();
            if (!Algorithms.isEmpty(adminOauth2Url) && user.getAttribute("url") != null && user.getAttribute("url").toString().contains("github.com")) {
                Map<String, Object> orgs = checkPermissionAccess(adminOauth2Url, userRequest, user);
                // orgs.get("privacy").equals("closed");
                if (orgs != null) {
                    authorities.add(new SimpleGrantedAuthority(ROLE_ADMIN));
                }
            }
            String userNameAttributeName = userRequest.getClientRegistration().getProviderDetails().getUserInfoEndpoint().getUserNameAttributeName();
            return new DefaultOAuth2User(authorities, user.getAttributes(), userNameAttributeName);
        }

        private Map<String, Object> checkPermissionAccess(Object orgUrl, OAuth2UserRequest userRequest, OAuth2User user) {
            String organizationUrl = String.valueOf(orgUrl);
            HttpHeaders headers = new HttpHeaders();
            headers.setBearerAuth(userRequest.getAccessToken().getTokenValue());
            headers.setAccept(Collections.singletonList(MediaType.APPLICATION_JSON));
            URI uri = UriComponentsBuilder.fromUriString(organizationUrl).build().toUri();
            RequestEntity<?> request = new RequestEntity<>(headers, HttpMethod.GET, uri);
            ResponseEntity<Map<String, Object>> res = restTemplate.exchange(request, new ParameterizedTypeReference<Map<String, Object>>() {
            });
            if (!res.getStatusCode().is2xxSuccessful()) {
                return null;
            }
            return res.getBody();
        }
    };
    return service;
}
Also used : LinkedHashSet(java.util.LinkedHashSet) DefaultOAuth2User(org.springframework.security.oauth2.core.user.DefaultOAuth2User) OAuth2User(org.springframework.security.oauth2.core.user.OAuth2User) HttpHeaders(org.springframework.http.HttpHeaders) DefaultResponseErrorHandler(org.springframework.web.client.DefaultResponseErrorHandler) GrantedAuthority(org.springframework.security.core.GrantedAuthority) SimpleGrantedAuthority(org.springframework.security.core.authority.SimpleGrantedAuthority) OAuth2UserRequest(org.springframework.security.oauth2.client.userinfo.OAuth2UserRequest) IOException(java.io.IOException) DefaultOAuth2UserService(org.springframework.security.oauth2.client.userinfo.DefaultOAuth2UserService) URI(java.net.URI) SimpleGrantedAuthority(org.springframework.security.core.authority.SimpleGrantedAuthority) RestTemplate(org.springframework.web.client.RestTemplate) DefaultOAuth2User(org.springframework.security.oauth2.core.user.DefaultOAuth2User) RequestEntity(org.springframework.http.RequestEntity) ClientHttpResponse(org.springframework.http.client.ClientHttpResponse) Map(java.util.Map)

Example 52 with OAuth2User

use of org.springframework.security.oauth2.core.user.OAuth2User in project vorto by eclipse.

the class AccountController method createUserAccount.

@PostMapping(consumes = "application/json", value = "/rest/accounts")
@PreAuthorize("hasAuthority('sysadmin') or #user.name == authentication.name")
public ResponseEntity<Boolean> createUserAccount(Principal user) {
    OAuth2Authentication oauth2User = (OAuth2Authentication) user;
    if (accountService.getUser(oauth2User.getName()) != null) {
        return new ResponseEntity<>(false, HttpStatus.CREATED);
    }
    User createdUser = null;
    try {
        createdUser = accountService.createNonTechnicalUser(oauth2User.getName(), getAuthenticationProvider(oauth2User), null);
    } catch (InvalidUserException iue) {
        return new ResponseEntity<>(false, HttpStatus.BAD_REQUEST);
    }
    SpringUserUtils.refreshSpringSecurityUser(createdUser, userNamespaceRoleService);
    return new ResponseEntity<>(true, HttpStatus.CREATED);
}
Also used : ResponseEntity(org.springframework.http.ResponseEntity) User(org.eclipse.vorto.repository.domain.User) OAuth2Authentication(org.springframework.security.oauth2.provider.OAuth2Authentication) InvalidUserException(org.eclipse.vorto.repository.services.exceptions.InvalidUserException) PostMapping(org.springframework.web.bind.annotation.PostMapping) PreAuthorize(org.springframework.security.access.prepost.PreAuthorize)

Aggregations

OAuth2User (org.springframework.security.oauth2.core.user.OAuth2User)46 Test (org.junit.jupiter.api.Test)37 HashMap (java.util.HashMap)22 ClientRegistration (org.springframework.security.oauth2.client.registration.ClientRegistration)16 DefaultOAuth2User (org.springframework.security.oauth2.core.user.DefaultOAuth2User)16 OAuth2AccessTokenResponse (org.springframework.security.oauth2.core.endpoint.OAuth2AccessTokenResponse)14 OAuth2AccessToken (org.springframework.security.oauth2.core.OAuth2AccessToken)13 OAuth2AuthorizationRequest (org.springframework.security.oauth2.core.endpoint.OAuth2AuthorizationRequest)13 GrantedAuthority (org.springframework.security.core.GrantedAuthority)12 OAuth2AuthenticationException (org.springframework.security.oauth2.core.OAuth2AuthenticationException)12 Map (java.util.Map)10 SimpleGrantedAuthority (org.springframework.security.core.authority.SimpleGrantedAuthority)10 OAuth2AuthenticationToken (org.springframework.security.oauth2.client.authentication.OAuth2AuthenticationToken)10 OAuth2AuthorizedClient (org.springframework.security.oauth2.client.OAuth2AuthorizedClient)9 Authentication (org.springframework.security.core.Authentication)8 AuthorityUtils (org.springframework.security.core.authority.AuthorityUtils)8 OAuth2UserRequest (org.springframework.security.oauth2.client.userinfo.OAuth2UserRequest)8 OAuth2Error (org.springframework.security.oauth2.core.OAuth2Error)8 Assertions.assertThat (org.assertj.core.api.Assertions.assertThat)7 BeforeEach (org.junit.jupiter.api.BeforeEach)7