org.springframework.security.oauth2.core.oidc.user.OidcUserAuthority Java Examples
The following examples show how to use
org.springframework.security.oauth2.core.oidc.user.OidcUserAuthority.
You can vote up the ones you like or vote down the ones you don't like,
and go to the original project or source file by following the links above each example. You may check out the related API usage on the sidebar.
Example #1
| Source File: SecurityConfiguration.java From java-microservices-examples with Apache License 2.0 | 7 votes |
|
/**
* Map authorities from "groups" or "roles" claim in ID Token.
*
* @return a {@link GrantedAuthoritiesMapper} that maps groups from
* the IdP to Spring Security Authorities.
*/
@Bean
@SuppressWarnings("unchecked")
public GrantedAuthoritiesMapper userAuthoritiesMapper() {
return (authorities) -> {
Set<GrantedAuthority> mappedAuthorities = new HashSet<>();
authorities.forEach(authority -> {
OidcUserAuthority oidcUserAuthority = (OidcUserAuthority) authority;
OidcUserInfo userInfo = oidcUserAuthority.getUserInfo();
Collection<String> groups = (Collection<String>) userInfo.getClaims().get("groups");
if (groups == null) {
groups = (Collection<String>) userInfo.getClaims().get("roles");
}
mappedAuthorities.addAll(groups.stream()
.filter(group -> group.startsWith("ROLE_"))
.map(SimpleGrantedAuthority::new).collect(Collectors.toList()));
});
return mappedAuthorities;
};
}
Example #2
| Source File: SecurityConfiguration.java From java-microservices-examples with Apache License 2.0 | 7 votes |
|
/**
* Map authorities from "groups" or "roles" claim in ID Token.
*
* @return a {@link GrantedAuthoritiesMapper} that maps groups from
* the IdP to Spring Security Authorities.
*/
@Bean
@SuppressWarnings("unchecked")
public GrantedAuthoritiesMapper userAuthoritiesMapper() {
return (authorities) -> {
Set<GrantedAuthority> mappedAuthorities = new HashSet<>();
authorities.forEach(authority -> {
OidcUserAuthority oidcUserAuthority = (OidcUserAuthority) authority;
OidcUserInfo userInfo = oidcUserAuthority.getUserInfo();
Collection<String> groups = (Collection<String>) userInfo.getClaims().get("groups");
if (groups == null) {
groups = (Collection<String>) userInfo.getClaims().get("roles");
}
mappedAuthorities.addAll(groups.stream()
.filter(group -> group.startsWith("ROLE_"))
.map(SimpleGrantedAuthority::new).collect(Collectors.toList()));
});
return mappedAuthorities;
};
}
Example #3
| Source File: SecurityConfiguration.java From java-microservices-examples with Apache License 2.0 | 6 votes |
|
/**
* Map authorities from "groups" or "roles" claim in ID Token.
*
* @return a {@link GrantedAuthoritiesMapper} that maps groups from
* the IdP to Spring Security Authorities.
*/
@Bean
@SuppressWarnings("unchecked")
public GrantedAuthoritiesMapper userAuthoritiesMapper() {
return (authorities) -> {
Set<GrantedAuthority> mappedAuthorities = new HashSet<>();
authorities.forEach(authority -> {
OidcUserAuthority oidcUserAuthority = (OidcUserAuthority) authority;
OidcUserInfo userInfo = oidcUserAuthority.getUserInfo();
Collection<String> groups = (Collection<String>) userInfo.getClaims().get("groups");
if (groups == null) {
groups = (Collection<String>) userInfo.getClaims().get("roles");
}
mappedAuthorities.addAll(groups.stream()
.filter(group -> group.startsWith("ROLE_"))
.map(SimpleGrantedAuthority::new).collect(Collectors.toList()));
});
return mappedAuthorities;
};
}
Example #4
| Source File: SecurityConfig.java From oauth2-client with MIT License | 5 votes |
|
/**
* 从user-info-uri 返回结果中抽取权限信息,如角色等,默认为scope
* Mapping User Authorities
* https://docs.spring.io/spring-security/site/docs/current/reference/htmlsingle/#oauth2login-advanced-map-authorities
*/
@Deprecated
private GrantedAuthoritiesMapper userAuthoritiesMapper() {
return (authorities) -> {
Set<GrantedAuthority> mappedAuthorities = new HashSet<>();
authorities.forEach(authority -> {
if (OidcUserAuthority.class.isInstance(authority)) {
OidcUserAuthority oidcUserAuthority = (OidcUserAuthority) authority;
OidcIdToken idToken = oidcUserAuthority.getIdToken();
OidcUserInfo userInfo = oidcUserAuthority.getUserInfo();
System.out.println(oidcUserAuthority);
// Map the claims found in idToken and/or userInfo
// to one or more GrantedAuthority's and add it to mappedAuthorities
} else if (OAuth2UserAuthority.class.isInstance(authority)) {
OAuth2UserAuthority oauth2UserAuthority = (OAuth2UserAuthority) authority;
Map<String, Object> userAttributes = oauth2UserAuthority.getAttributes();
System.out.println(userAttributes);
// Map the attributes found in userAttributes
// to one or more GrantedAuthority's and add it to mappedAuthorities
} else if (SimpleGrantedAuthority.class.isInstance(authority)) {
SimpleGrantedAuthority simpleGrantedAuthority = (SimpleGrantedAuthority) authority;
System.out.println(simpleGrantedAuthority);
}
});
return mappedAuthorities;
};
}
Example #5
| Source File: OAuth2SecurityConfiguration.java From jhipster-registry with Apache License 2.0 | 5 votes |
|
@Bean
@SuppressWarnings("unchecked")
public GrantedAuthoritiesMapper userAuthoritiesMapper() {
return (authorities) -> {
Set<GrantedAuthority> mappedAuthorities = new HashSet<>();
authorities.forEach(authority -> {
OidcUserInfo userInfo = null;
// Check for OidcUserAuthority because Spring Security 5.2 returns
// each scope as a GrantedAuthority, which we don't care about.
if (authority instanceof OidcUserAuthority) {
OidcUserAuthority oidcUserAuthority = (OidcUserAuthority) authority;
userInfo = oidcUserAuthority.getUserInfo();
}
if (userInfo == null) {
mappedAuthorities.add(new SimpleGrantedAuthority(AuthoritiesConstants.USER));
} else {
Map<String, Object> claims = userInfo.getClaims();
Collection<String> groups = (Collection<String>) claims.getOrDefault("groups",
claims.getOrDefault("roles", new ArrayList<>()));
mappedAuthorities.addAll(groups.stream()
.filter(group -> group.startsWith("ROLE_"))
.map(SimpleGrantedAuthority::new)
.collect(toList()));
}
});
return mappedAuthorities;
};
}
