github
/
OpenID-Connect-Java-Spring-Server
mirror of https://github.com/mitreid-connect/OpenID-Connect-Java-Spring-Server
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

inject user's authorities into javascript context

pull/650/head
Justin Richer 2013-08-29 16:58:36 -04:00
parent 5c79a3f94e
commit a59704559a
2 changed files with 26 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

22
openid-connect-common/src/main/java/org/mitre/openid/connect/web/UserInfoInterceptor.java
View File

@ -19,6 +19,7 @@
*/ */
package org.mitre.openid.connect.web; package org.mitre.openid.connect.web;
import java.lang.reflect.Type;
import java.security.Principal; import java.security.Principal;
import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletRequest;
@ -28,10 +29,17 @@ import org.mitre.openid.connect.model.OIDCAuthenticationToken;
import org.mitre.openid.connect.model.UserInfo; import org.mitre.openid.connect.model.UserInfo;
import org.mitre.openid.connect.service.UserInfoService; import org.mitre.openid.connect.service.UserInfoService;
import org.springframework.beans.factory.annotation.Autowired; import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.GrantedAuthority;
import org.springframework.web.servlet.ModelAndView; import org.springframework.web.servlet.ModelAndView;
import org.springframework.web.servlet.handler.HandlerInterceptorAdapter; import org.springframework.web.servlet.handler.HandlerInterceptorAdapter;
import com.google.gson.Gson; import com.google.gson.Gson;
import com.google.gson.GsonBuilder;
import com.google.gson.JsonElement;
import com.google.gson.JsonPrimitive;
import com.google.gson.JsonSerializationContext;
import com.google.gson.JsonSerializer;
/** /**
* Injects the UserInfo object for the current user into the current model's context, if both exist. Allows JSPs and the like to call "userInfo.name" and other fields. * Injects the UserInfo object for the current user into the current model's context, if both exist. Allows JSPs and the like to call "userInfo.name" and other fields.
@ -41,7 +49,14 @@ import com.google.gson.Gson;
*/ */
public class UserInfoInterceptor extends HandlerInterceptorAdapter { public class UserInfoInterceptor extends HandlerInterceptorAdapter {
private Gson gson = new Gson(); private Gson gson = new GsonBuilder()
.registerTypeHierarchyAdapter(GrantedAuthority.class, new JsonSerializer<GrantedAuthority>() {
@Override
public JsonElement serialize(GrantedAuthority src, Type typeOfSrc, JsonSerializationContext context) {
return new JsonPrimitive(src.getAuthority());
}
})
.create();
@Autowired @Autowired
private UserInfoService userInfoService; private UserInfoService userInfoService;
@ -53,6 +68,11 @@ public class UserInfoInterceptor extends HandlerInterceptorAdapter {
// get our principal from the security context // get our principal from the security context
Principal p = request.getUserPrincipal(); Principal p = request.getUserPrincipal();
if (p instanceof Authentication){
Authentication auth = (Authentication)p;
modelAndView.addObject("userAuthorities", gson.toJson(auth.getAuthorities()));
}
if (p instanceof OIDCAuthenticationToken) { if (p instanceof OIDCAuthenticationToken) {
// if they're logging into this server from a remote OIDC server, pass through their user info // if they're logging into this server from a remote OIDC server, pass through their user info
OIDCAuthenticationToken oidc = (OIDCAuthenticationToken) p; OIDCAuthenticationToken oidc = (OIDCAuthenticationToken) p;

5
openid-connect-server/src/main/webapp/WEB-INF/tags/header.tag
View File

@ -113,6 +113,11 @@
function getUserInfo() { function getUserInfo() {
return ${userInfoJson}; return ${userInfoJson};
} }
// get the authorities of the current user, if available (null otherwise)
function getUserAuthorities() {
return ${userAuthorities};
}
</script> </script>
</head> </head>