From fdf8c4d62077cdcf718fcebaf31e4eb0b4584e74 Mon Sep 17 00:00:00 2001 From: Justin Richer Date: Tue, 23 Jun 2015 20:49:03 -0400 Subject: [PATCH] Updated UMA's ExternalAuthoritiesMapper to new OIDCAuthoritiesMapper class, closes #850 --- .../uma/util/ExternalLoginAuthoritiesMapper.java | 16 +++++++++------- 1 file changed, 9 insertions(+), 7 deletions(-) diff --git a/uma-server/src/main/java/org/mitre/uma/util/ExternalLoginAuthoritiesMapper.java b/uma-server/src/main/java/org/mitre/uma/util/ExternalLoginAuthoritiesMapper.java index 1b23f53c7..aa2bf52ab 100644 --- a/uma-server/src/main/java/org/mitre/uma/util/ExternalLoginAuthoritiesMapper.java +++ b/uma-server/src/main/java/org/mitre/uma/util/ExternalLoginAuthoritiesMapper.java @@ -18,27 +18,29 @@ package org.mitre.uma.util; import java.util.Collection; -import java.util.Set; +import org.mitre.openid.connect.client.OIDCAuthoritiesMapper; +import org.mitre.openid.connect.model.UserInfo; import org.springframework.security.core.GrantedAuthority; import org.springframework.security.core.authority.SimpleGrantedAuthority; -import org.springframework.security.core.authority.mapping.GrantedAuthoritiesMapper; import com.google.common.collect.Sets; +import com.nimbusds.jwt.JWT; /** + * Utility class to map all external logins to the ROLE_EXTERNAL_USER authority + * to prevent them from accessing other parts of the server. + * * @author jricher * */ -public class ExternalLoginAuthoritiesMapper implements GrantedAuthoritiesMapper { +public class ExternalLoginAuthoritiesMapper implements OIDCAuthoritiesMapper { private static final GrantedAuthority ROLE_EXTERNAL_USER = new SimpleGrantedAuthority("ROLE_EXTERNAL_USER"); @Override - public Collection mapAuthorities(Collection authorities) { - Set out = Sets.newHashSet(authorities); - out.add(ROLE_EXTERNAL_USER); - return out; + public Collection mapAuthorities(JWT idToken, UserInfo userInfo) { + return Sets.newHashSet(ROLE_EXTERNAL_USER); } }