Add an AuthoritiesExtractor strategy for UserInfoTokenServices
Default will extract an "authorities" key from the map coming from the server. No existing servers I am aware of actually send that data, but it might be helpful as a default nevertheless. User can override the default by adding a bean of that type. Fixes gh-3711pull/4122/merge
Dave Syer
9 years ago
parent
eadd20e9ca
commit
4768faaba7
@ -0,0 +1,31 @@
|
||||
/*
|
||||
* Copyright 2012-2015 the original author or authors.
|
||||
*
|
||||
* Licensed under the Apache License, Version 2.0 (the "License");
|
||||
* you may not use this file except in compliance with the License.
|
||||
* You may obtain a copy of the License at
|
||||
*
|
||||
* http://www.apache.org/licenses/LICENSE-2.0
|
||||
*
|
||||
* Unless required by applicable law or agreed to in writing, software
|
||||
* distributed under the License is distributed on an "AS IS" BASIS,
|
||||
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
* See the License for the specific language governing permissions and
|
||||
* limitations under the License.
|
||||
*/
|
||||
|
||||
package org.springframework.boot.autoconfigure.security.oauth2.resource;
|
||||
|
||||
import java.util.List;
|
||||
import java.util.Map;
|
||||
|
||||
import org.springframework.security.core.GrantedAuthority;
|
||||
|
||||
/**
|
||||
* @author Dave Syer
|
||||
*/
|
||||
public interface AuthoritiesExtractor {
|
||||
|
||||
List<GrantedAuthority> extractAuthorities(Map<String, Object> map);
|
||||
|
||||
}
|
||||
@ -0,0 +1,54 @@
|
||||
/*
|
||||
* Copyright 2012-2015 the original author or authors.
|
||||
*
|
||||
* Licensed under the Apache License, Version 2.0 (the "License");
|
||||
* you may not use this file except in compliance with the License.
|
||||
* You may obtain a copy of the License at
|
||||
*
|
||||
* http://www.apache.org/licenses/LICENSE-2.0
|
||||
*
|
||||
* Unless required by applicable law or agreed to in writing, software
|
||||
* distributed under the License is distributed on an "AS IS" BASIS,
|
||||
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
* See the License for the specific language governing permissions and
|
||||
* limitations under the License.
|
||||
*/
|
||||
|
||||
package org.springframework.boot.autoconfigure.security.oauth2.resource;
|
||||
|
||||
import java.util.Collection;
|
||||
import java.util.List;
|
||||
import java.util.Map;
|
||||
|
||||
import org.springframework.security.core.GrantedAuthority;
|
||||
import org.springframework.security.core.authority.AuthorityUtils;
|
||||
import org.springframework.util.ObjectUtils;
|
||||
import org.springframework.util.StringUtils;
|
||||
|
||||
/**
|
||||
* @author Dave Syer
|
||||
*/
|
||||
public class FixedAuthoritiesExtractor implements AuthoritiesExtractor {
|
||||
|
||||
private static final String AUTHORITIES = "authorities";
|
||||
|
||||
@Override
|
||||
public List<GrantedAuthority> extractAuthorities(Map<String, Object> map) {
|
||||
String authorities = "ROLE_USER";
|
||||
if (map.containsKey(AUTHORITIES)) {
|
||||
Object object = map.get(AUTHORITIES);
|
||||
if (object instanceof Collection) {
|
||||
authorities = StringUtils
|
||||
.collectionToCommaDelimitedString((Collection<?>) object);
|
||||
}
|
||||
else if (ObjectUtils.isArray(object)) {
|
||||
authorities = StringUtils.arrayToCommaDelimitedString((Object[]) object);
|
||||
}
|
||||
else if (object != null) {
|
||||
authorities = object.toString();
|
||||
}
|
||||
}
|
||||
return AuthorityUtils.commaSeparatedStringToAuthorityList(authorities);
|
||||
}
|
||||
|
||||
}
|
||||
@ -0,0 +1,64 @@
|
||||
/*
|
||||
* Copyright 2012-2015 the original author or authors.
|
||||
*
|
||||
* Licensed under the Apache License, Version 2.0 (the "License");
|
||||
* you may not use this file except in compliance with the License.
|
||||
* You may obtain a copy of the License at
|
||||
*
|
||||
* http://www.apache.org/licenses/LICENSE-2.0
|
||||
*
|
||||
* Unless required by applicable law or agreed to in writing, software
|
||||
* distributed under the License is distributed on an "AS IS" BASIS,
|
||||
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
* See the License for the specific language governing permissions and
|
||||
* limitations under the License.
|
||||
*/
|
||||
|
||||
package org.springframework.boot.autoconfigure.security.oauth2.resource;
|
||||
|
||||
import java.util.Arrays;
|
||||
import java.util.LinkedHashMap;
|
||||
import java.util.Map;
|
||||
|
||||
import org.junit.Test;
|
||||
|
||||
import static org.junit.Assert.assertEquals;
|
||||
|
||||
/**
|
||||
* @author Dave Syer
|
||||
*/
|
||||
public class FixedAuthoritiesExtractorTests {
|
||||
|
||||
private FixedAuthoritiesExtractor extractor = new FixedAuthoritiesExtractor();
|
||||
|
||||
private Map<String, Object> map = new LinkedHashMap<String, Object>();
|
||||
|
||||
@Test
|
||||
public void authorities() {
|
||||
this.map.put("authorities", "ROLE_ADMIN");
|
||||
assertEquals("[ROLE_ADMIN]",
|
||||
this.extractor.extractAuthorities(this.map).toString());
|
||||
}
|
||||
|
||||
@Test
|
||||
public void authoritiesCommaSeparated() {
|
||||
this.map.put("authorities", "ROLE_USER,ROLE_ADMIN");
|
||||
assertEquals("[ROLE_USER, ROLE_ADMIN]",
|
||||
this.extractor.extractAuthorities(this.map).toString());
|
||||
}
|
||||
|
||||
@Test
|
||||
public void authoritiesArray() {
|
||||
this.map.put("authorities", new String[] { "ROLE_USER", "ROLE_ADMIN" });
|
||||
assertEquals("[ROLE_USER, ROLE_ADMIN]",
|
||||
this.extractor.extractAuthorities(this.map).toString());
|
||||
}
|
||||
|
||||
@Test
|
||||
public void authoritiesList() {
|
||||
this.map.put("authorities", Arrays.asList("ROLE_USER", "ROLE_ADMIN"));
|
||||
assertEquals("[ROLE_USER, ROLE_ADMIN]",
|
||||
this.extractor.extractAuthorities(this.map).toString());
|
||||
}
|
||||
|
||||
}
|
||||
Loading…
Reference in New Issue