Commit 192e1b72 authored by Sonia Zorba's avatar Sonia Zorba Committed by zonia3000
Browse files

Made OIDC flow working

parent e79029ae

gms/pom.xml

+4 −0
Original line number Diff line number Diff line
@@ -28,6 +28,10 @@ 
            <artifactId>spring-security-oauth2-autoconfigure</artifactId>

            <version>${project.parent.version}</version>

        </dependency>

        <dependency>

            <groupId>org.springframework.security</groupId>

            <artifactId>spring-security-oauth2-client</artifactId>

        </dependency>



        <dependency>

            <groupId>org.springframework.boot</groupId>

gms/src/main/java/it/inaf/ia2/gms/CustomAuthenticationData.java

0 → 100644
+20 −0
Original line number Diff line number Diff line 
package it.inaf.ia2.gms;



import java.util.Collection;

import java.util.Map;

import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;

import org.springframework.security.core.GrantedAuthority;



public class CustomAuthenticationData extends UsernamePasswordAuthenticationToken {



    private final Map<String, Object> attributes;



    public CustomAuthenticationData(String username, Map<String, Object> attributes, Collection<? extends GrantedAuthority> authorities) {

        super(username, "N/A", authorities);

        this.attributes = attributes;

    }



    public Map<String, Object> getAttributes() {

        return attributes;

    }

}

gms/src/main/java/it/inaf/ia2/gms/CustomIdTokenConverter.java

0 → 100644
+36 −0
Original line number Diff line number Diff line 
package it.inaf.ia2.gms;



import java.util.List;

import java.util.Map;

import org.springframework.security.core.Authentication;

import org.springframework.security.core.GrantedAuthority;

import org.springframework.security.core.authority.AuthorityUtils;

import org.springframework.security.oauth2.common.OAuth2AccessToken;

import org.springframework.security.oauth2.provider.token.DefaultUserAuthenticationConverter;

import org.springframework.security.oauth2.provider.token.store.jwk.JwkTokenStore;



public class CustomIdTokenConverter extends DefaultUserAuthenticationConverter {



    private final JwkTokenStore jwkTokenStore;



    public CustomIdTokenConverter(String keySetUri) {

        this.jwkTokenStore = new JwkTokenStore(keySetUri);

    }



    @Override

    public Authentication extractAuthentication(Map<String, ?> map) {



        String idToken = (String) map.get("id_token");



        OAuth2AccessToken token = jwkTokenStore.readAccessToken(idToken);



        Map<String, Object> claims = token.getAdditionalInformation();

        //OAuth2RefreshToken refreshToken = token.getRefreshToken();



        String principal = (String) claims.get("sub");



        List<GrantedAuthority> authorities = AuthorityUtils.createAuthorityList("ROLE_USER");



        return new CustomAuthenticationData(principal, claims, authorities);

    }

}

gms/src/main/java/it/inaf/ia2/gms/GmsApplication.java

+0 −22
Original line number Diff line number Diff line 
package it.inaf.ia2.gms;



import org.springframework.beans.factory.annotation.Value;

import org.springframework.boot.SpringApplication;

import org.springframework.boot.autoconfigure.SpringBootApplication;

import org.springframework.boot.autoconfigure.security.oauth2.client.EnableOAuth2Sso;

import org.springframework.context.annotation.Bean;

import org.springframework.security.oauth2.provider.token.TokenStore;

import org.springframework.security.oauth2.provider.token.store.JwtAccessTokenConverter;

import org.springframework.security.oauth2.provider.token.store.jwk.JwkTokenStore;



@SpringBootApplication

@EnableOAuth2Sso

public class GmsApplication {



    public static void main(String[] args) {

        SpringApplication.run(GmsApplication.class, args);

    }



    @Value("${security.oauth2.resource.jwk.key-set-uri}")

    private String keySetUri;



    @Bean

    public TokenStore tokenStore() {

        JwkTokenStore jwkTokenStore = new JwkTokenStore(keySetUri, accessTokenConverter());

        return jwkTokenStore;

    }



    @Bean

    public JwtAccessTokenConverter accessTokenConverter() {

        JwtAccessTokenConverter converter = new JwtAccessTokenConverter();

        return converter;

    }

}

gms/src/main/java/it/inaf/ia2/gms/LoginController.java

+3 −3
Original line number Diff line number Diff line 
package it.inaf.ia2.gms;



import java.security.Principal;

import org.springframework.http.MediaType;

import org.springframework.web.bind.annotation.GetMapping;

import org.springframework.web.bind.annotation.RestController;
@@ -12,8 +13,7 @@ public class LoginController { 
        return principal;

    }



    

    @GetMapping("/")

    @GetMapping(value = "/", produces = MediaType.APPLICATION_JSON_UTF8_VALUE)

    public Principal root(Principal principal) {

        return principal;

    }