Fixing Tokens for GitLAB access

4a370d60 · Michael Breu · 921e9cbb · 4a370d60 · 4a370d60 · 4a370d60
Commit 4a370d60 authored 4 years ago by Michael Breu
--- a/src/main/java/at/ac/uibk/gitsearch/config/SecurityConfiguration.java
+++ b/src/main/java/at/ac/uibk/gitsearch/config/SecurityConfiguration.java
@@ -4,7 +4,9 @@ import static org.springframework.http.MediaType.APPLICATION_FORM_URLENCODED_VAL

 import java.net.URI;
 import java.util.Collections;
+import java.util.HashMap;
 import java.util.HashSet;
+import java.util.Map;
 import java.util.Optional;
 import java.util.Set;

@@ -47,6 +49,7 @@ import org.springframework.security.oauth2.core.OAuth2TokenValidator;
 import org.springframework.security.oauth2.core.endpoint.OAuth2AuthorizationExchange;
 import org.springframework.security.oauth2.core.endpoint.OAuth2ParameterNames;
 import org.springframework.security.oauth2.core.endpoint.PkceParameterNames;
+import org.springframework.security.oauth2.core.oidc.OidcUserInfo;
 import org.springframework.security.oauth2.core.oidc.user.DefaultOidcUser;
 import org.springframework.security.oauth2.core.oidc.user.OidcUser;
 import org.springframework.security.oauth2.jwt.Jwt;
@@ -402,9 +405,13 @@ public class SecurityConfiguration extends WebSecurityConfigurerAdapter {
 	        	userService.createUser(u);
 	        }

-			
+//	       oidcUser.getUserInfo().getClaims().put(TokenProvider.GITLAB_ACCESS_TOKEN, userRequest.getAccessToken());
+	       Map<String, Object> claims = new HashMap<>( oidcUser.getUserInfo().getClaims());
+	       claims.put(TokenProvider.GITLAB_ACCESS_TOKEN, userRequest.getAccessToken().getTokenValue());
+	       claims.put(TokenProvider.GITLAB_ACCESS_ISSUER, userRequest.getClientRegistration().getRegistrationId());
+	       OidcUserInfo userInfo = new OidcUserInfo(claims);
 	           
-           oidcUser = new DefaultOidcUser(mappedAuthorities, oidcUser.getIdToken(), oidcUser.getUserInfo());
+           oidcUser = new DefaultOidcUser(mappedAuthorities, oidcUser.getIdToken(), userInfo);

           return oidcUser;
       };

--- a/src/main/java/at/ac/uibk/gitsearch/repository/gitlab/GitLabRepository.java
+++ b/src/main/java/at/ac/uibk/gitsearch/repository/gitlab/GitLabRepository.java
@@ -31,14 +31,9 @@ public class GitLabRepository {
 		GitLabApi gitLabApi = null;
 		if(isPresent) {
 			String idToken = accessTokenO.get();
-			final Optional<String> gitLabAccessIssuer = tokenProvider.getGitLabAccessIssuer();
-			if(! gitLabAccessIssuer.isPresent()) {
-				log.warn("accessToken defined, but no gitlabAccess Issuer found?");
-			} else {
-
-	         gitLabApi = new GitLabApi(gitLabAccessIssuer.get(), TokenType.OAUTH2_ACCESS, idToken);
-
-	        }
+	         gitLabApi = new GitLabApi(applicationProperties.getGitLab().getUrl(), TokenType.OAUTH2_ACCESS, idToken);
+		} else {
+	         gitLabApi = new GitLabApi(applicationProperties.getGitLab().getUrl(), TokenType.PRIVATE, applicationProperties.getGitLab().getGeneralAccessToken());
 		}
 		return gitLabApi;
 	}

--- a/src/main/java/at/ac/uibk/gitsearch/security/jwt/TokenProvider.java
+++ b/src/main/java/at/ac/uibk/gitsearch/security/jwt/TokenProvider.java
@@ -21,6 +21,7 @@ import org.springframework.security.core.authority.SimpleGrantedAuthority;
 import org.springframework.security.core.context.SecurityContext;
 import org.springframework.security.core.context.SecurityContextHolder;
 import org.springframework.security.core.userdetails.User;
+import org.springframework.security.oauth2.core.oidc.user.DefaultOidcUser;
 import org.springframework.stereotype.Component;
 import org.springframework.util.StringUtils;

@@ -144,14 +145,18 @@ public class TokenProvider {
            .setSubject(authentication.getName())
            .claim(AUTHORITIES_KEY, authorities);
 		// copy from preToken
-		final Object userDetails = authentication.getDetails();
 		String authenticationToken = null;
 		String authenticationIssuer = null;
-		if (userDetails instanceof Map<?,?>) {
+		if (authentication.getDetails() instanceof Map) {
 			@SuppressWarnings("unchecked")
-			Map<String, String> userDetailsMap = (Map<String, String>) userDetails;
-			authenticationToken = userDetailsMap.get(GITLAB_ACCESS_TOKEN);
-			authenticationIssuer = userDetailsMap.get(GITLAB_ACCESS_ISSUER);
+			Map<String, String> details = (Map) authentication.getDetails();
+			authenticationToken = details.get(GITLAB_ACCESS_TOKEN);
+			authenticationIssuer = details.get(GITLAB_ACCESS_ISSUER);
+		}
+		if (authentication.getPrincipal() instanceof DefaultOidcUser) {
+			DefaultOidcUser oidcInfo = (DefaultOidcUser) authentication.getPrincipal();
+			authenticationToken = oidcInfo.getClaimAsString(GITLAB_ACCESS_TOKEN);
+			authenticationIssuer = oidcInfo.getClaimAsString(GITLAB_ACCESS_ISSUER);
 		}
 		
 		if (authenticationToken!=null) {