io.miragon.miranum.platform.security.JwtAuthenticationConverter Maven / Gradle / Ivy

Show more of this group Show more artifacts with this name
Show all versions of spring-security-core Show documentation

The newest version!

package io.miragon.miranum.platform.security;

import lombok.RequiredArgsConstructor;
import org.springframework.core.convert.converter.Converter;
import org.springframework.lang.NonNull;
import org.springframework.security.authentication.AbstractAuthenticationToken;
import org.springframework.security.core.authority.SimpleGrantedAuthority;
import org.springframework.security.oauth2.jwt.Jwt;
import org.springframework.security.oauth2.server.resource.authentication.JwtAuthenticationToken;
import org.springframework.util.ObjectUtils;

import java.util.ArrayList;
import java.util.Collection;
import java.util.List;
import java.util.stream.Stream;

/**
 * Stateful configuration of a Jwt Converter loading details from UserInfo endpoint.
 */
@RequiredArgsConstructor
public class JwtAuthenticationConverter implements Converter {

    private static final String CLAIM_ROLES = "roles";

    @Override
    public AbstractAuthenticationToken convert(@NonNull Jwt source) {
        Collection authorities = new ArrayList<>();
        if (source.getClaims().containsKey((CLAIM_ROLES))) {
            authorities.addAll(asAuthorities(source.getClaims().get(CLAIM_ROLES)));
        }
        return new JwtAuthenticationToken(source, authorities);
    }

    private List asAuthorities(Object object) {
        final List authorities = new ArrayList<>();
        if (object instanceof Collection collection) {
            object = collection.toArray(new Object[0]);
        }
        if (ObjectUtils.isArray(object)) {
            authorities.addAll(
                    Stream.of(((Object[]) object))
                            .map(Object::toString)
                            .map(SimpleGrantedAuthority::new)
                            .toList()
            );
        }
        return authorities;
    }

}