Skip to content
Snippets Groups Projects

fix: :bug: Losing AUD in GA4GH AT modifier

Merged Ghost User requested to merge dBucik/fix_ga4gh_at_modifier into main
1 file
+ 11
1
Compare changes
  • Side-by-side
  • Inline
@@ -8,7 +8,10 @@ import lombok.extern.slf4j.Slf4j;
@@ -8,7 +8,10 @@ import lombok.extern.slf4j.Slf4j;
import org.springframework.security.oauth2.common.OAuth2AccessToken;
import org.springframework.security.oauth2.common.OAuth2AccessToken;
import org.springframework.security.oauth2.provider.OAuth2Authentication;
import org.springframework.security.oauth2.provider.OAuth2Authentication;
 
import java.util.ArrayList;
 
import java.util.Collection;
import java.util.Collections;
import java.util.Collections;
 
import java.util.HashSet;
import java.util.Set;
import java.util.Set;
import static cz.muni.ics.oidc.server.ga4gh.Ga4ghApiClaimSource.GA4GH_SCOPE;
import static cz.muni.ics.oidc.server.ga4gh.Ga4ghApiClaimSource.GA4GH_SCOPE;
@@ -33,8 +36,15 @@ public class Ga4ghAccessTokenModifier implements PerunAccessTokenEnhancer.Access
@@ -33,8 +36,15 @@ public class Ga4ghAccessTokenModifier implements PerunAccessTokenEnhancer.Access
Set<String> scopes = accessToken.getScope();
Set<String> scopes = accessToken.getScope();
//GA4GH
//GA4GH
if (scopes.contains(GA4GH_SCOPE)) {
if (scopes.contains(GA4GH_SCOPE)) {
 
Object originalAud = builder.getClaims().get("aud");
 
Set<String> newAud = new HashSet<>();
 
if (originalAud instanceof String) {
 
newAud.add((String) originalAud);
 
} else if (originalAud instanceof Collection) {
 
newAud.addAll((Collection<String>) originalAud);
 
}
log.debug("Adding claims required by GA4GH to access token");
log.debug("Adding claims required by GA4GH to access token");
builder.audience(Collections.singletonList(authentication.getOAuth2Request().getClientId()));
builder.audience(new ArrayList<>(newAud));
}
}
}
}
Loading