-
Notifications
You must be signed in to change notification settings - Fork 3
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
#943: helper classes for getting tenant from Token/ClaimSet using ten…
…ant/iss claim
- Loading branch information
1 parent
f1fb128
commit 3a783d5
Showing
4 changed files
with
140 additions
and
0 deletions.
There are no files selected for viewing
56 changes: 56 additions & 0 deletions
56
backend/src/main/java/ch/puzzle/okr/security/helper/ClaimHelper.java
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,56 @@ | ||
package ch.puzzle.okr.security.helper; | ||
|
||
import com.nimbusds.jwt.JWTClaimsSet; | ||
|
||
import java.text.ParseException; | ||
import java.util.Optional; | ||
|
||
import static ch.puzzle.okr.security.JwtHelper.CLAIM_ISS; | ||
import static ch.puzzle.okr.security.JwtHelper.CLAIM_TENANT; | ||
import static ch.puzzle.okr.security.helper.JwtStatusLogger.logStatus; | ||
import static ch.puzzle.okr.security.helper.UrlHelper.extractTenantFromIssUrl; | ||
|
||
public class ClaimHelper { | ||
|
||
public Optional<String> getTenantFromClaimsSetUsingClaimTenant(JWTClaimsSet claimSet) { | ||
try { | ||
String tenant = getTenant(claimSet); | ||
return Optional.ofNullable(tenant); | ||
} catch (ParseException e) { | ||
logStatus(CLAIM_TENANT, claimSet, e); | ||
return Optional.empty(); | ||
} | ||
} | ||
|
||
private static String getTenant(JWTClaimsSet claimSet) throws ParseException { | ||
String tenant = claimSet.getStringClaim(CLAIM_TENANT); | ||
logStatus(CLAIM_TENANT, claimSet, tenant); | ||
return tenant; | ||
} | ||
|
||
public Optional<String> getTenantFromClaimsSetUsingClaimIss(JWTClaimsSet claimSet) { | ||
try { | ||
String issUrl = getIssUrl(claimSet); | ||
if (issUrl == null) { | ||
return Optional.empty(); | ||
} | ||
return getTenant(claimSet, issUrl); | ||
} catch (ParseException e) { | ||
logStatus(CLAIM_ISS, claimSet, e); | ||
return Optional.empty(); | ||
} | ||
} | ||
|
||
private static String getIssUrl(JWTClaimsSet claimSet) throws ParseException { | ||
String issUrl = claimSet.getStringClaim(CLAIM_ISS); | ||
logStatus(CLAIM_ISS, claimSet, issUrl); | ||
return issUrl; | ||
} | ||
|
||
private static Optional<String> getTenant(JWTClaimsSet claimSet, String issUrl) { | ||
String tenant = extractTenantFromIssUrl(issUrl); | ||
logStatus(CLAIM_ISS, claimSet, tenant); | ||
return Optional.ofNullable(tenant); | ||
} | ||
|
||
} |
31 changes: 31 additions & 0 deletions
31
backend/src/main/java/ch/puzzle/okr/security/helper/JwtStatusLogger.java
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,31 @@ | ||
package ch.puzzle.okr.security.helper; | ||
|
||
import org.slf4j.Logger; | ||
import org.slf4j.LoggerFactory; | ||
|
||
import java.text.ParseException; | ||
|
||
public class JwtStatusLogger { | ||
|
||
private static final Logger logger = LoggerFactory.getLogger(ClaimHelper.class); | ||
|
||
public static void logStatus(String claim, Object context, String result) { | ||
boolean isOk = result != null; | ||
if (isOk) { | ||
logger.info("Tenant: get claim '{}' from {}{}", claim, context.getClass().getSimpleName(), | ||
statusToSymbol(isOk)); | ||
} else { | ||
logger.warn("Tenant: get claim '{}' from {}{}", claim, context.getClass().getSimpleName(), | ||
statusToSymbol(isOk)); | ||
} | ||
} | ||
|
||
public static void logStatus(String claim, Object context, ParseException e) { | ||
logger.warn("Tenant: get claim '{}' from {}{}", claim, context.getClass().getSimpleName(), | ||
statusToSymbol(false), e); | ||
} | ||
|
||
private static String statusToSymbol(boolean isOk) { | ||
return isOk ? " | OK" : " | FAILED"; | ||
} | ||
} |
44 changes: 44 additions & 0 deletions
44
backend/src/main/java/ch/puzzle/okr/security/helper/TokenHelper.java
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,44 @@ | ||
package ch.puzzle.okr.security.helper; | ||
|
||
import org.springframework.security.oauth2.jwt.Jwt; | ||
|
||
import java.util.Optional; | ||
|
||
import static ch.puzzle.okr.security.JwtHelper.CLAIM_ISS; | ||
import static ch.puzzle.okr.security.JwtHelper.CLAIM_TENANT; | ||
import static ch.puzzle.okr.security.helper.JwtStatusLogger.logStatus; | ||
import static ch.puzzle.okr.security.helper.UrlHelper.extractTenantFromIssUrl; | ||
|
||
public class TokenHelper { | ||
|
||
public Optional<String> getTenantFromTokenUsingClaimTenant(Jwt token) { | ||
String tenant = getTenant(token); | ||
return Optional.ofNullable(tenant); | ||
} | ||
|
||
private static String getTenant(Jwt token) { | ||
String tenant = token.getClaimAsString(CLAIM_TENANT); // can return null | ||
logStatus(CLAIM_TENANT, token, tenant); | ||
return tenant; | ||
} | ||
|
||
public Optional<String> getTenantFromTokenUsingClaimIss(Jwt token) { | ||
String issUrl = getIssUrl(token); | ||
if (issUrl == null) { | ||
return Optional.empty(); | ||
} | ||
return getTenant(token, issUrl); | ||
} | ||
|
||
private String getIssUrl(Jwt token) { | ||
String issUrl = token.getClaimAsString(CLAIM_ISS); // can return null | ||
logStatus(CLAIM_ISS, token, issUrl); | ||
return issUrl; | ||
} | ||
|
||
private Optional<String> getTenant(Jwt token, String issUrl) { | ||
String tenant = extractTenantFromIssUrl(issUrl); | ||
logStatus(CLAIM_ISS, token, tenant); | ||
return Optional.ofNullable(tenant); | ||
} | ||
} |
9 changes: 9 additions & 0 deletions
9
backend/src/main/java/ch/puzzle/okr/security/helper/UrlHelper.java
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,9 @@ | ||
package ch.puzzle.okr.security.helper; | ||
|
||
public class UrlHelper { | ||
|
||
public static String extractTenantFromIssUrl(String issUrl) { | ||
String[] issUrlParts = issUrl.split("/"); | ||
return issUrlParts[issUrlParts.length - 1]; | ||
} | ||
} |