RED-6686 - jwt issuer

This commit is contained in:
Timo Bejan 2023-06-26 17:29:17 +03:00
parent 4e09ed12a4
commit 3a2337ce71
2 changed files with 9 additions and 1 deletions

View File

@ -10,6 +10,7 @@ import org.springframework.security.oauth2.jwt.Jwt;
import org.springframework.security.oauth2.jwt.JwtIssuerValidator;
import org.springframework.stereotype.Component;
import com.knecon.fforesight.keycloakcommons.security.properties.CommonsKeyCloakProperties;
import com.knecon.fforesight.tenantcommons.TenantProvider;
import lombok.RequiredArgsConstructor;
@ -18,6 +19,8 @@ import lombok.RequiredArgsConstructor;
@RequiredArgsConstructor
public class TenantJwtIssuerValidator implements OAuth2TokenValidator<Jwt> {
private final CommonsKeyCloakProperties commonsKeyCloakProperties;
private final TenantProvider tenants;
private final Map<String, JwtIssuerValidator> validators = new ConcurrentHashMap<>();
@ -25,7 +28,11 @@ public class TenantJwtIssuerValidator implements OAuth2TokenValidator<Jwt> {
@Override
public OAuth2TokenValidatorResult validate(Jwt token) {
return this.validators.computeIfAbsent(toTenant(token), this::fromTenant).validate(token);
if (commonsKeyCloakProperties.isValidateJWTIssuer()) {
return this.validators.computeIfAbsent(toTenant(token), this::fromTenant).validate(token);
} else {
return OAuth2TokenValidatorResult.success();
}
}

View File

@ -12,6 +12,7 @@ import lombok.Data;
public class CommonsKeyCloakProperties {
private List<String> ignoredEndpoints = new ArrayList<>();
private boolean validateJWTIssuer = false;
private boolean enabled;
}