From 3a2337ce7153060a9a4abe0c9d182b281f168915 Mon Sep 17 00:00:00 2001 From: Timo Bejan Date: Mon, 26 Jun 2023 17:29:17 +0300 Subject: [PATCH] RED-6686 - jwt issuer --- .../security/TenantJwtIssuerValidator.java | 9 ++++++++- .../security/properties/CommonsKeyCloakProperties.java | 1 + 2 files changed, 9 insertions(+), 1 deletion(-) diff --git a/src/main/java/com/knecon/fforesight/keycloakcommons/security/TenantJwtIssuerValidator.java b/src/main/java/com/knecon/fforesight/keycloakcommons/security/TenantJwtIssuerValidator.java index 31fd1b8..b126ebf 100644 --- a/src/main/java/com/knecon/fforesight/keycloakcommons/security/TenantJwtIssuerValidator.java +++ b/src/main/java/com/knecon/fforesight/keycloakcommons/security/TenantJwtIssuerValidator.java @@ -10,6 +10,7 @@ import org.springframework.security.oauth2.jwt.Jwt; import org.springframework.security.oauth2.jwt.JwtIssuerValidator; import org.springframework.stereotype.Component; +import com.knecon.fforesight.keycloakcommons.security.properties.CommonsKeyCloakProperties; import com.knecon.fforesight.tenantcommons.TenantProvider; import lombok.RequiredArgsConstructor; @@ -18,6 +19,8 @@ import lombok.RequiredArgsConstructor; @RequiredArgsConstructor public class TenantJwtIssuerValidator implements OAuth2TokenValidator { + private final CommonsKeyCloakProperties commonsKeyCloakProperties; + private final TenantProvider tenants; private final Map validators = new ConcurrentHashMap<>(); @@ -25,7 +28,11 @@ public class TenantJwtIssuerValidator implements OAuth2TokenValidator { @Override public OAuth2TokenValidatorResult validate(Jwt token) { - return this.validators.computeIfAbsent(toTenant(token), this::fromTenant).validate(token); + if (commonsKeyCloakProperties.isValidateJWTIssuer()) { + return this.validators.computeIfAbsent(toTenant(token), this::fromTenant).validate(token); + } else { + return OAuth2TokenValidatorResult.success(); + } } diff --git a/src/main/java/com/knecon/fforesight/keycloakcommons/security/properties/CommonsKeyCloakProperties.java b/src/main/java/com/knecon/fforesight/keycloakcommons/security/properties/CommonsKeyCloakProperties.java index 09fe1bd..c5dfab2 100644 --- a/src/main/java/com/knecon/fforesight/keycloakcommons/security/properties/CommonsKeyCloakProperties.java +++ b/src/main/java/com/knecon/fforesight/keycloakcommons/security/properties/CommonsKeyCloakProperties.java @@ -12,6 +12,7 @@ import lombok.Data; public class CommonsKeyCloakProperties { private List ignoredEndpoints = new ArrayList<>(); + private boolean validateJWTIssuer = false; private boolean enabled; }