Skip to content

Commit

Permalink
Add back InactiveCacheMap and add optional_oauth2 to AutoCofigExclude…
Browse files Browse the repository at this point in the history
… class
  • Loading branch information
haynescd committed Jan 17, 2024
1 parent 3a3cdc8 commit 06425c4
Show file tree
Hide file tree
Showing 5 changed files with 45 additions and 84 deletions.
Original file line number Diff line number Diff line change
@@ -0,0 +1,39 @@
package org.cbioportal.persistence.cachemaputil;

import org.cbioportal.model.CancerStudy;
import org.cbioportal.model.MolecularProfile;
import org.cbioportal.model.SampleList;
import org.springframework.boot.autoconfigure.condition.ConditionalOnProperty;
import org.springframework.stereotype.Component;

import java.util.Map;

@Component
// This implementation of the CacheMapUtils is instantiated on portals where all uses can access any study.
@ConditionalOnProperty(name = "security.method_authorization_enabled", havingValue = "false", matchIfMissing = true)
public class InactiveCacheMapUtil implements CacheMapUtil {

// Since user-permission evaluation is not needed when this bean is present, throw an error when it is accessed.

@Override
public Map<String, MolecularProfile> getMolecularProfileMap() {
throw new RuntimeException("A CacheMapUtils method was called on a portal where studies are accessible to all users.");
}

@Override
public Map<String, SampleList> getSampleListMap() {
throw new RuntimeException("A CacheMapUtils method was called on a portal where studies are accessible to all users.");
}

@Override
public Map<String, CancerStudy> getCancerStudyMap() {
throw new RuntimeException("A CacheMapUtils method was called on a portal where studies are accessible to all users.");
}

// bean is only instantiated when there is no user authorization
@Override
public boolean hasCacheEnabled() {
return false;
}

}
Original file line number Diff line number Diff line change
Expand Up @@ -17,7 +17,7 @@
import org.springframework.security.web.context.SecurityContextPersistenceFilter;

@Configuration
@ConditionalOnProperty(name = "authenticate", havingValue = {"false", "noauthsessionservice"}, isNot = true)
@ConditionalOnProperty(name = "authenticate", havingValue = {"false", "noauthsessionservice", "optional_oauth2"}, isNot = true)
public class ApiSecurityConfig {

// Add security filter chains that handle calls to the API endpoints.
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -11,7 +11,7 @@
public class AutoconfigureExcludeConfig {

@Configuration
@ConditionalOnProperty(name = "authenticate", havingValue = {"saml", "oauth2"}, isNot = true)
@ConditionalOnProperty(name = "authenticate", havingValue = {"saml", "oauth2", "optional_oauth2"}, isNot = true)
@EnableAutoConfiguration(exclude={OAuth2ClientAutoConfiguration.class, Saml2RelyingPartyAutoConfiguration.class})
public static class ExcludeAll {}

Expand Down

This file was deleted.

Original file line number Diff line number Diff line change
Expand Up @@ -49,10 +49,11 @@ public static Collection<String> extractClientRoles(final JsonNode claims, final
} else {
throw new BadCredentialsException("Cannot Find user Roles in JWT Access Token ");
}
return StreamSupport.stream(rolesCursor.spliterator(), false)
.map(JsonNode::asText)
.collect(Collectors.toSet());

}
return StreamSupport.stream(rolesCursor.spliterator(), false)
.map(JsonNode::asText)
.collect(Collectors.toSet());
} catch (Exception e) {
log.error("Error Grabbing Client Roles from OIDC User Info: Realm roles must follow the convention resource_access:client_id:roles");
}
Expand Down

0 comments on commit 06425c4

Please sign in to comment.