Compare commits

..

2 Commits

Author SHA1 Message Date
9824fbbbfd
refactor(welcome): update getRoles method signature
Some checks failed
Quality Check / Tests (pull_request) Successful in 1m0s
Quality Check / Checkstyle Main (pull_request) Successful in 45s
Build PR / Build and analyze (pull_request) Successful in 1m54s
gitea-sonarqube-bot ERROR
2024-10-02 09:35:12 +02:00
993387fa0c
fix(security): update roles claim for granted authorities 2024-10-02 09:34:26 +02:00
2 changed files with 5 additions and 5 deletions

@ -84,8 +84,8 @@ class KeycloakSecurityConfig {
List<GrantedAuthority> grantedAuthorities = new ArrayList<>();
Map<String, Object> realmAccess = jwt.getClaim(REALM_ACCESS_CLAIM);
if (realmAccess != null && realmAccess.containsKey("roles")) {
List<String> roles = (List<String>) realmAccess.get("roles");
if (realmAccess != null && realmAccess.containsKey(ROLES_CLAIM)) {
List<String> roles = (List<String>) realmAccess.get(ROLES_CLAIM);
for (String role : roles) {
grantedAuthorities.add(new SimpleGrantedAuthority("ROLE_" + role));
}

@ -3,12 +3,12 @@ package de.szut.lf8_starter.welcome;
import org.springframework.http.ResponseEntity;
import org.springframework.security.access.prepost.PreAuthorize;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.GrantedAuthority;
import org.springframework.web.bind.annotation.GetMapping;
import org.springframework.web.bind.annotation.RestController;
import java.security.Principal;
import java.util.Collection;
@RestController
public class WelcomeController {
@ -19,7 +19,7 @@ public class WelcomeController {
}
@GetMapping("/roles")
public ResponseEntity<?> getRoles(Authentication authentication) {
public ResponseEntity<Collection<? extends GrantedAuthority>> getRoles(Authentication authentication) {
return ResponseEntity.ok(authentication.getAuthorities());
}