@Override
@SuppressWarnings("unchecked")
protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principals) {
logger.trace("resolve authorization info");
// retrieve user information
SimplePrincipalCollection principalCollection = (SimplePrincipalCollection) principals;
List<Object> listPrincipals = principalCollection.asList();
Map<String, String> attributes = (Map<String, String>) listPrincipals.get(1);
// create simple authorization info
SimpleAuthorizationInfo simpleAuthorizationInfo = new SimpleAuthorizationInfo();
// add default roles
addRoles(simpleAuthorizationInfo, split(getDefaultRoles()));
// add default permissions
addPermissions(simpleAuthorizationInfo, split(getDefaultPermissions()));
// get roles from attributes
List<String> attributeNames = split(getRoleAttributeNames());
for (String attributeName : attributeNames) {
final Object value = attributes.get(attributeName);
if (value instanceof Collection<?>) {
for (final Object valueEntry : (Collection<?>) value) {
addRoles(simpleAuthorizationInfo, split((String) valueEntry));
}
} else {
addRoles(simpleAuthorizationInfo, split((String) value));
}
}
// get permissions from attributes
attributeNames = split(getPermissionAttributeNames());
for (String attributeName : attributeNames) {
final Object value = attributes.get(attributeName);
if (value instanceof Collection<?>) {
for (final Object valueEntry : (Collection<?>) value) {
addPermissions(simpleAuthorizationInfo, split((String) valueEntry));
}
} else {
addPermissions(simpleAuthorizationInfo, split((String) value));
}
}
if (simpleAuthorizationInfo.getRoles() != null
&& simpleAuthorizationInfo.getRoles().contains(configuration.getAdministratorRole())) {
simpleAuthorizationInfo.addRole(Roles.ADMINISTRATOR);
}
return simpleAuthorizationInfo;
}
/**
* Retrieves the AuthorizationInfo for the given principals (the CAS previously authenticated user
* : id + attributes).
*
* @param principals the primary identifying principals of the AuthorizationInfo that should be
* retrieved.
* @return the AuthorizationInfo associated with this principals.
*/
@Override
@SuppressWarnings("unchecked")
protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principals) {
// retrieve user information
SimplePrincipalCollection principalCollection = (SimplePrincipalCollection) principals;
List<Object> listPrincipals = principalCollection.asList();
Map<String, String> attributes = (Map<String, String>) listPrincipals.get(1);
String authorityStr = attributes.get("authority");
SimpleAuthorizationInfo simpleAuthorizationInfo = new SimpleAuthorizationInfo();
try {
String username = URLDecoder.decode(attributes.get("username"), "UTF-8");
if ("admin".equals(username)) {
simpleAuthorizationInfo.addRole("admin");
}
if (authorityStr != null) {
ObjectMapper objectMapper = new ObjectMapper();
authorityStr = java.net.URLDecoder.decode(authorityStr, "UTF-8").replace(""", "\"");
List<Map<String, Object>> authorityList = objectMapper.readValue(authorityStr, List.class);
for (Map<String, Object> auth : authorityList) {
String appCode = auth.get("appCode").toString();
if (simpleAuthorizationInfo.getRoles() == null) {
simpleAuthorizationInfo.addRole(appCode);
} else if (!simpleAuthorizationInfo.getRoles().contains(appCode)) {
simpleAuthorizationInfo.addRole(appCode);
}
simpleAuthorizationInfo.addStringPermission(appCode + ":" + auth.get("url").toString());
// simpleAuthorizationInfo.addRole(auth.get("role").toString());
}
}
} catch (JsonParseException e) {
e.printStackTrace();
} catch (JsonMappingException e) {
e.printStackTrace();
} catch (IOException e) {
e.printStackTrace();
}
return simpleAuthorizationInfo;
}
