-
Notifications
You must be signed in to change notification settings - Fork 12
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Role matching OIDC #3335
Role matching OIDC #3335
Conversation
f7970e6
to
7bd8ef8
Compare
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Durch die änderung ergeben sich noch ein paar test cases
backend/src/main/java/com/bakdata/conquery/apiv1/auth/ProtoRole.java
Outdated
Show resolved
Hide resolved
backend/src/main/java/com/bakdata/conquery/models/auth/AuthorizationController.java
Outdated
Show resolved
Hide resolved
if (user.getRoles().contains(roleId)) { | ||
continue; | ||
} | ||
|
||
final Role role = storage.getRole(roleId); | ||
|
||
if (role == null) { | ||
continue; | ||
} |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
In die IFs bitte auch traces
@Valid | ||
private List<ProtoRole> initialRoles; |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Hier noch die default admin
rolle definieren
return new ConqueryAuthenticationInfo(user, token, this, true); | ||
} | ||
} | ||
|
||
throw new UnknownAccountException("The user id was unknown: " + subject); | ||
} | ||
|
||
private void handleRoleClaims(AccessToken accessToken, User user) { |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Wir sollten ggf. noch das Token/ oder die Tokensignature hashen, damit wir das nicht bei jedem request ausführen
No description provided.