Commit dc4360a5 authored by Maxym Borodenko's avatar Maxym Borodenko

Allow OAuth clients use /api/v1/me/profile

parent 894f3bea
......@@ -20,9 +20,11 @@ import java.io.IOException;
import java.util.UUID;
import io.swagger.annotations.Api;
import org.genesys.blocks.oauth.service.OAuthClientDetailsService;
import org.genesys.blocks.security.SecurityContextUtil;
import org.genesys.blocks.security.UserException;
import org.genesys.blocks.security.lockout.AccountLockoutManager;
import org.genesys.blocks.security.model.AclSid;
import org.genesys.blocks.security.model.BasicUser;
import org.genesys.blocks.security.service.PasswordPolicy;
import org.genesys.catalog.service.ShortFilterService;
......@@ -41,6 +43,7 @@ import org.springframework.security.core.Authentication;
import org.springframework.security.core.context.SecurityContextHolder;
import org.springframework.security.core.userdetails.UsernameNotFoundException;
import org.springframework.security.crypto.password.PasswordEncoder;
import org.springframework.security.oauth2.provider.OAuth2Authentication;
import org.springframework.security.oauth2.provider.authentication.OAuth2AuthenticationDetails;
import org.springframework.security.oauth2.provider.token.ConsumerTokenServices;
import org.springframework.web.bind.annotation.GetMapping;
......@@ -86,15 +89,34 @@ public class MeController extends ApiBaseController {
@Autowired
private EMailVerificationService emailVerificationService;
@Autowired
private OAuthClientDetailsService oauthClientService;
/**
* Gets the profile.
*
* @return the profile
*/
@PreAuthorize("isAuthenticated()") // Available for OAuth clients
@GetMapping(value = "/profile")
public User getProfile() {
final User currentUser = SecurityContextUtil.getMe();
return userService.getUser(UUID.fromString(currentUser.getUuid()));
public AclSid getProfile() {
final Authentication authentication = SecurityContextHolder.getContext().getAuthentication();
if (authentication instanceof OAuth2Authentication) {
OAuth2Authentication oauthAuth = (OAuth2Authentication) authentication;
if (oauthAuth.isClientOnly()) {
LOG.debug("OAuth client-only authentication: {}", oauthAuth);
Object principal = oauthAuth.getPrincipal();
LOG.debug("OAuth client-only principal: {} {}", principal.getClass(), principal);
return oauthClientService.getClient(oauthAuth.getName());
}
Authentication userAuth = oauthAuth.getUserAuthentication();
if (userAuth != null) {
final User currentUser = SecurityContextUtil.getMe();
return userService.getUser(UUID.fromString(currentUser.getUuid()));
}
}
throw new NotFoundElement("You don't exist");
}
/**
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment