private String generateUniqueLogin(UserInfo aadUser) { return String.format("%s@%s", aadUser.getDisplayableId(), getKey()); }
private boolean checkRoles(RoleAssignmentResponse response, AuthenticationResult authenticationResult) { List<RoleAssignment> roles = (response != null) ? response.getValue() : null; if (roles != null && !roles.isEmpty()) { log.info("User {} has {} roles in configured scope for security", authenticationResult.getUserInfo().getDisplayableId(), roles.size()); log.debug("User's({}) roles are {}", authenticationResult.getUserInfo().getDisplayableId(), roles.stream().map(RoleAssignment::getName).collect(Collectors.toList())); return true; } else { log.info("User {} does not have any roles in configured scope for security", authenticationResult.getUserInfo().getDisplayableId()); throw new DlabException("User does not have any roles in pre-configured security scope for DLab"); } } }
private String getLogin(UserInfo aadUser) { String loginStrategy = settings.loginStrategy(); if (LOGIN_STRATEGY_UNIQUE.equals(loginStrategy)) { return generateUniqueLogin(aadUser); } else if (LOGIN_STRATEGY_PROVIDER_ID.equals(loginStrategy)) { return aadUser.getDisplayableId(); } else { throw new UnauthorizedException(format("Login strategy not found : %s", loginStrategy)); } }
private UserInfo prepareUserInfo(AuthenticationResult authenticationResult) { com.microsoft.aad.adal4j.UserInfo ui = authenticationResult.getUserInfo(); log.info("Extracted user info display id {}, {} {}", ui.getDisplayableId(), ui.getGivenName(), ui.getFamilyName()); if (ui.getDisplayableId() != null && !ui.getDisplayableId().isEmpty()) { UserInfo userInfo = new UserInfo(ui.getDisplayableId(), getRandomToken()); userInfo.setFirstName(ui.getGivenName()); userInfo.setLastName(ui.getFamilyName()); userInfo.getKeys().put("refresh_token", authenticationResult.getRefreshToken()); userInfo.getKeys().put("created_date_of_refresh_token", Long.toString(System.currentTimeMillis())); return userInfo; } throw new DlabException("Cannot verify user identity"); }
String getUserName(AuthenticationResult result) { UserInfo userInfo = result.getUserInfo(); if (userInfo.getGivenName() != null && userInfo.getFamilyName() != null) { return userInfo.getGivenName() + " " + userInfo.getFamilyName(); } if (result.getIdToken() != null) { String base64EncodedJWTPayload = result.getIdToken().split("\\.")[JWT_PAYLOAD_PART_INDEX]; JSONObject token = new JSONObject(new String(Base64.getDecoder().decode(base64EncodedJWTPayload))); if (token.has(NAME_CLAIM)) { return token.getString(NAME_CLAIM); } } LOGGER.warn(String.format("User's name not found from authentication token for user %s", userInfo.getUniqueId())); return userInfo.getDisplayableId(); }
static UserInfo createFromAdAlUserInfo(final com.microsoft.aad.adal4j.UserInfo adalUserInfo) { if (adalUserInfo == null) { return null; } final UserInfo userInfo = new UserInfo(); userInfo.uniqueId = adalUserInfo.getUniqueId(); userInfo.displayableId = adalUserInfo.getDisplayableId(); userInfo.givenName = adalUserInfo.getGivenName(); userInfo.familyName = adalUserInfo.getFamilyName(); userInfo.identityProvider = adalUserInfo.getIdentityProvider(); userInfo.passwordExpiresOn = adalUserInfo.getPasswordExpiresOn(); userInfo.passwordChangeUrl = adalUserInfo.getPasswordChangeUrl(); return userInfo; }
.setProviderLogin(aadUser.getDisplayableId()) .setLogin(getLogin(aadUser)) .setName(getUserName(result)) .setEmail(aadUser.getDisplayableId()); if (settings.enableGroupSync()) { userGroups = getUserGroupsMembership(result.getAccessToken(), result.getUserInfo().getUniqueId());