private CompletionStage<AuthenticationResponse> mapSubject(AuthenticationResponse prevResponse) { ProviderRequest providerRequest = new ProviderRequest(context, request.resources(), request.requestEntity(), request.responseEntity()); if (prevResponse.status() == SecurityResponse.SecurityStatus.SUCCESS) { return security.subjectMapper() .map(mapper -> mapper.map(providerRequest, prevResponse)) .orElseGet(() -> CompletableFuture.completedFuture(prevResponse)) .thenApply(newResponse -> { // intentionally checking for instance equality, as that means we are guaranteed no changes if (newResponse == prevResponse) { // no changes were done, response as is return prevResponse; } else { newResponse.user().ifPresent(context::setUser); newResponse.service().ifPresent(context::setService); return newResponse; } }); } else { return CompletableFuture.completedFuture(prevResponse); } }
private CompletionStage<AuthenticationResponse> enhance(Subject subject, AuthenticationResponse previousResponse) { String username = subject.principal().getName(); List<? extends Grant> grants = roleCache.computeValue(username, () -> getGrantsFromServer(username)) .orElse(CollectionsHelper.listOf()); AuthenticationResponse.Builder builder = AuthenticationResponse.builder(); builder.user(buildSubject(subject, grants)); previousResponse.service().ifPresent(builder::service); previousResponse.description().ifPresent(builder::description); builder.requestHeaders(previousResponse.requestHeaders()); AuthenticationResponse response = builder.build(); return CompletableFuture.completedFuture(response); }
private void atnSpanFinish(Span atnSpan, AuthenticationResponse response) { response.user() .ifPresent(subject -> atnSpan .log("security.user: " + subject.principal().getName())); response.service() .ifPresent(subject -> atnSpan.log("security.service: " + subject.principal().getName())); atnSpan.log("status: " + response.status()); atnSpan.finish(); }
.ifPresent(context::setUser); response.service() .ifPresent(context::setService);