/** * Will add all principals and credentials from another subject to this subject, will not replace {@link #principals()}. * * @param another the other subject to combine with this subject * @return a new subject that is a combination of this subject and the other subject, this subject is more significant */ public Subject combine(Subject another) { Builder builder = Subject.builder() .addPrincipal(this.principal); // add this subject principals.forEach(builder::addPrincipal); privateCredentials.keys().forEach(key -> builder.addPrivateCredential(key, privateCredentials.getInstance(key))); publicCredentials.keys().forEach(key -> builder.addPublicCredential(key, publicCredentials.getInstance(key))); grants.forEach(builder::addGrant); attributes.abacAttributeNames().forEach(key -> builder.addAttribute(key, attributes.abacAttribute(key))); // add the other subject another.principals.forEach(builder::addPrincipal); another.privateCredentials.keys() .forEach(key -> builder.addPrivateCredential(key, another.privateCredentials.getInstance(key))); another.publicCredentials.keys() .forEach(key -> builder.addPublicCredential(key, another.publicCredentials.getInstance(key))); another.grants.forEach(builder::addGrant); another.attributes.abacAttributeNames().forEach(key -> builder.addAttribute(key, another.attributes.abacAttribute(key))); return builder.build(); }
Subject buildSubject(Jwt jwt, SignedJwt signedJwt) { JsonWebTokenImpl principal = buildPrincipal(jwt, signedJwt); TokenCredential.Builder builder = TokenCredential.builder(); jwt.issueTime().ifPresent(builder::issueTime); jwt.expirationTime().ifPresent(builder::expTime); jwt.issuer().ifPresent(builder::issuer); builder.token(signedJwt.tokenContent()); builder.addToken(JsonWebToken.class, principal); builder.addToken(Jwt.class, jwt); builder.addToken(SignedJwt.class, signedJwt); Subject.Builder subjectBuilder = Subject.builder() .principal(principal) .addPublicCredential(TokenCredential.class, builder.build()); Optional<List<String>> userGroups = jwt.userGroups(); userGroups.ifPresent(groups -> groups.forEach(group -> subjectBuilder.addGrant(Role.create(group)))); Optional<List<String>> scopes = jwt.scopes(); scopes.ifPresent(scopeList -> scopeList.forEach(scope -> subjectBuilder.addGrant(Grant.builder() .name(scope) .type("scope") .build()))); return subjectBuilder.build(); }
private Subject buildSubject(Jwt jwt, SignedJwt signedJwt) { Principal principal = buildPrincipal(jwt); TokenCredential.Builder builder = TokenCredential.builder(); jwt.issueTime().ifPresent(builder::issueTime); jwt.expirationTime().ifPresent(builder::expTime); jwt.issuer().ifPresent(builder::issuer); builder.token(signedJwt.tokenContent()); builder.addToken(Jwt.class, jwt); builder.addToken(SignedJwt.class, signedJwt); Optional<List<String>> scopes = jwt.scopes(); Subject.Builder subjectBuilder = Subject.builder() .principal(principal) .addPublicCredential(TokenCredential.class, builder.build()); scopes.ifPresent(scopeList -> scopeList.forEach(scope -> subjectBuilder.addGrant(Grant.builder() .name(scope) .type("scope") .build()))); return subjectBuilder.build(); }
Subject buildSubject(Jwt jwt, SignedJwt signedJwt) { JsonWebTokenImpl principal = buildPrincipal(jwt, signedJwt); TokenCredential.Builder builder = TokenCredential.builder(); jwt.issueTime().ifPresent(builder::issueTime); jwt.expirationTime().ifPresent(builder::expTime); jwt.issuer().ifPresent(builder::issuer); builder.token(signedJwt.tokenContent()); builder.addToken(JsonWebToken.class, principal); builder.addToken(Jwt.class, jwt); builder.addToken(SignedJwt.class, signedJwt); Subject.Builder subjectBuilder = Subject.builder() .principal(principal) .addPublicCredential(TokenCredential.class, builder.build()); Optional<List<String>> userGroups = jwt.userGroups(); userGroups.ifPresent(groups -> groups.forEach(group -> subjectBuilder.addGrant(Role.create(group)))); Optional<List<String>> scopes = jwt.scopes(); scopes.ifPresent(scopeList -> scopeList.forEach(scope -> subjectBuilder.addGrant(Grant.builder() .name(scope) .type("scope") .build()))); return subjectBuilder.build(); }
Subject buildSubject(Jwt jwt, SignedJwt signedJwt) { Principal principal = buildPrincipal(jwt); TokenCredential.Builder builder = TokenCredential.builder(); jwt.issueTime().ifPresent(builder::issueTime); jwt.expirationTime().ifPresent(builder::expTime); jwt.issuer().ifPresent(builder::issuer); builder.token(signedJwt.tokenContent()); builder.addToken(Jwt.class, jwt); builder.addToken(SignedJwt.class, signedJwt); Optional<List<String>> scopes = jwt.scopes(); Subject.Builder subjectBuilder = Subject.builder() .principal(principal) .addPublicCredential(TokenCredential.class, builder.build()); scopes.ifPresent(scopeList -> { scopeList.forEach(scope -> subjectBuilder.addGrant(Grant.builder() .name(scope) .type("scope") .build())); }); return subjectBuilder.build(); }
private Subject buildSubject(String accessToken, GoogleIdToken.Payload payload) { TokenCredential.Builder builder = TokenCredential.builder(); builder.issueTime(toInstant(payload.getIssuedAtTimeSeconds())); builder.expTime(toInstant(payload.getExpirationTimeSeconds())); builder.issuer(payload.getIssuer()); builder.token(accessToken); builder.addToken(GoogleIdToken.Payload.class, payload); String email = payload.getEmail(); String userId = payload.getSubject(); Principal principal = Principal.builder() .id(userId) .name((null == email) ? userId : email) .addAttribute("fullName", payload.get("name")) .addAttribute("emailVerified", payload.getEmailVerified()) .addAttribute("locale", payload.get("locale")) .addAttribute("familyName", payload.get("family_name")) .addAttribute("givenName", payload.get("given_name")) .addAttribute("pictureUrl", payload.get("picture")) .build(); return Subject.builder() .principal(principal) .addPublicCredential(TokenCredential.class, builder.build()) .build(); }
Subject buildSubject(Jwt jwt, SignedJwt signedJwt) { Principal principal = buildPrincipal(jwt); TokenCredential.Builder builder = TokenCredential.builder(); jwt.issueTime().ifPresent(builder::issueTime); jwt.expirationTime().ifPresent(builder::expTime); jwt.issuer().ifPresent(builder::issuer); builder.token(signedJwt.tokenContent()); builder.addToken(Jwt.class, jwt); builder.addToken(SignedJwt.class, signedJwt); Optional<List<String>> scopes = jwt.scopes(); Subject.Builder subjectBuilder = Subject.builder() .principal(principal) .addPublicCredential(TokenCredential.class, builder.build()); scopes.ifPresent(scopeList -> { scopeList.forEach(scope -> subjectBuilder.addGrant(Grant.builder() .name(scope) .type("scope") .build())); }); return subjectBuilder.build(); }