chore: make user id claim property optional

GenomicDataInfrastructure · Aug 22, 2024 · 5e947e3 · 5e947e3
1 parent 7af7e69
commit 5e947e3
Show file tree

Hide file tree

Showing 5 changed files with 29 additions and 13 deletions.
diff --git a/src/main/java/io/github/genomicdatainfrastructure/daam/api/ApplicationCommandApiImpl.java b/src/main/java/io/github/genomicdatainfrastructure/daam/api/ApplicationCommandApiImpl.java
@@ -11,6 +11,9 @@
 import org.eclipse.microprofile.config.inject.ConfigProperty;
 
 import java.util.List;
+import java.util.Optional;
+
+import static io.github.genomicdatainfrastructure.daam.api.ApplicationQueryApiImpl.DEFAULT_USER_ID_CLAIM;
 
 public class ApplicationCommandApiImpl implements ApplicationCommandApi {
 
@@ -20,7 +23,7 @@ public class ApplicationCommandApiImpl implements ApplicationCommandApi {
     private final SubmitApplicationService submitApplicationService;
     private final AttachFileToApplicationService attachFileToApplicationService;
     private final AcceptTermsService acceptTermsService;
-    private final String userIdClaim;
+    private final Optional<String> userIdClaim;
 
     public ApplicationCommandApiImpl(
             SecurityIdentity identity,
@@ -29,7 +32,7 @@ public ApplicationCommandApiImpl(
             SubmitApplicationService submitApplicationService,
             AttachFileToApplicationService attachFileToApplicationService,
             AcceptTermsService acceptTermsService,
-            @ConfigProperty(name = "quarkus.rest-client.rems_yaml.user-id-claim", defaultValue = "elixir_id") String userIdClaim
+            @ConfigProperty(name = "quarkus.rest-client.rems_yaml.user-id-claim") Optional<String> userIdClaim
     ) {
         this.identity = identity;
         this.saveApplicationService = saveApplicationService;
@@ -126,6 +129,6 @@ public Response acceptApplicationTermsV1(Long id, AcceptTermsCommand acceptTerms
 
     private String userId() {
         var principal = (OidcJwtCallerPrincipal) identity.getPrincipal();
-        return principal.getClaim(userIdClaim);
+        return principal.getClaim(userIdClaim.orElse(DEFAULT_USER_ID_CLAIM));
     }
 }
diff --git a/src/main/java/io/github/genomicdatainfrastructure/daam/api/ApplicationQueryApiImpl.java b/src/main/java/io/github/genomicdatainfrastructure/daam/api/ApplicationQueryApiImpl.java
@@ -14,19 +14,22 @@
 import org.jboss.resteasy.reactive.multipart.FileUpload;
 
 import java.util.List;
+import java.util.Optional;
 
 public class ApplicationQueryApiImpl implements ApplicationQueryApi {
 
+    public static final String DEFAULT_USER_ID_CLAIM = "elixir_id";
+
     private final SecurityIdentity identity;
     private final ListApplicationsService listApplicationsService;
     private final RetrieveApplicationService retrieveApplicationService;
-    private final String userIdClaim;
+    private final Optional<String> userIdClaim;
 
     public ApplicationQueryApiImpl(
             SecurityIdentity identity,
             ListApplicationsService listApplicationsService,
             RetrieveApplicationService retrieveApplicationService,
-            @ConfigProperty(name = "quarkus.rest-client.rems_yaml.user-id-claim", defaultValue = "elixir_id") String userIdClaim
+            @ConfigProperty(name = "quarkus.rest-client.rems_yaml.user-id-claim") Optional<String> userIdClaim
     ) {
         this.identity = identity;
         this.listApplicationsService = listApplicationsService;
@@ -53,6 +56,6 @@ public FileUpload retrieveAttachmentFromApplicationV1(Long id, Long attachmentId
 
     private String userId() {
         var principal = (OidcJwtCallerPrincipal) identity.getPrincipal();
-        return principal.getClaim(userIdClaim);
+        return principal.getClaim(userIdClaim.orElse(DEFAULT_USER_ID_CLAIM));
     }
 }
diff --git a/src/main/java/io/github/genomicdatainfrastructure/daam/api/EntitlementQueryApiImpl.java b/src/main/java/io/github/genomicdatainfrastructure/daam/api/EntitlementQueryApiImpl.java
@@ -10,16 +10,20 @@
 import io.quarkus.security.identity.SecurityIdentity;
 import org.eclipse.microprofile.config.inject.ConfigProperty;
 
+import java.util.Optional;
+
+import static io.github.genomicdatainfrastructure.daam.api.ApplicationQueryApiImpl.DEFAULT_USER_ID_CLAIM;
+
 public class EntitlementQueryApiImpl implements EntitlementQueryApi {
 
     private final SecurityIdentity identity;
     private final RetrieveGrantedDatasetIdentifiersService retrieveGrantedDatasetIdentifiersService;
-    private final String userIdClaim;
+    private final Optional<String> userIdClaim;
 
     public EntitlementQueryApiImpl(
             SecurityIdentity identity,
             RetrieveGrantedDatasetIdentifiersService retrieveGrantedDatasetIdentifiersService,
-            @ConfigProperty(name = "quarkus.rest-client.rems_yaml.user-id-claim", defaultValue = "elixir_id") String userIdClaim
+            @ConfigProperty(name = "quarkus.rest-client.rems_yaml.user-id-claim") Optional<String> userIdClaim
     ) {
         this.identity = identity;
         this.retrieveGrantedDatasetIdentifiersService = retrieveGrantedDatasetIdentifiersService;
@@ -33,6 +37,6 @@ public RetrieveGrantedDatasetIdentifiers retrieveGrantedDatasetIdentifiers() {
 
     private String userId() {
         var principal = (OidcJwtCallerPrincipal) identity.getPrincipal();
-        return principal.getClaim(userIdClaim);
+        return principal.getClaim(userIdClaim.orElse(DEFAULT_USER_ID_CLAIM));
     }
 }
diff --git a/...main/java/io/github/genomicdatainfrastructure/daam/security/PostAuthenticationFilter.java b/...main/java/io/github/genomicdatainfrastructure/daam/security/PostAuthenticationFilter.java
@@ -14,6 +14,10 @@
 import jakarta.ws.rs.ext.Provider;
 import org.eclipse.microprofile.config.inject.ConfigProperty;
 
+import java.util.Optional;
+
+import static io.github.genomicdatainfrastructure.daam.api.ApplicationQueryApiImpl.DEFAULT_USER_ID_CLAIM;
+
 @Provider
 @Priority(Priorities.AUTHENTICATION)
 public class PostAuthenticationFilter implements ContainerRequestFilter {
@@ -23,13 +27,13 @@ public class PostAuthenticationFilter implements ContainerRequestFilter {
 
     private final SecurityIdentity identity;
     private final CreateRemsUserService createRemsUserService;
-    private final String userIdClaim;
+    private final Optional<String> userIdClaim;
 
     @Inject
     public PostAuthenticationFilter(
             SecurityIdentity identity,
             CreateRemsUserService createRemsUserService,
-            @ConfigProperty(name = "quarkus.rest-client.rems_yaml.user-id-claim", defaultValue = "elixir_id") String userIdClaim
+            @ConfigProperty(name = "quarkus.rest-client.rems_yaml.user-id-claim") Optional<String> userIdClaim
     ) {
         this.identity = identity;
         this.createRemsUserService = createRemsUserService;
@@ -42,7 +46,7 @@ public void filter(ContainerRequestContext requestContext) {
             var oidcPrincipal = (OidcJwtCallerPrincipal) identity.getPrincipal();
 
             createRemsUserService.createRemsUser(
-                    oidcPrincipal.getClaim(userIdClaim),
+                    oidcPrincipal.getClaim(userIdClaim.orElse(DEFAULT_USER_ID_CLAIM)),
                     oidcPrincipal.getClaim(USER_NAME_CLAIM),
                     oidcPrincipal.getClaim(EMAIL_CLAIM)
             );

diff --git a/.../java/io/github/genomicdatainfrastructure/daam/security/PostAuthenticationFilterTest.java b/.../java/io/github/genomicdatainfrastructure/daam/security/PostAuthenticationFilterTest.java
@@ -12,6 +12,7 @@
 import org.junit.jupiter.api.BeforeEach;
 import org.junit.jupiter.api.Test;
 
+import static java.util.Optional.of;
 import static org.mockito.Mockito.*;
 
 @QuarkusTest
@@ -28,7 +29,8 @@ class PostAuthenticationFilterTest {
 
     @BeforeEach
     void setUp() {
-        underTest = new PostAuthenticationFilter(securityIdentity, createRemsUserService, "sub");
+        underTest = new PostAuthenticationFilter(securityIdentity, createRemsUserService, of(
+                "sub"));
     }
 
     @Test