QRunIO/qqq
2
0
Fork 0
mirror of https://github.com/Kingsrook/qqq.git synced 2025-07-17 20:50:44 +00:00
Code Issues Packages Projects Releases Wiki Activity

Move scopes from hard-coded to meta-data

Browse Source
This commit is contained in:
darin.kelkhoff
2025-04-10 14:50:22 -05:00
parent af51641d2a
commit 9056be056e
3 changed files with 38 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

33
qqq-backend-core/src/main/java/com/kingsrook/qqq/backend/core/model/metadata/authentication/OAuth2AuthenticationMetaData.java
View File

@ -39,6 +39,7 @@ public class OAuth2AuthenticationMetaData extends QAuthenticationMetaData
private String baseUrl;
private String tokenUrl;
private String clientId;
private String scopes;
private String userSessionTableName;
private String redirectStateTableName;
@ -80,6 +81,7 @@ public class OAuth2AuthenticationMetaData extends QAuthenticationMetaData
qInstanceValidator.assertCondition(StringUtils.hasContent(baseUrl), prefix + "baseUrl must be set");
qInstanceValidator.assertCondition(StringUtils.hasContent(clientId), prefix + "clientId must be set");
qInstanceValidator.assertCondition(StringUtils.hasContent(clientSecret), prefix + "clientSecret must be set");
qInstanceValidator.assertCondition(StringUtils.hasContent(scopes), prefix + "scopes must be set");
if(qInstanceValidator.assertCondition(StringUtils.hasContent(userSessionTableName), prefix + "userSessionTableName must be set"))
{
@ -284,4 +286,35 @@ public class OAuth2AuthenticationMetaData extends QAuthenticationMetaData
return (this);
}
/*******************************************************************************
** Getter for scopes
*******************************************************************************/
public String getScopes()
{
return (this.scopes);
}
/*******************************************************************************
** Setter for scopes
*******************************************************************************/
public void setScopes(String scopes)
{
this.scopes = scopes;
}
/*******************************************************************************
** Fluent setter for scopes
*******************************************************************************/
public OAuth2AuthenticationMetaData withScopes(String scopes)
{
this.scopes = scopes;
return (this);
}
}

6
qqq-backend-core/src/main/java/com/kingsrook/qqq/backend/core/modules/authentication/implementations/OAuth2AuthenticationModule.java
View File

@ -134,7 +134,7 @@ public class OAuth2AuthenticationModule implements QAuthenticationModuleInterfac
AuthorizationCodeGrant codeGrant = new AuthorizationCodeGrant(code, redirectURI);
URI tokenEndpoint = getOIDCProviderMetadata(oauth2MetaData).getTokenEndpointURI();
Scope scope = new Scope("openid profile email offline_access");
Scope scope = new Scope(oauth2MetaData.getScopes());
TokenRequest tokenRequest = new TokenRequest(tokenEndpoint, clientSecretBasic, codeGrant, scope);
return createSessionFromTokenRequest(tokenRequest);
@ -155,7 +155,7 @@ public class OAuth2AuthenticationModule implements QAuthenticationModuleInterfac
ClientAuthentication clientAuth = new ClientSecretBasic(clientID, clientSecret);
URI tokenEndpoint = getOIDCProviderMetadata(oauth2MetaData).getTokenEndpointURI();
Scope scope = new Scope("openid profile email offline_access");
Scope scope = new Scope(oauth2MetaData.getScopes());
TokenRequest tokenRequest = new TokenRequest(tokenEndpoint, clientAuth, codeGrant, scope);
return createSessionFromTokenRequest(tokenRequest);
@ -304,7 +304,7 @@ public class OAuth2AuthenticationModule implements QAuthenticationModuleInterfac
+ "?client_id=" + URLEncoder.encode(oauth2MetaData.getClientId(), StandardCharsets.UTF_8)
+ "&redirect_uri=" + URLEncoder.encode(originalUrl, StandardCharsets.UTF_8)
+ "&response_type=code"
+ "&scope=" + URLEncoder.encode("openid profile email", StandardCharsets.UTF_8)
+ "&scope=" + URLEncoder.encode(oauth2MetaData.getScopes(), StandardCharsets.UTF_8)
+ "&state=" + URLEncoder.encode(state.getValue(), StandardCharsets.UTF_8);
}
catch(Exception e)