Skip to content

Commit

Permalink
Merge pull request #1 from bcgov/feature/entra
Browse files Browse the repository at this point in the history 
Changes to support entra/basic/bcsc on new KC
  • Loading branch information
@Harry0589
Harry0589 authored Dec 15, 2024
2 parents dc0fda3 + 6888d48 commit d2ce0e3
Show file tree
Hide file tree
Showing 2 changed files with 9 additions and 30 deletions.
22 changes: 5 additions & 17 deletions ...c/main/java/com/github/bcgov/keycloak/authenticators/SoamFirstTimeLoginAuthenticator.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -51,40 +51,28 @@ protected void authenticateImpl(AuthenticationFlowContext context, SerializedBro
logger.debug("Context Key: " + s + " Value: " + brokerClaims.get(s));
}

JsonWebToken token = (JsonWebToken) brokerContext.getContextData().get("VALIDATED_ID_TOKEN");

Map<String, Object> otherClaims = token.getOtherClaims();
for (String s : otherClaims.keySet()) {
logger.debug("VALIDATED_ID_TOKEN Key: " + s + " Value: " + otherClaims.get(s));
}

String accountType = (String) otherClaims.get("account_type");

//This is added for BCSC - direct IDP
if (accountType == null) {
accountType = ((List<String>) brokerContext.getContextData().get("user.attributes.account_type")).get(0);
}
String accountType = CommonUtils.getValueForAttribute("user.attributes.account_type", brokerContext);

if (accountType == null) {
throw new SoamRuntimeException("Account type is null; account type should always be available, check the IDP mappers for the hardcoded attribute");
}

String username = ((List<String>) brokerContext.getContextData().get("user.attributes.username")).get(0);
String username = CommonUtils.getValueForAttribute("user.attributes.username", brokerContext);

switch (accountType) {
case "entra":
logger.debug("SOAM: Account type entra found");
if (username == null) {
throw new SoamRuntimeException("No entra oid value was found in token");
}
createOrUpdateUser((String) otherClaims.get("entra_user_id"), accountType, "ENTRA", null);
createOrUpdateUser(CommonUtils.getValueForAttribute("user.attributes.entra_user_id", brokerContext), accountType, "ENTRA", null);
break;
case "bceidbasic":
logger.debug("SOAM: Account type bceid found");
if (username == null) {
throw new SoamRuntimeException("No bceid_user_guid value was found in token");
}
createOrUpdateUser((String) otherClaims.get("bceid_user_guid"), accountType, "BASIC", null);
createOrUpdateUser(CommonUtils.getValueForAttribute("user.attributes.bceid_user_guid", brokerContext), accountType, "BASIC", null);
break;
case "bcsc":
logger.debug("SOAM: Account type bcsc found");
Expand Down Expand Up @@ -118,7 +106,7 @@ protected void authenticateImpl(AuthenticationFlowContext context, SerializedBro
federatedUser.setEnabled(true);

if (accountType.equals("bcsc")) {
federatedUser.setSingleAttribute("user_did", ((List<String>) brokerContext.getContextData().get("user.attributes.did")).get(0));
federatedUser.setSingleAttribute("user_did", CommonUtils.getValueForAttribute("user.attributes.did", brokerContext));
}

for (Map.Entry<String, List<String>> attr : serializedCtx.getAttributes().entrySet()) {
Expand Down
17 changes: 4 additions & 13 deletions ...es/src/main/java/com/github/bcgov/keycloak/authenticators/SoamPostLoginAuthenticator.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -52,28 +52,19 @@ public void authenticate(AuthenticationFlowContext context) {
logger.debug("Context Key: " + s + " Value: " + brokerClaims.get(s));
}

String accountType = context.getUser().getFirstAttribute("account_type");

//This is added for BCSC - direct IDP
if (accountType == null) {
accountType = (String) brokerContext.getContextData().get("user.attributes.account_type");
}
String accountType = context.getUser().getFirstAttribute("user.attributes.account_type");

if (accountType == null) {
throw new SoamRuntimeException("Account type is null; account type should always be available, check the IDP mappers for the hardcoded attribute");
}

JsonWebToken token = (JsonWebToken) brokerContext.getContextData().get("VALIDATED_ID_TOKEN");

Map<String, Object> otherClaims = token.getOtherClaims();
logger.debug(ApplicationProperties.mapper.writeValueAsString(otherClaims));
UserModel existingUser = context.getUser();
String user_guid = null;

switch (accountType) {
case "entra":
logger.debug("SOAM Post: Account type entra found");
user_guid = (String) otherClaims.get("entra_user_id");
user_guid = CommonUtils.getValueForAttribute("user.attributes.entra_user_id", brokerContext);
existingUser.setSingleAttribute("user_guid", user_guid);
if (user_guid == null) {
throw new SoamRuntimeException("No entra_user_id value was found in token");
Expand All @@ -82,7 +73,7 @@ public void authenticate(AuthenticationFlowContext context) {
break;
case "bceidbasic":
logger.debug("SOAM Post: Account type basic bceid found");
user_guid = (String) otherClaims.get("bceid_user_guid");
user_guid = CommonUtils.getValueForAttribute("user.attributes.bceid_user_guid", brokerContext);
existingUser.setSingleAttribute("user_guid", user_guid);
if (user_guid == null) {
throw new SoamRuntimeException("No bceid_user_guid value was found in token");
Expand All @@ -91,7 +82,7 @@ public void authenticate(AuthenticationFlowContext context) {
break;
case "bcsc":
logger.debug("SOAM Post: Account type bcsc found");
user_guid = ((List<String>) brokerContext.getContextData().get("user.attributes.did")).get(0);
user_guid = CommonUtils.getValueForAttribute("user.attributes.did", brokerContext);
existingUser.setSingleAttribute("user_did", user_guid);
if (user_guid == null) {
throw new SoamRuntimeException("No bcsc_did value was found in token");
Expand Down

0 comments on commit d2ce0e3

Please sign in to comment.