This is an automated email from the ASF dual-hosted git repository. toulmean pushed a commit to branch main in repository https://gitbox.apache.org/repos/asf/incubator-tuweni.git
The following commit(s) were added to refs/heads/main by this push: new 5bebbda disable checking for an org explicitly with a boolean new 2344c39 Merge pull request #244 from atoulme/faucet_disable_org_auth 5bebbda is described below commit 5bebbda5fa8181fddd5ac4ece68e0c8aeb87ef87 Author: Antoine Toulme <anto...@lunar-ocean.com> AuthorDate: Mon May 24 23:05:42 2021 -0700 disable checking for an org explicitly with a boolean --- .../org/apache/tuweni/faucet/FaucetApplication.kt | 33 +++++++++++++--------- eth-faucet/src/main/resources/application.yml | 1 + 2 files changed, 20 insertions(+), 14 deletions(-) diff --git a/eth-faucet/src/main/kotlin/org/apache/tuweni/faucet/FaucetApplication.kt b/eth-faucet/src/main/kotlin/org/apache/tuweni/faucet/FaucetApplication.kt index 350fcc7..7fb8d43 100644 --- a/eth-faucet/src/main/kotlin/org/apache/tuweni/faucet/FaucetApplication.kt +++ b/eth-faucet/src/main/kotlin/org/apache/tuweni/faucet/FaucetApplication.kt @@ -45,6 +45,9 @@ class FaucetApplication { @Value("\${banner}") var banner: String? = null + @Value("\${auth.disabledOrg}") + var disabledOrgMembership: Boolean = false + @Value("\${auth.org}") var authorizedOrg: String? = null @@ -74,20 +77,22 @@ class FaucetApplication { val delegate = DefaultOAuth2UserService() return OAuth2UserService { request: OAuth2UserRequest -> val user = delegate.loadUser(request) - authorizedOrg?.let { - val client = OAuth2AuthorizedClient(request.clientRegistration, user.name, request.accessToken) - val url = user.getAttribute<String>("organizations_url") - val orgs = rest - .get().uri(url ?: "") - .attributes(oauth2AuthorizedClient(client)) - .retrieve() - .bodyToMono(MutableList::class.java) - .block() - val found = orgs?.stream()?.anyMatch { org -> - authorizedOrg == (org as Map<*, *>)["login"] - } ?: false - if (!found) { - throw OAuth2AuthenticationException(OAuth2Error("invalid_token", "Not in authorized team", "")) + if (!disabledOrgMembership) { + authorizedOrg?.let { + val client = OAuth2AuthorizedClient(request.clientRegistration, user.name, request.accessToken) + val url = user.getAttribute<String>("organizations_url") + val orgs = rest + .get().uri(url ?: "") + .attributes(oauth2AuthorizedClient(client)) + .retrieve() + .bodyToMono(MutableList::class.java) + .block() + val found = orgs?.stream()?.anyMatch { org -> + authorizedOrg == (org as Map<*, *>)["login"] + } ?: false + if (!found) { + throw OAuth2AuthenticationException(OAuth2Error("invalid_token", "Not in authorized team", "")) + } } } user diff --git a/eth-faucet/src/main/resources/application.yml b/eth-faucet/src/main/resources/application.yml index a4bd3c3..fa8d325 100644 --- a/eth-faucet/src/main/resources/application.yml +++ b/eth-faucet/src/main/resources/application.yml @@ -30,6 +30,7 @@ html: auth: org: apache + disabledOrg: false faucet: maxETH: 100 --------------------------------------------------------------------- To unsubscribe, e-mail: commits-unsubscr...@tuweni.apache.org For additional commands, e-mail: commits-h...@tuweni.apache.org