yujunjun/OpenMetadata
1
0
Fork 0
mirror of https://github.com/open-metadata/OpenMetadata.git synced 2025-09-22 15:32:48 +00:00
Code Issues Packages Projects Releases Wiki Activity

Fix #3340: JWTFilter should accept a config to look up the email field in JWT token (#3341)

Browse Source
This commit is contained in:
Sriharsha Chintalapani 2022-03-11 15:03:11 -08:00 committed by GitHub
parent 7c84f063e6
commit 9a8d29b8ca
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
2 changed files with 6 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
catalog-rest-service/src/main/java/org/openmetadata/catalog/security/AuthenticationConfiguration.java
View File

@ -22,6 +22,7 @@ public class AuthenticationConfiguration {
@Getter @Setter private String authority; @Getter @Setter private String authority;
@Getter @Setter private String clientId; @Getter @Setter private String clientId;
@Getter @Setter private String callbackUrl; @Getter @Setter private String callbackUrl;
@Getter @Setter private String jwtEmail = "email";
@Override @Override
public String toString() { public String toString() {

6
catalog-rest-service/src/main/java/org/openmetadata/catalog/security/JwtFilter.java
View File

@ -40,12 +40,14 @@ public class JwtFilter implements ContainerRequestFilter {
public static final String AUTHORIZATION_HEADER = "Authorization"; public static final String AUTHORIZATION_HEADER = "Authorization";
public static final String TOKEN_PREFIX = "Bearer"; public static final String TOKEN_PREFIX = "Bearer";
private String publicKeyUri; private String publicKeyUri;
private String jwtEmail;
@SuppressWarnings("unused") @SuppressWarnings("unused")
private JwtFilter() {} private JwtFilter() {}
public JwtFilter(AuthenticationConfiguration authenticationConfiguration) { public JwtFilter(AuthenticationConfiguration authenticationConfiguration) {
this.publicKeyUri = authenticationConfiguration.getPublicKey(); this.publicKeyUri = authenticationConfiguration.getPublicKey();
this.jwtEmail = authenticationConfiguration.getJwtEmail();
} }
@SneakyThrows @SneakyThrows
@ -79,7 +81,9 @@ public class JwtFilter implements ContainerRequestFilter {
throw new AuthenticationException("Invalid token"); throw new AuthenticationException("Invalid token");
} }
String authorizedEmail; String authorizedEmail;
if (jwt.getClaims().get("email") != null) { if (jwt.getClaims().get(jwtEmail) != null) {
authorizedEmail = jwt.getClaim(jwtEmail).as(TextNode.class).asText();
} else if (jwt.getClaims().get("email") != null) {
authorizedEmail = jwt.getClaim("email").as(TextNode.class).asText(); authorizedEmail = jwt.getClaim("email").as(TextNode.class).asText();
} else if (jwt.getClaims().get("preferred_username") != null) { } else if (jwt.getClaims().get("preferred_username") != null) {
authorizedEmail = jwt.getClaim("preferred_username").as(TextNode.class).asText(); authorizedEmail = jwt.getClaim("preferred_username").as(TextNode.class).asText();