From 59ca41fe329ebdb780b71e4ee62223dd615d589e Mon Sep 17 00:00:00 2001 From: "K.Filippopolitis" <56073635+KFilippopolitis@users.noreply.github.com> Date: Tue, 5 Mar 2024 09:49:45 +0200 Subject: [PATCH] Fixed a bug on the authorization of the users. (#76) --- .../mip/configurations/PersistenceConfiguration.java | 5 +++-- .../mip/configurations/SecurityConfiguration.java | 12 +++++++----- 2 files changed, 10 insertions(+), 7 deletions(-) diff --git a/src/main/java/hbp/mip/configurations/PersistenceConfiguration.java b/src/main/java/hbp/mip/configurations/PersistenceConfiguration.java index ee370f4d..b915afdd 100644 --- a/src/main/java/hbp/mip/configurations/PersistenceConfiguration.java +++ b/src/main/java/hbp/mip/configurations/PersistenceConfiguration.java @@ -16,7 +16,7 @@ @Configuration -@EnableJpaRepositories("hbp.mip.repositories") +@EnableJpaRepositories(basePackages = {"hbp.mip.experiment", "hbp.mip.user"}) public class PersistenceConfiguration { @Primary @@ -33,7 +33,8 @@ public LocalContainerEntityManagerFactoryBean entityManagerFactory() { emfb.setDataSource(portalDataSource()); JpaVendorAdapter vendorAdapter = new HibernateJpaVendorAdapter(); emfb.setJpaVendorAdapter(vendorAdapter); - emfb.setPackagesToScan("hbp.mip.models.DAOs"); + emfb.setPackagesToScan("hbp.mip.experiment", "hbp.mip.user"); + return emfb; } diff --git a/src/main/java/hbp/mip/configurations/SecurityConfiguration.java b/src/main/java/hbp/mip/configurations/SecurityConfiguration.java index 29a5790b..879168b7 100644 --- a/src/main/java/hbp/mip/configurations/SecurityConfiguration.java +++ b/src/main/java/hbp/mip/configurations/SecurityConfiguration.java @@ -22,10 +22,7 @@ import org.springframework.security.web.csrf.XorCsrfTokenRequestAttributeHandler; import org.springframework.stereotype.Component; -import java.util.Collection; -import java.util.HashSet; -import java.util.Map; -import java.util.Set; +import java.util.*; import java.util.stream.Collectors; @Configuration @@ -115,11 +112,16 @@ SecurityFilterChain clientSecurityFilterChain(HttpSecurity http, ClientRegistrat @RequiredArgsConstructor static class GrantedAuthoritiesMapperImpl implements GrantedAuthoritiesMapper { private static Collection extractAuthorities(Map claims) { - return ((Collection) claims.get("authorities")).stream() + Collection authorities = (Collection) claims.get("authorities"); + if (authorities == null) { + return Collections.emptyList(); // or throw a more informative exception if appropriate + } + return authorities.stream() .map(SimpleGrantedAuthority::new) .collect(Collectors.toList()); } + @Override public Collection mapAuthorities(Collection authorities) { Set mappedAuthorities = new HashSet<>();