artin/OBP-API
1
0
Fork 0
mirror of https://github.com/OpenBankProject/OBP-API.git synced 2026-02-06 17:56:46 +00:00
Code Issues Packages Projects Releases Wiki Activity

feature/Tweak props hydra_uses_obp_user_credentials

Browse Source
This commit is contained in:
Marko Milić 2024-03-22 11:50:05 +01:00
parent 7486a20bc4
commit 40348bd04c
3 changed files with 5 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
obp-api/src/main/resources/props/sample.props.template
View File

@ -1032,7 +1032,7 @@ outboundAdapterCallContext.generalContext
# hydra_token_endpoint_auth_method=private_key_jwt
# hydra_supported_token_endpoint_auth_methods=client_secret_basic,client_secret_post,private_key_jwt
## ORY Hydra login url is "obp-api-hostname/user_mgt/login" implies "true" in order to avoid creation of a new user during OIDC flow
# use_obp_user_at_hydra=false
# hydra_uses_obp_user_credentials=true
# ------------------------------ Hydra oauth2 props end ------------------------------
# ------------------------------ default entitlements ------------------------------

5
obp-api/src/main/scala/code/api/OAuth2.scala
View File

@ -320,11 +320,12 @@ object OAuth2Login extends RestHelper with MdcLoggable {
def resolveProvider(idToken: String) = {
isIssuer(jwtToken = idToken, identityProvider = hydraPublicUrl) match {
case true if HydraUtil.useObpUserAtHydra => // Case that source of the truth of Hydra user management is the OBP-API mapper DB
case true if HydraUtil.hydraUsesObpUserCredentials => // Case that source of the truth of Hydra user management is the OBP-API mapper DB
// In case that ORY Hydra login url is "hostname/user_mgt/login" we MUST override hydraPublicUrl as provider
// in order to avoid creation of a new user
Constant.localIdentityProvider
case false => // All other cases implies a new user creation
case _ => // All other cases implies a new user creation
// TODO raise exception in case of else case
JwtUtil.getIssuer(idToken).getOrElse("")
}
}

2
obp-api/src/main/scala/code/util/HydraUtil.scala
View File

@ -25,7 +25,7 @@ object HydraUtil extends MdcLoggable{
val mirrorConsumerInHydra = APIUtil.getPropsAsBoolValue("mirror_consumer_in_hydra", false)
val useObpUserAtHydra = APIUtil.getPropsAsBoolValue("use_obp_user_at_hydra", false)
val hydraUsesObpUserCredentials = APIUtil.getPropsAsBoolValue("hydra_uses_obp_user_credentials", true)
val clientSecretPost = "client_secret_post"