Merge branch 'main' of github.com:ls1intum/thesis-track into main

ls1intum · Nov 21, 2024 · 68e9f4d · 68e9f4d
2 parents 808400a + 3a026e1
commit 68e9f4d
Show file tree

Hide file tree

Showing 5 changed files with 28 additions and 17 deletions.
diff --git a/server/Dockerfile b/server/Dockerfile
@@ -1,4 +1,4 @@
-FROM gradle:8.11.0-jdk21 AS build
+FROM gradle:8.11.1-jdk21 AS build
 COPY --chown=gradle:gradle . /home/gradle/src
 WORKDIR /home/gradle/src
 RUN gradle build -x test --no-daemon

diff --git a/server/build.gradle b/server/build.gradle
@@ -62,11 +62,11 @@ dependencies {
 	testImplementation "org.mockito:mockito-core:5.14.2"
 	testImplementation "org.mockito:mockito-junit-jupiter:5.14.2"
 
-	testImplementation "org.testcontainers:testcontainers:${testcontainer_version}"
-	testImplementation "org.testcontainers:junit-jupiter:${testcontainer_version}"
-	testImplementation "org.testcontainers:jdbc:${testcontainer_version}"
-	testImplementation "org.testcontainers:database-commons:${testcontainer_version}"
-	testImplementation "org.testcontainers:postgresql:${testcontainer_version}"
+	testImplementation "org.testcontainers:testcontainers:${test_container_version}"
+	testImplementation "org.testcontainers:junit-jupiter:${test_container_version}"
+	testImplementation "org.testcontainers:jdbc:${test_container_version}"
+	testImplementation "org.testcontainers:database-commons:${test_container_version}"
+	testImplementation "org.testcontainers:postgresql:${test_container_version}"
 
 	// TODO: for some reason an update of org.junit.jupiter:junit-jupiter-engine to 5.11.x breaks the tests
 	testRuntimeOnly "org.junit.jupiter:junit-jupiter-engine:5.10.5"

diff --git a/server/gradle.properties b/server/gradle.properties
@@ -1,4 +1,4 @@
 rootProject.name=Thesis Track
-spring_boot_version=3.3.5
+spring_boot_version=3.3.6
 netty_version=4.1.115.Final
-testcontainer_version=1.20.3
+test_container_version=1.20.4
diff --git a/server/gradle/wrapper/gradle-wrapper.properties b/server/gradle/wrapper/gradle-wrapper.properties
@@ -1,6 +1,6 @@
 distributionBase=GRADLE_USER_HOME
 distributionPath=wrapper/dists
-distributionUrl=https\://services.gradle.org/distributions/gradle-8.11-bin.zip
+distributionUrl=https\://services.gradle.org/distributions/gradle-8.11.1-bin.zip
 networkTimeout=10000
 validateDistributionUrl=true
 zipStoreBase=GRADLE_USER_HOME

diff --git a/server/src/main/java/thesistrack/ls1/security/JwtAuthConverter.java b/server/src/main/java/thesistrack/ls1/security/JwtAuthConverter.java
@@ -1,6 +1,8 @@
 package thesistrack.ls1.security;
 
 import org.springframework.core.convert.converter.Converter;
+import org.springframework.lang.NonNull;
+import org.springframework.lang.Nullable;
 import org.springframework.security.authentication.AbstractAuthenticationToken;
 import org.springframework.security.core.GrantedAuthority;
 import org.springframework.security.core.authority.SimpleGrantedAuthority;
@@ -26,7 +28,8 @@ public JwtAuthConverter(JwtAuthConfig config) {
     }
 
     @Override
-    public AbstractAuthenticationToken convert(Jwt jwt) {
+    @Nullable
+    public AbstractAuthenticationToken convert(@NonNull Jwt jwt) {
         Collection<GrantedAuthority> authorities = Stream.concat(
                 jwtGrantedAuthoritiesConverter.convert(jwt).stream(),
                 extractResourceRoles(jwt).stream()).collect(Collectors.toSet());
@@ -35,19 +38,27 @@ public AbstractAuthenticationToken convert(Jwt jwt) {
     }
 
     private Collection<? extends GrantedAuthority> extractResourceRoles(Jwt jwt) {
-        Map<String, Object> resourceAccess = jwt.getClaim("resource_access");
+        // Retrieve the resource access claim as a nested map structure
+        Map<String, Map<String, Collection<String>>> resourceAccess = jwt.getClaim("resource_access");
+        if (resourceAccess == null) {
+            return Set.of();
+        }
 
-        Map<String, Object> resource;
-        Collection<String> resourceRoles;
+        // Get the client-specific resource and its roles
+        var resourceObject = resourceAccess.get(config.getClientId());
+        if (resourceObject == null) {
+            return Set.of();
+        }
 
-        if (resourceAccess == null
-                || (resource = (Map<String, Object>) resourceAccess.get(config.getClientId())) == null
-                || (resourceRoles = (Collection<String>) resource.get("roles")) == null) {
+        // Get the roles from the resource object
+        var resourceRoles = resourceObject.get("roles");
+        if (resourceRoles == null) {
             return Set.of();
         }
 
+        // Convert roles into GrantedAuthority objects
         return resourceRoles.stream()
                 .map(role -> new SimpleGrantedAuthority("ROLE_" + role))
                 .collect(Collectors.toSet());
     }
-}
+}