Add external sso user id to GET /management/me response
Project: http://git-wip-us.apache.org/repos/asf/usergrid/repo Commit: http://git-wip-us.apache.org/repos/asf/usergrid/commit/f385b074 Tree: http://git-wip-us.apache.org/repos/asf/usergrid/tree/f385b074 Diff: http://git-wip-us.apache.org/repos/asf/usergrid/diff/f385b074 Branch: refs/heads/asf-site Commit: f385b074ba8a543a45778779fdf446902545d696 Parents: 10e8957 Author: Michael Russo <[email protected]> Authored: Mon Aug 1 16:52:35 2016 -0700 Committer: Michael Russo <[email protected]> Committed: Mon Aug 1 16:52:35 2016 -0700 ---------------------------------------------------------------------- .../rest/management/ManagementResource.java | 18 ++++++++++++++++-- 1 file changed, 16 insertions(+), 2 deletions(-) ---------------------------------------------------------------------- http://git-wip-us.apache.org/repos/asf/usergrid/blob/f385b074/stack/rest/src/main/java/org/apache/usergrid/rest/management/ManagementResource.java ---------------------------------------------------------------------- diff --git a/stack/rest/src/main/java/org/apache/usergrid/rest/management/ManagementResource.java b/stack/rest/src/main/java/org/apache/usergrid/rest/management/ManagementResource.java index 737d187..f36c4ff 100644 --- a/stack/rest/src/main/java/org/apache/usergrid/rest/management/ManagementResource.java +++ b/stack/rest/src/main/java/org/apache/usergrid/rest/management/ManagementResource.java @@ -38,6 +38,7 @@ import org.apache.usergrid.rest.management.users.UsersResource; import org.apache.usergrid.security.oauth.AccessInfo; import org.apache.usergrid.security.shiro.principals.PrincipalIdentifier; import org.apache.usergrid.security.shiro.utils.SubjectUtils; +import org.apache.usergrid.security.sso.ApigeeSSO2Provider; import org.apache.usergrid.security.sso.ExternalSSOProvider; import org.apache.usergrid.security.sso.SSOProviderFactory; import org.apache.usergrid.security.tokens.cassandra.TokenServiceImpl; @@ -193,11 +194,18 @@ public class ManagementResource extends AbstractContextResource { this.access_token = userPrincipal.getAccessTokenCredentials().getToken(); } - + String ssoUserId = null; if(ssoEnabled && !user.getUsername().equals(properties.getProperty(USERGRID_SYSADMIN_LOGIN_NAME))){ ExternalSSOProvider provider = ssoProviderFactory.getProvider(); + final Map<String, String> decodedTokenDetails = provider.getDecodedTokenDetails(access_token); + final String expiry = decodedTokenDetails.containsKey("expiry") ? decodedTokenDetails.get("expiry") : "0"; + tokenTtl = - Long.valueOf(provider.getDecodedTokenDetails(access_token).get("expiry")) - System.currentTimeMillis()/1000; + Long.valueOf(expiry) - System.currentTimeMillis()/1000; + + if( provider instanceof ApigeeSSO2Provider ) { + ssoUserId = decodedTokenDetails.get("user_id"); + } }else{ tokenTtl = tokens.getTokenInfo(access_token).getDuration(); @@ -207,6 +215,12 @@ public class ManagementResource extends AbstractContextResource { final AccessInfo access_info = new AccessInfo().withExpiresIn( tokenTtl ).withAccessToken( access_token ) .withPasswordChanged( passwordChanged ); + // if external SSO is enabled, always set the external sso user id property, even if it's null + if ( ssoEnabled ){ + + access_info.setProperty("external_sso_user_id", ssoUserId); + } + access_info.setProperty( "user", management.getAdminUserOrganizationData( user, true ) ); return Response.status( SC_OK ).type( jsonMediaType( callback ) )
