Closes #709 Fix FafAuthenticationConverter

bukajsytlos · Brutus5000 · commit a2b45aabd6ca · 2023-03-01T11:01:18.000+01:00
diff --git a/src/main/java/com/faforever/api/security/FafAuthenticationConverter.java b/src/main/java/com/faforever/api/security/FafAuthenticationConverter.java
@@ -1,16 +1,12 @@
 package com.faforever.api.security;
 
-import com.nimbusds.jose.shaded.gson.JsonArray;
-import com.nimbusds.jose.shaded.gson.JsonObject;
+import java.util.List;
+import java.util.Map;
+
 import org.springframework.core.convert.converter.Converter;
 import org.springframework.security.authentication.AbstractAuthenticationToken;
 import org.springframework.security.oauth2.jwt.Jwt;
 
-import java.util.List;
-import java.util.Optional;
-import java.util.stream.Stream;
-import java.util.stream.StreamSupport;
-
 /**
  * Jwt converter that reads scopes + custom FAF roles from the token extension.
  */
@@ -31,32 +27,20 @@ private int extractUserId(Jwt source) {
   }
 
   private String extractUsername(Jwt source) {
-    JsonObject ext = source.getClaim("ext");
-    String username = Optional.ofNullable(ext)
-      .flatMap(jsonObject -> Optional.ofNullable(jsonObject.get("username").getAsString()))
-      .orElse("[undefined]");
-
+    Map<String, Object> ext = source.getClaim("ext");
+    String username = (String) ext.getOrDefault("username", "[undefined]");
     return username;
   }
 
   private List<FafScope> extractScopes(Jwt source) {
-    JsonArray jwtScopes = source.getClaim("scp");
-    List<FafScope> scopes = Optional.ofNullable(jwtScopes)
-      .map(jsonArray -> StreamSupport.stream(jsonArray.spliterator(), false).map(scope -> new FafScope(scope.getAsString())))
-      .orElse(Stream.empty())
-      .toList();
-
+    List<String> jwtScopes = source.getClaim("scp");
+    List<FafScope> scopes = jwtScopes.stream().map(FafScope::new).toList();
     return scopes;
   }
 
   public List<FafRole> extractRoles(Jwt source) {
-    JsonObject ext = source.getClaim("ext");
-    List<FafRole> roles = Optional.ofNullable(ext)
-      .flatMap(jsonObject -> Optional.ofNullable((JsonArray) jsonObject.get("roles")))
-      .map(jsonArray -> StreamSupport.stream(jsonArray.spliterator(), false).map(role -> new FafRole(role.getAsString())))
-      .orElse(Stream.empty())
-      .toList();
-
+    Map<String, Object> ext = source.getClaim("ext");
+    final List<FafRole> roles = ((List<String>) ext.getOrDefault("roles", List.of())).stream().map(FafRole::new).toList();
     return roles;
   }
 }
