@@ -37,27 +37,27 @@ public boolean authorize(LbPrincipal principal,
3737 {
3838 switch (role ) {
3939 case "ADMIN" :
40- log .info ("User '%s' with memberOf(%s) was identified as ADMIN(%s)" ,
41- principal .getName (), principal .getMemberOf (), configuration .getAdmin ());
42- return principal .getMemberOf ()
43- .filter (m -> m .matches (configuration .getAdmin ()))
44- .isPresent ();
40+ return hasRole (principal , role , configuration .getAdmin ());
4541 case "USER" :
46- log .info ("User '%s' with memberOf(%s) identified as USER(%s)" ,
47- principal .getName (), principal .getMemberOf (), configuration .getUser ());
48- return principal .getMemberOf ()
49- .filter (m -> m .matches (configuration .getUser ()))
50- .isPresent ();
42+ return hasRole (principal , role , configuration .getUser ());
5143 case "API" :
52- log .info ("User '%s' with memberOf(%s) identified as API(%s)" ,
53- principal .getName (), principal .getMemberOf (), configuration .getApi ());
54- return principal .getMemberOf ()
55- .filter (m -> m .matches (configuration .getApi ()))
56- .isPresent ();
44+ return hasRole (principal , role , configuration .getApi ());
5745 default :
5846 log .warn ("User '%s' with role %s has no regex match based on ldap search" ,
5947 principal .getName (), role );
6048 return false ;
6149 }
6250 }
51+
52+ private static boolean hasRole (LbPrincipal principal , String role , String regex )
53+ {
54+ boolean matched = principal .getMemberOf ()
55+ .filter (m -> m .matches (regex ))
56+ .isPresent ();
57+ if (matched ) {
58+ log .info ("User '%s' with memberOf(%s) is identified as %s(%s)" ,
59+ principal .getName (), principal .getMemberOf (), role , regex );
60+ }
61+ return matched ;
62+ }
6363}
0 commit comments