Merge branch 'extend-conditions-for-saml-token' into 'release/1.7.1'

Extend conditions for saml token See merge request !138

Merge branch 'extend-conditions-for-saml-token' into 'release/1.7.1'
201ca0d4 · Lukasz Lopatowski · 6b00d599 · e8bb7c9a · 201ca0d4
Commit 201ca0d4 authored 4 months ago by Lukasz Lopatowski
--- a/src/main/java/net/geant/nmaas/portal/service/impl/OidcUserServiceImpl.java
+++ b/src/main/java/net/geant/nmaas/portal/service/impl/OidcUserServiceImpl.java
@@ -51,14 +51,15 @@ public class OidcUserServiceImpl implements OidcUserService {
                .existsBySamlToken(oidcUserSub);
        boolean existUserByUsernameAsSamlToken = userService
                .existsBySamlToken(oidcUserPreferredUsername);
-        boolean existUserByEmail = userService
-                .existsByEmail(oidcUserEmail);
+        boolean existsUserBySamlTokenAsEmail = userService
+                .existsBySamlToken(oidcUserEmail);

        if (existUserBySamlToken) {
            return userService
                    .findBySamlToken(oidcUserSub)
                    .orElseThrow();
-        } else if (existUserByUsernameAsSamlToken) {
+        } else if (existUserByUsernameAsSamlToken
+                || existsUserBySamlTokenAsEmail) {
            User user = userService
                    .findBySamlToken(oidcUserPreferredUsername)
                    .orElseThrow();
@@ -71,7 +72,7 @@ public class OidcUserServiceImpl implements OidcUserService {
                        + oidcUserPreferredUsername
                        + " does not match internal user ");
            }
-        }  else {
+        } else {
            return registerNewUser(oidcUser);
        }
    }
@@ -116,20 +117,13 @@ public class OidcUserServiceImpl implements OidcUserService {
    @Override
    public boolean externalUserRequiredLinking(OidcUser oidcUser) {

-        String oidcUserSub = oidcUser.getAttribute("sub");
        String oidcUserEmail = oidcUser.getAttribute("email");
-        String oidcUserPreferredUsername = oidcUser.getAttribute("preferred_username");
-
-        boolean existUserBySamlToken = userService
-                .existsBySamlToken(oidcUserSub);
-        boolean existUserByUsernameAsSamlToken = userService
-                .existsBySamlToken(oidcUserPreferredUsername);
-        boolean existUserByEmail = userService
-                .existsByEmail(oidcUserEmail);

-        if(existUserBySamlToken || existUserByUsernameAsSamlToken) {
-            return false;
-        }else return existUserByEmail;
+        if(userService.existsByEmail(oidcUserEmail)){
+            User user = userService.findByEmail(oidcUserEmail);
+            return user.getSamlToken() == null || user.getSamlToken().isEmpty();
+        }
+        return false;
    }

    @Override