88import org .springframework .security .oauth2 .provider .token .DefaultUserAuthenticationConverter ;
99
1010import java .util .Collection ;
11- import java .util .HashSet ;
1211import java .util .List ;
1312import java .util .Map ;
1413import java .util .Optional ;
15- import java .util .Set ;
1614
1715/**
1816 * Converts a {@link FafUserDetails} from and to an {@link Authentication} for use in a JWT token.
@@ -44,11 +42,7 @@ public Authentication extractAuthentication(Map<String, ?> map) {
4442 String username = (String ) map .get (USERNAME );
4543 boolean accountNonLocked = Optional .ofNullable ((Boolean ) map .get (NON_LOCKED )).orElse (true );
4644 Collection <? extends GrantedAuthority > authorities = getAuthorities (map );
47-
48- // This is a violation of separation of User and Client permission, but the whole code is deprecated once we use
49- // OpenID everywhere!
50- Set <String > scopes = new HashSet <>((List <String >) map .get ("scope" ));
51- UserDetails user = new FafUserDetails (id , username , "N/A" , accountNonLocked , authorities , scopes );
45+ UserDetails user = new FafUserDetails (id , username , "N/A" , accountNonLocked , authorities );
5246
5347 return new UsernamePasswordAuthenticationToken (user , "N/A" , authorities );
5448 } else {
@@ -68,9 +62,7 @@ public Authentication extractAuthentication(Map<String, ?> map) {
6862 .map (role -> (GrantedAuthority ) () -> "ROLE_" + role )
6963 .toList ();
7064
71- var scopes = new HashSet <>((List <String >) map .get ("scp" ));
72-
73- UserDetails user = new FafUserDetails (id , "username" , "N/A" , false , authorities , scopes );
65+ UserDetails user = new FafUserDetails (id , "username" , "N/A" , false , authorities );
7466 return new UsernamePasswordAuthenticationToken (user , "N/A" , authorities );
7567 }
7668
0 commit comments