TMP

Author: RomuDeuxfois

openaev-api/src/main/java/io/openaev/config/security/SecurityService.java

@@ -2,27 +2,21 @@
 
 import static java.util.Optional.ofNullable;
 import static org.springframework.util.StringUtils.hasLength;
-import static org.springframework.util.StringUtils.hasText;
 
-import io.openaev.database.model.Tenant;
 import io.openaev.database.model.User;
 import io.openaev.database.repository.UserRepository;
 import io.openaev.service.UserMappingService;
 import io.openaev.service.UserService;
-import io.openaev.service.tenants.TenantService;
 import io.openaev.service.user_events.UserEventService;
-import jakarta.persistence.EntityNotFoundException;
 import jakarta.validation.constraints.NotBlank;
 import java.util.ArrayList;
 import java.util.List;
 import java.util.Optional;
 import java.util.UUID;
 import lombok.RequiredArgsConstructor;
-import lombok.extern.slf4j.Slf4j;
 import org.springframework.core.env.Environment;
 import org.springframework.stereotype.Service;
 
-@Slf4j
 @Service
 @RequiredArgsConstructor
 public class SecurityService {
@@ -32,15 +26,13 @@ public class SecurityService {
   public static final String GROUPS_MANAGEMENT_SUFFIX = ".groups_management";
   public static final String ALL_ADMIN_PATH_SUFFIX = ".all_admin";
   public static final String AUDIENCE_PATH = ".audience";
-  public static final String TENANT_ID_SUFFIX = ".tenant_id";
   public static final String REGISTRATION_ID = "registration_id";
 
   private final UserRepository userRepository;
   private final UserService userService;
   private final UserMappingService userMappingService;
   private final Environment env;
   private final UserEventService userEventService;
-  private final TenantService tenantService;
 
   public User userManagement(
       String emailAttribute,
@@ -68,7 +60,6 @@ public User userManagement(
                 String.class,
                 "");
         userMappingService.mapCurrentUserWithGroup(groupsManagementObject, user, groups);
-        attachTenant(registrationId, user);
         return this.userService.saveUser(user);
       } else {
         // If user exists, update it
@@ -85,7 +76,6 @@ public User userManagement(
                 String.class,
                 "");
         userMappingService.mapCurrentUserWithGroup(groupsManagementObject, currentUser, groups);
-        attachTenant(registrationId, currentUser);
         return this.userService.saveUser(currentUser);
       }
     }
@@ -101,26 +91,6 @@ public String getAudience(@NotBlank final String registrationId) {
 
   // -- PRIVATE --
 
-  /** Attaches the user to the tenant configured for the given SSO provider registration. */
-  private void attachTenant(String registrationId, User user) {
-    String tenantId =
-        env.getProperty(
-            OPENAEV_PROVIDER_PATH_PREFIX + registrationId + TENANT_ID_SUFFIX, String.class, "");
-    if (!hasText(tenantId)) {
-      return;
-    }
-    boolean alreadyAttached = user.getTenants().stream().anyMatch(t -> t.getId().equals(tenantId));
-    if (alreadyAttached) {
-      return;
-    }
-    try {
-      Tenant tenant = tenantService.findById(tenantId);
-      user.getTenants().add(tenant);
-    } catch (EntityNotFoundException e) {
-      log.warn("SSO tenant ID '{}' configured but not found in database", tenantId);
-    }
-  }
-
   private List<String> getAdminRoles(@NotBlank final String registrationId) {
     String rolesAdminConfig =
         OPENAEV_PROVIDER_PATH_PREFIX + registrationId + ROLES_ADMIN_PATH_SUFFIX;

openaev-api/src/main/java/io/openaev/service/UserMappingService.java

@@ -5,12 +5,9 @@
 import com.fasterxml.jackson.core.type.TypeReference;
 import com.fasterxml.jackson.databind.ObjectMapper;
 import io.openaev.database.model.Group;
-import io.openaev.database.model.Tenant;
 import io.openaev.database.model.User;
 import io.openaev.database.repository.GroupRepository;
-import io.openaev.service.tenants.TenantService;
 import io.openaev.sso.GroupMapping;
-import jakarta.persistence.EntityNotFoundException;
 import jakarta.validation.constraints.NotBlank;
 import java.io.IOException;
 import java.util.ArrayList;
@@ -32,7 +29,6 @@
 public class UserMappingService {
 
   private final GroupRepository groupRepository;
-  private final TenantService tenantService;
   private final Environment env;
   public static final String ROLES_PATH_SUFFIX = "roles_path";
   public static final String GROUPS_PATH_SUFFIX = "groups_path";
@@ -68,7 +64,6 @@ public void mapCurrentUserWithGroup(String property, User user, List<String> gro
               log.error("Did not create new group");
             }
           }
-          attachTenantFromGroupMapping(mapping, user);
         } else {
           log.error(String.format("No corresponding group found for group %s", role));
         }
@@ -91,35 +86,14 @@ public void mapCurrentUserWithGroup(String property, User user, List<String> gro
   private static List<GroupMapping> safeParseMappings(String json) {
     ObjectMapper mapper = new ObjectMapper();
     try {
-      return mapper.readValue(json, new TypeReference<>() {});
+      return mapper.readValue(json, new TypeReference<List<GroupMapping>>() {});
     } catch (IOException e) {
       // Log and return empty list instead of throwing
-      log.error("Failed to parse group mappings: {}", e.getMessage(), e);
+      System.err.println("Failed to parse mappings: " + e.getMessage());
       return List.of();
     }
   }
 
-  /**
-   * Attaches the user to the tenant configured in the group mapping, if any. Skips if tenantId is
-   * not set, the user is already attached, or the tenant is not found.
-   */
-  private void attachTenantFromGroupMapping(GroupMapping mapping, User user) {
-    String tenantId = mapping.getTenantId();
-    if (tenantId == null || tenantId.isBlank()) {
-      return;
-    }
-    boolean alreadyAttached = user.getTenants().stream().anyMatch(t -> t.getId().equals(tenantId));
-    if (alreadyAttached) {
-      return;
-    }
-    try {
-      Tenant tenant = tenantService.findById(tenantId);
-      user.getTenants().add(tenant);
-    } catch (EntityNotFoundException e) {
-      log.warn("Group mapping tenant ID '{}' configured but not found in database", tenantId);
-    }
-  }
-
   /**
    * Extract the roles from a user
    *

openaev-api/src/main/java/io/openaev/sso/GroupMapping.java

@@ -14,7 +14,4 @@ public class GroupMapping {
 
   @JsonProperty("autoCreate")
   private boolean autoCreate;
-
-  @JsonProperty("tenantId")
-  private String tenantId;
 }

openaev-api/src/main/resources/application.properties

@@ -169,7 +169,6 @@ openaev.auth-saml2-enable=false
 # openaev.provider.{registrationId}.roles_admin=
 # openaev.provider.{registrationId}.audience=
 # openaev.provider.{registrationId}.groups_management=
-# openaev.provider.{registrationId}.tenant_id=
 
 ## Kerberos
 openaev.auth-kerberos-enable=false