Skip to content

Commit b7fd96c

Browse files
committed
Fixes #1250
1 parent 886b2f4 commit b7fd96c

6 files changed

Lines changed: 20 additions & 14 deletions

File tree

myconext-server/src/main/java/myconext/aa/AttributeAggregatorController.java

Lines changed: 5 additions & 4 deletions
Original file line numberDiff line numberDiff line change
@@ -22,6 +22,7 @@
2222

2323
import java.util.*;
2424
import java.util.stream.Collectors;
25+
import java.util.stream.Stream;
2526

2627

2728
@RestController
@@ -34,14 +35,14 @@ public class AttributeAggregatorController implements HasUserRepository {
3435
@Getter
3536
private final UserRepository userRepository;
3637
private final Manage manage;
37-
private final String schacHomeOrganization;
38+
private final List<String> schacHomeOrganizations;
3839

3940
public AttributeAggregatorController(UserRepository userRepository,
4041
Manage manage,
41-
@Value("${schac_home_organization}") String schacHomeOrganization) {
42+
@Value("${schac_home_organizations}") String schacHomeOrganization) {
4243
this.userRepository = userRepository;
4344
this.manage = manage;
44-
this.schacHomeOrganization = schacHomeOrganization;
45+
this.schacHomeOrganizations = Stream.of(schacHomeOrganization.split(",")).map(String::trim).toList();
4546
}
4647

4748
@GetMapping(value = {"attribute-aggregation"})
@@ -53,7 +54,7 @@ public ResponseEntity<List<UserAttribute>> aggregate(@RequestParam("sp_entity_id
5354
//it might be that the eppn if from the eduID IdP, and then we can look up the user based on that
5455
int indexOfAt = eduPersonPrincipalName.indexOf("@");
5556
String schacHome = eduPersonPrincipalName.substring(indexOfAt + 1);
56-
if (this.schacHomeOrganization.equals(schacHome)) {
57+
if (this.schacHomeOrganizations.contains(schacHome)) {
5758
String uid = eduPersonPrincipalName.substring(0, indexOfAt);
5859
userOptional = userRepository.findUserByUid(uid);
5960
} else if (StringUtils.hasText(eduPersonPrincipalName)) {

myconext-server/src/main/java/myconext/api/AccountLinkerController.java

Lines changed: 3 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -65,6 +65,7 @@
6565
import java.time.temporal.ChronoUnit;
6666
import java.util.*;
6767
import java.util.stream.Collectors;
68+
import java.util.stream.Stream;
6869

6970
import static myconext.crypto.HashGenerator.hash;
7071
import static myconext.log.MDCContext.logWithContext;
@@ -130,7 +131,7 @@ public AccountLinkerController(
130131
Manage manage,
131132
DisposableEmailProviders disposableEmailProviders,
132133
@Value("${mijn_eduid_entity_id}") String mijnEduIDEntityId,
133-
@Value("${schac_home_organization}") String schacHomeOrganization,
134+
@Value("${schac_home_organizations}") String schacHomeOrganizations,
134135
@Value("${email.magic-link-url}") String magicLinkUrl,
135136
@Value("${idp_redirect_url}") String idpBaseRedirectUrl,
136137
@Value("${sp_redirect_url}") String spRedirectUrl,
@@ -163,7 +164,7 @@ public AccountLinkerController(
163164
this.attributeMapper = attributeMapper;
164165
this.manage = manage;
165166
this.disposableEmailProviders = disposableEmailProviders;
166-
this.schacHomeOrganization = schacHomeOrganization;
167+
this.schacHomeOrganization = Stream.of(schacHomeOrganizations.split(",")).map(String::trim).toList().getFirst();
167168
this.mijnEduIDEntityId = mijnEduIDEntityId;
168169
this.magicLinkUrl = magicLinkUrl;
169170
this.idpBaseRedirectUrl = idpBaseRedirectUrl;

myconext-server/src/main/java/myconext/api/UserController.java

Lines changed: 3 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -69,6 +69,7 @@
6969
import java.time.temporal.ChronoUnit;
7070
import java.util.*;
7171
import java.util.stream.Collectors;
72+
import java.util.stream.Stream;
7273

7374
import static myconext.SwaggerOpenIdConfig.OPEN_ID_SCHEME_NAME;
7475
import static myconext.crypto.HashGenerator.hash;
@@ -133,7 +134,7 @@ public UserController(UserRepository userRepository,
133134
CaptchaVerifier captchaVerifier,
134135
@Qualifier("jsonMapper") ObjectMapper objectMapper,
135136
@Value("${email.magic-link-url}") String magicLinkUrl,
136-
@Value("${schac_home_organization}") String schacHomeOrganization,
137+
@Value("${schac_home_organizations}") String schacHomeOrganizations,
137138
@Value("${email_guessing_sleep_millis}") int emailGuessingSleepMillis,
138139
@Value("${sp_redirect_url}") String spBaseUrl,
139140
@Value("${idp_redirect_url}") String idpBaseUrl,
@@ -160,7 +161,7 @@ public UserController(UserRepository userRepository,
160161
this.objectMapper = objectMapper;
161162
this.captchaVerifier = captchaVerifier;
162163
this.magicLinkUrl = magicLinkUrl;
163-
this.schacHomeOrganization = schacHomeOrganization;
164+
this.schacHomeOrganization = Stream.of(schacHomeOrganizations.split(",")).map(String::trim).toList().getFirst();
164165
this.idpBaseUrl = idpBaseUrl;
165166
this.spBaseUrl = spBaseUrl;
166167
this.webAuthnSpRedirectUrl = String.format("%s/security", spBaseUrl);

myconext-server/src/main/java/myconext/remotecreation/RemoteCreationController.java

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -58,12 +58,12 @@ public RemoteCreationController(UserRepository userRepository,
5858
Manage manage,
5959
MailBox mailBox,
6060
AttributeMapper attributeMapper,
61-
@Value("${schac_home_organization}") String schacHomeOrganization) {
61+
@Value("${schac_home_organizations}") String schacHomeOrganizations) {
6262
this.userRepository = userRepository;
6363
this.manage = manage;
6464
this.mailBox = mailBox;
6565
this.attributeMapper = attributeMapper;
66-
this.schacHomeOrganization = schacHomeOrganization;
66+
this.schacHomeOrganization = Stream.of(schacHomeOrganizations.split(",")).map(String::trim).toList().getFirst();
6767
}
6868

6969
@GetMapping(value = {"/email-eduid-exists"})

myconext-server/src/main/resources/application.yml

Lines changed: 2 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -47,7 +47,8 @@ identity-provider-meta-data:
4747
description: "eduID IdP"
4848
logo_uri: "https://static.surfconext.nl/media/idp/eduid.png"
4949

50-
schac_home_organization: eduid.nl
50+
# The first entry is the main schacHome
51+
schac_home_organizations: "eduid.nl, surfguest.nl"
5152

5253
cron:
5354
node-cron-job-responsible: True

myconext-server/src/test/java/myconext/aa/AttributeAggregatorControllerTest.java

Lines changed: 5 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -10,15 +10,16 @@
1010
import java.util.List;
1111
import java.util.Map;
1212
import java.util.Optional;
13+
import java.util.stream.Stream;
1314

1415
import static io.restassured.RestAssured.given;
1516
import static org.junit.Assert.assertEquals;
1617
import static org.junit.Assert.assertTrue;
1718

1819
public class AttributeAggregatorControllerTest extends AbstractIntegrationTest {
1920

20-
@Value("${schac_home_organization}")
21-
private String schacHomeOrganization;
21+
@Value("${schac_home_organizations}")
22+
private String schacHomeOrganizations;
2223

2324
private final String eppn = "1234567890@surfguest.nl";
2425

@@ -39,7 +40,8 @@ public void aggregateUserNotFound() {
3940

4041
@Test
4142
public void aggregateWithEduIDIdP() {
42-
String eduIDEppn = String.format("mdoe@%s", this.schacHomeOrganization);
43+
String schacHomeOrganization = Stream.of(schacHomeOrganizations.split(",")).map(String::trim).toList().getFirst();
44+
String eduIDEppn = String.format("mdoe@%s", schacHomeOrganization);
4345
List<UserAttribute> userAttributes = doAggregate(
4446
"aa", "secret", "http://brand-new-sp", eduIDEppn);
4547
assertEquals(1, userAttributes.size());

0 commit comments

Comments
 (0)