VIC-1918: Tenant data in authorised context

virtualidentityag · Nov 1, 2022 · 36c1d11 · 36c1d11
1 parent 828273e
commit 36c1d11
Show file tree

Hide file tree

Showing 3 changed files with 13 additions and 6 deletions.
diff --git a/src/main/java/com/vi/tenantservice/api/facade/TenantServiceFacade.java b/src/main/java/com/vi/tenantservice/api/facade/TenantServiceFacade.java
@@ -91,7 +91,8 @@ public List<BasicTenantLicensingDTO> getAllTenants() {
   public Optional<RestrictedTenantDTO> findTenantBySubdomain(String subdomain, Long tenantId) {
     var tenantById = tenantService.findTenantBySubdomain(subdomain);
 
-    if (multitenancyWithSingleDomain && authorisationService.isRequestTenantAware(tenantId)) {
+    Optional<Long> tenant = authorisationService.resolveTenantFromRequest(tenantId);
+    if (multitenancyWithSingleDomain && tenant.isPresent()) {
       return getSingleDomainSpecificTenantData(tenantById, tenantId);
     }
 

diff --git a/src/main/java/com/vi/tenantservice/config/security/AuthorisationService.java b/src/main/java/com/vi/tenantservice/config/security/AuthorisationService.java
@@ -47,14 +47,19 @@ private KeycloakPrincipal getPrincipal() {
     return (KeycloakPrincipal) getAuthentication().getPrincipal();
   }
 
-  public boolean isRequestTenantAware(Long tenantId) {
+  public Optional<Long> resolveTenantFromRequest(Long tenantId) {
     if (tenantId != null) {
-      return true;
+      return Optional.of(tenantId);
     }
     HttpServletRequest request =
         ((ServletRequestAttributes) RequestContextHolder.getRequestAttributes())
             .getRequest();
     Cookie token = WebUtils.getCookie(request, "keycloak");
+
+    if (token == null) {
+      return Optional.empty();
+    }
+
     String[] chunks = token.getValue().split("\\.");
     Base64.Decoder decoder = Base64.getUrlDecoder();
     String payload = new String(decoder.decode(chunks[1]));
@@ -63,9 +68,10 @@ public boolean isRequestTenantAware(Long tenantId) {
     try {
       Map<String, Object> map = objectMapper.readValue(payload, Map.class);
       Integer tenantIdFromCookie = (Integer) map.get("tenantId");
-      return tenantIdFromCookie != null;
+      return tenantIdFromCookie == null ? Optional.empty()
+          : Optional.of(Long.valueOf(tenantIdFromCookie));
     } catch (JsonProcessingException e) {
-      return false;
+      return Optional.empty();
     }
 
   }

diff --git a/src/test/java/com/vi/tenantservice/api/facade/TenantServiceFacadeTest.java b/src/test/java/com/vi/tenantservice/api/facade/TenantServiceFacadeTest.java
@@ -214,7 +214,7 @@ void findTenantBySubdomain_Should_returnTenantAwareData_When_RequestIsTenantAwar
     Optional<TenantEntity> accessTokenTenantData = Optional.of(accessTokenTenant);
 
     when(tenantService.findTenantBySubdomain(subdomain)).thenReturn(defaultTenant);
-    when(authorisationService.isRequestTenantAware(null)).thenReturn(true);
+    when(authorisationService.resolveTenantFromRequest(null)).thenReturn(Optional.of(2L));
     when(authorisationService.findTenantIdInAccessToken()).thenReturn(Optional.of(2L));
     when(tenantService.findTenantById(2L)).thenReturn(accessTokenTenantData);