From d4c8a95c77ed40c1a9f4aa4f4f3a08cde061b417 Mon Sep 17 00:00:00 2001 From: nartowsp Date: Mon, 27 Jan 2025 12:07:35 +0100 Subject: [PATCH] Extract correct values for user email and use configuration property to define user display name --- .../cbioportal/web/IndexPageController.java | 21 +++++++++++++++---- .../resources/application.properties.EXAMPLE | 2 +- 2 files changed, 18 insertions(+), 5 deletions(-) diff --git a/src/main/java/org/cbioportal/web/IndexPageController.java b/src/main/java/org/cbioportal/web/IndexPageController.java index 2bd3b95b66f..c1f91236535 100644 --- a/src/main/java/org/cbioportal/web/IndexPageController.java +++ b/src/main/java/org/cbioportal/web/IndexPageController.java @@ -17,6 +17,7 @@ import org.springframework.beans.factory.annotation.Value; import org.springframework.http.ResponseEntity; import org.springframework.security.core.Authentication; +import org.springframework.security.oauth2.core.OAuth2AuthenticatedPrincipal; import org.springframework.stereotype.Controller; import org.springframework.ui.Model; import org.springframework.web.bind.annotation.GetMapping; @@ -47,6 +48,9 @@ public class IndexPageController { @Value("${msk.whole.slide.viewer.secret.key:}") private String wholeSlideViewerKey; + @Value("${skin.user_display_name:email}") + private String userDisplayNameAttribute; + private final ObjectMapper mapper = new ObjectMapper(); private Map getFrontendProperties(HttpServletRequest request, Authentication authentication) { @@ -64,14 +68,23 @@ private Map getFrontendProperties(HttpServletRequest request, Au } } properties.put("base_url", baseUrl); - properties.put("user_email_address", authentication != null ? authentication.getName(): "anonymousUser"); - // TODO: Support skin.user_display_name - properties.put("user_display_name", authentication != null ? authentication.getName(): "anonymousUser"); + properties.put("user_email_address", getPrincipalAttribute(authentication, "email")); + properties.put("user_display_name", getPrincipalAttribute(authentication, userDisplayNameAttribute)); // Set MSK slide viewer token at runtime properties.put("mskWholeSlideViewerToken", getMskWholeSlideViewerToken(wholeSlideViewerKey, authentication)); return properties; } - + + private String getPrincipalAttribute(Authentication authentication, String attributeName) { + if (authentication != null) { + return switch (authentication.getPrincipal()) { + case OAuth2AuthenticatedPrincipal principal -> principal.getAttribute(attributeName); + default -> authentication.getName(); + }; + } + return "anonymousUser"; + } + private String getMskWholeSlideViewerToken(String secretKey, Authentication authentication) { // this token is for the msk portal // the token is generated based on users' timestamp to let the slide viewer know whether the token is expired and then decide whether to allow the user to login the viewer diff --git a/src/main/resources/application.properties.EXAMPLE b/src/main/resources/application.properties.EXAMPLE index e3cd32283e6..6a5282f8c4e 100644 --- a/src/main/resources/application.properties.EXAMPLE +++ b/src/main/resources/application.properties.EXAMPLE @@ -136,7 +136,7 @@ skin.study_view.link_text=To build your own case set, try out our enhanced Study ## setting controlling whether Download tabs and download/copy-to-clipboard controls should be shown # skin.hide_download_controls=false -## setting controlling which name should be used to display the authenticated user (email, or username) +## setting controlling which name should be used to display the authenticated user (email, name or username) # skin.user_display_name=email ## enable and set this property to specify a study group to be used to identify public studies for which no specific authorization entries are needed in the `authorities` table