feat: populate certain attributes when creating jwt auth user from token

OCD-4721
tmy1313 · Nov 25, 2024 · e9c77c7 · e9c77c7
1 parent 76a43cb
commit e9c77c7
Show file tree

Hide file tree

Showing 2 changed files with 22 additions and 1 deletion.
diff --git a/...l-service/src/main/java/gov/healthit/chpl/auth/authentication/JWTUserConverterFacade.java b/...l-service/src/main/java/gov/healthit/chpl/auth/authentication/JWTUserConverterFacade.java
@@ -8,8 +8,10 @@
 import gov.healthit.chpl.auth.jwt.JWTConsumer;
 import gov.healthit.chpl.auth.user.JWTAuthenticatedUser;
 import gov.healthit.chpl.dao.auth.UserDAO;
+import gov.healthit.chpl.domain.auth.User;
 import gov.healthit.chpl.exception.JWTValidationException;
 import gov.healthit.chpl.exception.MultipleUserAccountsException;
+import gov.healthit.chpl.exception.UserRetrievalException;
 import gov.healthit.chpl.user.cognito.CognitoApiWrapper;
 import lombok.extern.log4j.Log4j2;
 
@@ -38,7 +40,21 @@ public JWTAuthenticatedUser getAuthenticatedUser(String jwt) throws JWTValidatio
         //If SSO is on, try to validate the jwt using the Cognito converter
         if (ff4j.check(FeatureList.SSO)) {
             user = cognitoJwtUserConverter.getAuthenticatedUser(jwt);
-        } else {
+            if (user != null) {
+                try {
+                    //Set some values not avail in the Cognito Access Token that were avail in the CHPL token
+                    User cognitoUser = cognitoApiWrapper.getUserInfo(user.getCognitoId());
+                    user.setEmail(cognitoUser.getEmail());
+                    user.setSubjectName(cognitoUser.getEmail());
+                    user.setFullName(cognitoUser.getFullName());
+                } catch (UserRetrievalException e) {
+                    throw new JWTValidationException("Could not locate the Cognito user id");
+                }
+            }
+        }
+
+        //If SSO is off or jwt cannot be converted using the Cognito converter, use the CHP converter
+        if (user == null) {
             user = chplJwtUserConverter.getAuthenticatedUser(jwt);
         }
         return user;

diff --git a/chpl/chpl-service/src/main/java/gov/healthit/chpl/user/cognito/CognitoApiWrapper.java b/chpl/chpl-service/src/main/java/gov/healthit/chpl/user/cognito/CognitoApiWrapper.java
@@ -183,6 +183,7 @@ public User getUserInfo(UUID cognitoId) throws UserRetrievalException {
         return createUserFromGetUserResponse(response);
     }
 
+    @CachePut(CacheNames.COGNITO_USERS)
     public User getUserInfo(String email) throws UserRetrievalException {
         AdminGetUserRequest request = AdminGetUserRequest.builder()
                 .userPoolId(userPoolId)
@@ -197,7 +198,10 @@ public User getUserInfo(String email) throws UserRetrievalException {
     }
 
 
+<<<<<<< Updated upstream
     @CachePut(CacheNames.COGNITO_USERS)
+=======
+>>>>>>> Stashed changes
     public User getUserNoCache(UUID cognitoId) throws UserRetrievalException {
         AdminGetUserRequest request = AdminGetUserRequest.builder()
                 .userPoolId(userPoolId)
@@ -281,6 +285,7 @@ public void setUserPassword(String userName, String password, Boolean permanent)
         }
     }
 
+
     public AdminAddUserToGroupResponse addUserToGroup(String email, String groupName) {
         AdminAddUserToGroupRequest request = AdminAddUserToGroupRequest.builder()
                 .userPoolId(userPoolId)