fixup! Fixed provectus#4312 the issue where audit was not working

moremagic · moremagic · commit c102792683d3 · 2023-11-13T19:25:26.000+09:00
diff --git a/kafka-ui-api/src/main/java/com/provectus/kafka/ui/service/audit/AuditService.java b/kafka-ui-api/src/main/java/com/provectus/kafka/ui/service/audit/AuditService.java
@@ -6,6 +6,7 @@
 import com.google.common.annotations.VisibleForTesting;
 import com.provectus.kafka.ui.config.ClustersProperties;
 import com.provectus.kafka.ui.config.auth.AuthenticatedUser;
+import com.provectus.kafka.ui.config.auth.RbacUser;
 import com.provectus.kafka.ui.model.KafkaCluster;
 import com.provectus.kafka.ui.model.rbac.AccessContext;
 import com.provectus.kafka.ui.service.AdminClientService;
@@ -30,6 +31,7 @@
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.security.core.GrantedAuthority;
 import org.springframework.security.core.context.SecurityContext;
+import org.springframework.security.core.userdetails.UserDetails;
 import org.springframework.security.oauth2.core.oidc.user.OidcUser;
 import org.springframework.stereotype.Service;
 import reactor.core.publisher.Mono;
@@ -196,18 +198,30 @@ private Mono<AuthenticatedUser> extractUser(Signal<?> sig) {
     Object key = SecurityContext.class;
     if (sig.getContextView().hasKey(key)) {
       return sig.getContextView().<Mono<SecurityContext>>get(key)
-          .map(context -> context.getAuthentication().getPrincipal())
-          .cast(OidcUser.class)
-          .map(user -> {
-            var roles = user.getAuthorities().stream().map(GrantedAuthority::getAuthority).collect(Collectors.toSet());
-            return new AuthenticatedUser(user.getName(), roles);
-          })
+          .map(AuditService::createAuthenticatedUser)
           .switchIfEmpty(NO_AUTH_USER);
     } else {
       return NO_AUTH_USER;
     }
   }
 
+  private static AuthenticatedUser createAuthenticatedUser(SecurityContext context) {
+    var principal = context.getAuthentication().getPrincipal();
+    if (principal instanceof RbacUser user) {
+      return new AuthenticatedUser(user.name(), user.groups());
+    } else if (principal instanceof OidcUser user) {
+      return new AuthenticatedUser(
+          user.getName(),
+          user.getAuthorities().stream().map(GrantedAuthority::getAuthority).collect(Collectors.toSet()));
+    } else if (principal instanceof UserDetails user) {
+      return new AuthenticatedUser(
+          user.getUsername(),
+          user.getAuthorities().stream().map(GrantedAuthority::getAuthority).collect(Collectors.toSet()));
+    } else {
+      return null;
+    }
+  }
+
   private void sendAuditRecord(AccessContext ctx, AuthenticatedUser user) {
     sendAuditRecord(ctx, user, null);
   }
