|
@@ -404,18 +404,19 @@ public class AzureAdAuthenticator implements SsoAuthenticator {
|
|
logger.warn("id is empty: {}", memberOf);
|
|
logger.warn("id is empty: {}", memberOf);
|
|
}
|
|
}
|
|
final String[] names = fessConfig.getAzureAdPermissionFields();
|
|
final String[] names = fessConfig.getAzureAdPermissionFields();
|
|
|
|
+ final boolean useDomainServices = fessConfig.isAzureAdUseDomainServices();
|
|
for (final String name : names) {
|
|
for (final String name : names) {
|
|
final String value = (String) memberOf.get(name);
|
|
final String value = (String) memberOf.get(name);
|
|
if (StringUtil.isNotBlank(value)) {
|
|
if (StringUtil.isNotBlank(value)) {
|
|
if (memberType.contains("group")) {
|
|
if (memberType.contains("group")) {
|
|
- groupList.add(value);
|
|
|
|
|
|
+ addGroupOrRoleName(groupList, value, useDomainServices);
|
|
} else if (memberType.contains("role")) {
|
|
} else if (memberType.contains("role")) {
|
|
- roleList.add(value);
|
|
|
|
|
|
+ addGroupOrRoleName(roleList, value, useDomainServices);
|
|
} else {
|
|
} else {
|
|
if (logger.isDebugEnabled()) {
|
|
if (logger.isDebugEnabled()) {
|
|
logger.debug("unknown @odata.type: {}", memberOf);
|
|
logger.debug("unknown @odata.type: {}", memberOf);
|
|
}
|
|
}
|
|
- groupList.add(value);
|
|
|
|
|
|
+ addGroupOrRoleName(groupList, value, useDomainServices);
|
|
}
|
|
}
|
|
} else if (logger.isDebugEnabled()) {
|
|
} else if (logger.isDebugEnabled()) {
|
|
logger.debug("{} is empty: {}", name, memberOf);
|
|
logger.debug("{} is empty: {}", name, memberOf);
|
|
@@ -434,6 +435,16 @@ public class AzureAdAuthenticator implements SsoAuthenticator {
|
|
}
|
|
}
|
|
}
|
|
}
|
|
|
|
|
|
|
|
+ protected void addGroupOrRoleName(List<String> list, String value, boolean useDomainServices) {
|
|
|
|
+ list.add(value);
|
|
|
|
+ if (useDomainServices && value.indexOf('@') >= 0) {
|
|
|
|
+ String[] values = value.split("@");
|
|
|
|
+ if (values.length > 1) {
|
|
|
|
+ list.add(values[0]);
|
|
|
|
+ }
|
|
|
|
+ }
|
|
|
|
+ }
|
|
|
|
+
|
|
protected void processParentGroup(final AzureAdUser user, final List<String> groupList, final List<String> roleList, final String id) {
|
|
protected void processParentGroup(final AzureAdUser user, final List<String> groupList, final List<String> roleList, final String id) {
|
|
final Pair<String[], String[]> groupsAndRoles = getParentGroup(user, id);
|
|
final Pair<String[], String[]> groupsAndRoles = getParentGroup(user, id);
|
|
StreamUtil.stream(groupsAndRoles.getFirst()).of(stream -> stream.forEach(groupList::add));
|
|
StreamUtil.stream(groupsAndRoles.getFirst()).of(stream -> stream.forEach(groupList::add));
|