Search code examples
javaspringcas

Apereo Cas - Custom Principal Id release

I need to edit the principal id that will be returned to a cas client application.

The principal I need to edit is returned from an external idp which I do not own and its format is like this:

Id: idp autogenerated ID having no meaning for my setup
Attributes:
... Some attributes I do not need ...
**ImportantId**(this is the property I need)

I have read the official documentation so from my understanding the related part of my service json file should be:

...       
"usernameAttributeProvider" : {
        "@class" : "com.mypackage.cas.principal.MyCustomRegisteredServiceUsernameProvider",
        "canonicalizationMode" : "NONE"

In my custom UserNameProvider class, I need to access db in order to get my setup specific username based on the importantId I mentioned above, so I need to do something like this : 

public class MyCustomRegisteredServiceUsernameProvider implements RegisteredServiceUsernameAttributeProvider {

    @Autowired
    UsersService usersService;

    @Override
    public String resolveUsername(Principal principal, Service service, RegisteredService registeredService) {
        // String importantId = ...getting it from principal attributes.. 
        return usersService.getUserNameFromImportant(importantId);

    }   
}

The problem is that Autowired annotation unfortunately is not working, thus my UsersService is not initialized resulting in a NPE at runtime.

So, firstly I would like to know why my approach is not working and secondly what is the cas "official" way to achieve this behavior?

Cas Version: 5.3.4 Cas overlay template

Env: W10 x64, Java 8

Deployed on Wildfly 12

Solution

  • So, firstly I would like to know why my approach is not working

    ...because such providers are not spring-managed beans. They are serialized objects found off of JSON documents, and such and never pass through the Spring runtime.

    and secondly what is the cas "official" way to achieve this behavior?

    One possible workaround would be to remove the injected field and do this in your resolveUsername method:

    var appContext = ApplicationContextProvider.getApplicationContext();
var usersService = appContext.getBean("bean-name", UsersService.class);
return usersService.getUserNameFromImportant(importantId);