001package ca.cdr.api.security;
002
003import ca.uhn.fhir.rest.api.server.IHasServletAttributes;
004import ca.uhn.fhir.rest.api.server.RequestDetails;
005
006import java.util.Collections;
007import java.util.Set;
008
009import static ca.cdr.api.security.ScopeConstants.CA_CDR_SERVLETATTRIBUTE_OIDC_APPROVED_SCOPES;
010
011public final class ApprovedScopesUtil {
012        private ApprovedScopesUtil() {}
013
014        /**
015         * Extract approved scopes from ServletRequest Details
016         *
017         * @param theRequestDetails probably an instance of ServletRequestDetails
018         * @return the set of approved scopes that have been set in the ServletRequestDetails
019         */
020        public static Set<String> getApprovedScopes(RequestDetails theRequestDetails) {
021                if (theRequestDetails instanceof IHasServletAttributes requestWithAttributes) {
022                        Object approvedScopes =
023                                        requestWithAttributes.getServletAttribute(CA_CDR_SERVLETATTRIBUTE_OIDC_APPROVED_SCOPES);
024                        if (approvedScopes instanceof Set<?> set) {
025                                //noinspection unchecked
026                                return Collections.unmodifiableSet((Set<String>) set);
027                        }
028                }
029                return Collections.emptySet();
030        }
031}