001package ca.cdr.api.security; 002 003import ca.uhn.fhir.rest.api.server.IHasServletAttributes; 004import ca.uhn.fhir.rest.api.server.RequestDetails; 005 006import java.util.Collections; 007import java.util.Set; 008 009import static ca.cdr.api.security.ScopeConstants.CA_CDR_SERVLETATTRIBUTE_OIDC_APPROVED_SCOPES; 010 011public final class ApprovedScopesUtil { 012 private ApprovedScopesUtil() {} 013 014 /** 015 * Extract approved scopes from ServletRequest Details 016 * 017 * @param theRequestDetails probably an instance of ServletRequestDetails 018 * @return the set of approved scopes that have been set in the ServletRequestDetails 019 */ 020 public static Set<String> getApprovedScopes(RequestDetails theRequestDetails) { 021 if (theRequestDetails instanceof IHasServletAttributes requestWithAttributes) { 022 Object approvedScopes = 023 requestWithAttributes.getServletAttribute(CA_CDR_SERVLETATTRIBUTE_OIDC_APPROVED_SCOPES); 024 if (approvedScopes instanceof Set<?> set) { 025 //noinspection unchecked 026 return Collections.unmodifiableSet((Set<String>) set); 027 } 028 } 029 return Collections.emptySet(); 030 } 031}