001/*- 002 * #%L 003 * Smile CDR - CDR 004 * %% 005 * Copyright (C) 2016 - 2025 Smile CDR, Inc. 006 * %% 007 * All rights reserved. 008 * #L% 009 */ 010package ca.cdr.api.security; 011 012import ca.uhn.fhir.rest.api.server.IHasServletAttributes; 013import ca.uhn.fhir.rest.api.server.RequestDetails; 014 015import java.util.Collections; 016import java.util.Set; 017 018import static ca.cdr.api.security.ScopeConstants.CA_CDR_SERVLETATTRIBUTE_OIDC_APPROVED_SCOPES; 019 020public final class ApprovedScopesUtil { 021 private ApprovedScopesUtil() {} 022 023 /** 024 * Extract approved scopes from ServletRequest Details 025 * 026 * @param theRequestDetails probably an instance of ServletRequestDetails 027 * @return the set of approved scopes that have been set in the ServletRequestDetails 028 */ 029 public static Set<String> getApprovedScopes(RequestDetails theRequestDetails) { 030 if (theRequestDetails instanceof IHasServletAttributes requestWithAttributes) { 031 Object approvedScopes = 032 requestWithAttributes.getServletAttribute(CA_CDR_SERVLETATTRIBUTE_OIDC_APPROVED_SCOPES); 033 if (approvedScopes instanceof Set<?> set) { 034 //noinspection unchecked 035 return Collections.unmodifiableSet((Set<String>) set); 036 } 037 } 038 return Collections.emptySet(); 039 } 040}