001/*-
002 * #%L
003 * Smile CDR - CDR
004 * %%
005 * Copyright (C) 2016 - 2025 Smile CDR, Inc.
006 * %%
007 * All rights reserved.
008 * #L%
009 */
010package ca.cdr.api.security;
011
012import ca.uhn.fhir.rest.api.server.IHasServletAttributes;
013import ca.uhn.fhir.rest.api.server.RequestDetails;
014
015import java.util.Collections;
016import java.util.Set;
017
018import static ca.cdr.api.security.ScopeConstants.CA_CDR_SERVLETATTRIBUTE_OIDC_APPROVED_SCOPES;
019
020public final class ApprovedScopesUtil {
021        private ApprovedScopesUtil() {}
022
023        /**
024         * Extract approved scopes from ServletRequest Details
025         *
026         * @param theRequestDetails probably an instance of ServletRequestDetails
027         * @return the set of approved scopes that have been set in the ServletRequestDetails
028         */
029        public static Set<String> getApprovedScopes(RequestDetails theRequestDetails) {
030                if (theRequestDetails instanceof IHasServletAttributes requestWithAttributes) {
031                        Object approvedScopes =
032                                        requestWithAttributes.getServletAttribute(CA_CDR_SERVLETATTRIBUTE_OIDC_APPROVED_SCOPES);
033                        if (approvedScopes instanceof Set<?> set) {
034                                //noinspection unchecked
035                                return Collections.unmodifiableSet((Set<String>) set);
036                        }
037                }
038                return Collections.emptySet();
039        }
040}