Implement Role Mapping for GitHub OAuth2 Users

Goal
  Establish a secure mechanism to automatically assign internal roles (ADMIN, HANDLER, CASE_OWNER) to users based on their GitHub identity.

  Requirements
   - Implement GrantedAuthoritiesMapper: Create a bean in SecurityConfig to intercept the OAuth2 login flow and translate GitHub user attributes into Spring Security roles.

   -  Define Mapping Logic: 
       - Map specific GitHub usernames to ROLE_ADMIN.
       - Default all other authenticated GitHub users to ROLE_CASE_OWNER.
       
   - Configure Security Filter Chain: Register the mapper within the userInfoEndpoint() configuration to ensure roles are assigned immediately upon successful authentication.
   
- Configurable Admin List: (Optional) Use an environment variable (e.g., GITHUB_ADMIN_USERNAMES) to store the list of admin users so it can be updated without code changes.

- Update Service Layer: Ensure the Actor logic (or @PreAuthorize annotations) can correctly consume these mapped roles for access control.

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Implement Role Mapping for GitHub OAuth2 Users #21

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

Implement Role Mapping for GitHub OAuth2 Users #21

Description

Metadata

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

Issue actions