GithubController.java
package edu.ucsb.cs156.frontiers.controllers;
import edu.ucsb.cs156.frontiers.entities.User;
import edu.ucsb.cs156.frontiers.repositories.UserRepository;
import java.util.List;
import org.springframework.security.access.prepost.PreAuthorize;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.GrantedAuthority;
import org.springframework.security.core.context.SecurityContext;
import org.springframework.security.core.context.SecurityContextHolder;
import org.springframework.security.oauth2.client.authentication.OAuth2AuthenticationToken;
import org.springframework.security.oauth2.core.oidc.user.OidcUser;
import org.springframework.web.bind.annotation.DeleteMapping;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RestController;
@RestController
@RequestMapping("/api/github")
public class GithubController extends ApiController {
private final UserRepository userRepository;
public GithubController(UserRepository userRepository) {
super();
this.userRepository = userRepository;
}
@PreAuthorize("hasRole('ROLE_GITHUB')")
@DeleteMapping("/disconnect")
public Object disconnect(SecurityContext context) {
User currentUser = getCurrentUser().getUser();
currentUser.setGithubId(null);
currentUser.setGithubLogin(null);
userRepository.save(currentUser);
Authentication auth = context.getAuthentication();
List<? extends GrantedAuthority> removedAuthority =
auth.getAuthorities().stream()
.filter(r -> !"ROLE_GITHUB".equals(r.getAuthority()))
.toList();
OAuth2AuthenticationToken token = (OAuth2AuthenticationToken) context.getAuthentication();
context.setAuthentication(
new OAuth2AuthenticationToken(
(OidcUser) auth.getPrincipal(),
removedAuthority,
token.getAuthorizedClientRegistrationId()));
SecurityContextHolder.setContext(context);
return genericMessage("Disconnected from GitHub. You may now log in with a different account.");
}
}