Check for open access enabled (#218)

Gcolon021 · web-flow · commit a433efb6ed9c · 2024-10-01T15:47:58.000-04:00
diff --git a/pic-sure-auth-services/src/main/java/edu/harvard/hms/dbmi/avillach/auth/rest/OpenAccessController.java b/pic-sure-auth-services/src/main/java/edu/harvard/hms/dbmi/avillach/auth/rest/OpenAccessController.java
@@ -3,6 +3,7 @@
 import edu.harvard.hms.dbmi.avillach.auth.service.impl.authorization.AuthorizationService;
 import io.swagger.v3.oas.annotations.Parameter;
 import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.beans.factory.annotation.Value;
 import org.springframework.http.ResponseEntity;
 import org.springframework.stereotype.Controller;
 import org.springframework.web.bind.annotation.RequestBody;
@@ -15,16 +16,22 @@
 public class OpenAccessController {
 
     private final AuthorizationService authorizationService;
+    private final boolean openIdpProviderIsEnabled;
 
     @Autowired
-    public OpenAccessController(AuthorizationService authorizationService) {
+    public OpenAccessController(AuthorizationService authorizationService, @Value("${open.idp.provider.is.enabled}") boolean openIdpProviderIsEnabled) {
         this.authorizationService = authorizationService;
+        this.openIdpProviderIsEnabled = openIdpProviderIsEnabled;
     }
 
     @RequestMapping(value = "/validate", produces = "application/json")
     public ResponseEntity<?> validate(@Parameter(required = true, description = "A JSON object that at least" +
             " include a user the token for validation")
                          @RequestBody Map<String, Object> inputMap) {
+        if (!openIdpProviderIsEnabled) {
+            return ResponseEntity.ok(false);
+        }
+
         boolean isValid = authorizationService.openAccessRequestIsValid(inputMap);
         return ResponseEntity.ok(isValid);
     }
