diff --git a/notification-core/src/main/java/org/opengroup/osdu/notification/auth/AuthorizationFilter.java b/notification-core/src/main/java/org/opengroup/osdu/notification/auth/AuthorizationFilter.java
index 0d469306832359795a90ab339dd622f2a93a6d85..a69afee5236d5d4f03873c112f5e1c3e140a992e 100644
--- a/notification-core/src/main/java/org/opengroup/osdu/notification/auth/AuthorizationFilter.java
+++ b/notification-core/src/main/java/org/opengroup/osdu/notification/auth/AuthorizationFilter.java
@@ -63,25 +63,23 @@ public class AuthorizationFilter {
if (Arrays.asList(requiredRoles).contains(Config.CRON) && requestInfoExt.isCronRequest()) {
dpsHeaders.put(DpsHeaders.USER_EMAIL, Config.CRON);
requestInfoExt.setHeaders(dpsHeaders);
- return true;
} else if (Arrays.asList(requiredRoles).contains(Config.PUBSUB)) {
String jwt = dpsHeaders.getAuthorization().substring(BEARER_PREFIX.length());
if (!this.validator.isValidPublisherServiceAccount(jwt)) {
- if (!this.authorizeWithEntitlements(requiredRoles)) {
- throw new AppException(401, "Invalid User Identity", "this user is not authorized for this operation");
- }
+ this.authorizeWithEntitlements(requiredRoles);
+ } else {
+ return false;
}
- return true;
} else {
- return authorizeWithEntitlements(requiredRoles);
+ authorizeWithEntitlements(requiredRoles);
}
+ return true;
}
- private boolean authorizeWithEntitlements(String... requiredRoles) {
- AuthorizationResponse authorizationResponse = authService.authorizeAny(requestInfoExt.getHeaders(), requiredRoles);
+ private void authorizeWithEntitlements(String... requiredRoles) {
DpsHeaders dpsHeaders = requestInfoExt.getHeaders();
+ AuthorizationResponse authorizationResponse = authService.authorizeAny(dpsHeaders, requiredRoles);
dpsHeaders.put(DpsHeaders.USER_EMAIL, authorizationResponse.getUser());
requestInfoExt.setHeaders(dpsHeaders);
- return true;
}
}