From f6347a9817d3f4e041b07e331031a3938b364335 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?=C3=87a=C4=9Fr=C4=B1=20=C3=9CZEL?= <cagriuzel@gmail.com>
Date: Fri, 13 Sep 2024 13:37:20 +0300
Subject: [PATCH 1/2] Update CustomAuthoritiesOpaqueTokenIntrospector.java

fix roles claims in introspection
---
 .../CustomAuthoritiesOpaqueTokenIntrospector.java     | 11 ++++++++++-
 1 file changed, 10 insertions(+), 1 deletion(-)

diff --git a/spring-cloud-common-security-config/spring-cloud-common-security-config-web/src/main/java/org/springframework/cloud/common/security/support/CustomAuthoritiesOpaqueTokenIntrospector.java b/spring-cloud-common-security-config/spring-cloud-common-security-config-web/src/main/java/org/springframework/cloud/common/security/support/CustomAuthoritiesOpaqueTokenIntrospector.java
index 2d914ee09e..fe59a77de9 100644
--- a/spring-cloud-common-security-config/spring-cloud-common-security-config-web/src/main/java/org/springframework/cloud/common/security/support/CustomAuthoritiesOpaqueTokenIntrospector.java
+++ b/spring-cloud-common-security-config/spring-cloud-common-security-config-web/src/main/java/org/springframework/cloud/common/security/support/CustomAuthoritiesOpaqueTokenIntrospector.java
@@ -66,7 +66,16 @@ private Collection<GrantedAuthority> extractAuthorities(OAuth2AuthenticatedPrinc
 		final List<String> scopes = principal.getAttribute(OAuth2IntrospectionClaimNames.SCOPE);
 		final Set<String> scopesAsSet = new HashSet<>(scopes);
 		final Set<GrantedAuthority> authorities = this.authorityMapper.mapScopesToAuthorities(null, scopesAsSet, token);
-		final Set<GrantedAuthority> authorities2 = this.authorityMapper.mapClaimsToAuthorities(null, Arrays.asList("groups", "roles"));
+
+		List<String> roleClaims = principal.getAttribute("groups");
+		if (roleClaims == null) {
+			roleClaims = principal.getAttribute("roles");
+		}
+		if (roleClaims == null) {
+			roleClaims = new ArrayList<>();
+		}
+		
+		final Set<GrantedAuthority> authorities2 = this.authorityMapper.mapClaimsToAuthorities(null, roleClaims);
 		authorities.addAll(authorities2);
 		return authorities;
 	}

From 93e00cdfaf53e71ae2ae3ce6c1cc7a263ba56808 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?=C3=87a=C4=9Fr=C4=B1=20=C3=9CZEL?= <cagriuzel@gmail.com>
Date: Fri, 13 Sep 2024 13:50:34 +0300
Subject: [PATCH 2/2] Update CustomAuthoritiesOpaqueTokenIntrospector.java

fix build
---
 .../support/CustomAuthoritiesOpaqueTokenIntrospector.java        | 1 +
 1 file changed, 1 insertion(+)

diff --git a/spring-cloud-common-security-config/spring-cloud-common-security-config-web/src/main/java/org/springframework/cloud/common/security/support/CustomAuthoritiesOpaqueTokenIntrospector.java b/spring-cloud-common-security-config/spring-cloud-common-security-config-web/src/main/java/org/springframework/cloud/common/security/support/CustomAuthoritiesOpaqueTokenIntrospector.java
index fe59a77de9..6025e21f8d 100644
--- a/spring-cloud-common-security-config/spring-cloud-common-security-config-web/src/main/java/org/springframework/cloud/common/security/support/CustomAuthoritiesOpaqueTokenIntrospector.java
+++ b/spring-cloud-common-security-config/spring-cloud-common-security-config-web/src/main/java/org/springframework/cloud/common/security/support/CustomAuthoritiesOpaqueTokenIntrospector.java
@@ -20,6 +20,7 @@
 import java.util.HashSet;
 import java.util.List;
 import java.util.Set;
+import java.util.ArrayList;
 
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;