From e587480abb0f14fc2cfa0f64eafefc8e6a0a36ce Mon Sep 17 00:00:00 2001
From: balex <balexvicx@gmail.com>
Date: Sat, 14 Mar 2026 22:36:44 +0100
Subject: [PATCH] auth media

---
 .../gateway/security/GitHubEmailFetcher.java  | 48 +++++++++++++++++++
 1 file changed, 48 insertions(+)
 create mode 100644 gateway-service/src/main/java/com/posthub/gateway/security/GitHubEmailFetcher.java

diff --git a/gateway-service/src/main/java/com/posthub/gateway/security/GitHubEmailFetcher.java b/gateway-service/src/main/java/com/posthub/gateway/security/GitHubEmailFetcher.java
new file mode 100644
index 0000000..f3e7eab
--- /dev/null
+++ b/gateway-service/src/main/java/com/posthub/gateway/security/GitHubEmailFetcher.java
@@ -0,0 +1,48 @@
+package com.posthub.gateway.security;
+
+import lombok.extern.slf4j.Slf4j;
+import org.springframework.security.oauth2.client.userinfo.DefaultReactiveOAuth2UserService;
+import org.springframework.security.oauth2.client.userinfo.OAuth2UserRequest;
+import org.springframework.security.oauth2.core.user.DefaultOAuth2User;
+import org.springframework.security.oauth2.core.user.OAuth2User;
+import org.springframework.stereotype.Component;
+import org.springframework.web.reactive.function.client.WebClient;
+import reactor.core.publisher.Mono;
+
+import java.util.HashMap;
+import java.util.List;
+import java.util.Map;
+
+@Slf4j
+@Component
+public class GitHubEmailFetcher extends DefaultReactiveOAuth2UserService {
+
+    @Override
+    public Mono<OAuth2User> loadUser(OAuth2UserRequest userRequest) {
+        return super.loadUser(userRequest)
+                .flatMap(user -> {
+                    if (user.getAttribute("email") != null) {
+                        return Mono.just(user);
+                    }
+                    if (!"github".equals(userRequest.getClientRegistration().getRegistrationId())) {
+                        return Mono.just(user);
+                    }
+                    String token = userRequest.getAccessToken().getTokenValue();
+                    return WebClient.create("https://api.github.com")
+                            .get()
+                            .uri("/user/emails")
+                            .headers(h -> h.setBearerAuth(token))
+                            .retrieve()
+                            .bodyToFlux(Map.class)
+                            .filter(e -> Boolean.TRUE.equals(e.get("primary")))
+                            .next()
+                            .map(e -> {
+                                Map<String, Object> attrs = new HashMap<>(user.getAttributes());
+                                attrs.put("email", e.get("email"));
+                                return (OAuth2User) new DefaultOAuth2User(
+                                        user.getAuthorities(), attrs, "id");
+                            })
+                            .defaultIfEmpty(user);
+                });
+    }
+}
\ No newline at end of file