pagan
/
quarkus-extensions
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Updated extensions to Quarkus 1.4.2

Browse Source
master
Edward M. Kagan 6 years ago
parent a0fadd0534
commit a4ec697c3e
4 changed files with 77 additions and 84 deletions
Show Stats Download Patch File Download Diff File

4
.gitignore vendored
Unescape Escape View File

@ -0,0 +1,4 @@
/janitor/runtime/target/
/janitor/deployment/target/
/cayenne/deployment/target/
/cayenne/runtime/target/

25
janitor/runtime/src/main/java/org/pagan/janitor/security/JanitorAuthMechanism.java
Unescape Escape View File

@ -7,15 +7,14 @@ import io.quarkus.security.identity.request.AuthenticationRequest;
import io.quarkus.vertx.http.runtime.security.ChallengeData;
import io.quarkus.vertx.http.runtime.security.HttpAuthenticationMechanism;
import io.quarkus.vertx.http.runtime.security.HttpCredentialTransport;
import io.smallrye.mutiny.Uni;
import io.vertx.core.http.Cookie;
import io.vertx.core.http.HttpMethod;
import io.vertx.core.http.HttpServerRequest;
import io.vertx.core.http.HttpServerResponse;
import io.vertx.core.http.Cookie;
import io.vertx.ext.web.RoutingContext;
import java.util.Collections;
import java.util.Set;
import java.util.concurrent.CompletableFuture;
import java.util.concurrent.CompletionStage;
import javax.enterprise.context.ApplicationScoped;
import org.pagan.janitor.JanitorConfig;
@ -33,7 +32,7 @@ public class JanitorAuthMechanism implements HttpAuthenticationMechanism {
}
@Override
public CompletionStage<SecurityIdentity> authenticate(RoutingContext context, IdentityProviderManager janitorIdentityProvider) {
public Uni<SecurityIdentity> authenticate(RoutingContext context, IdentityProviderManager janitorIdentityProvider) {
Cookie cookie = context.getCookie(config.cookieName);
if (cookie != null) {
final HttpServerRequest request = context.request();
@ -59,26 +58,14 @@ public class JanitorAuthMechanism implements HttpAuthenticationMechanism {
}
@Override
public CompletionStage<ChallengeData> getChallenge(RoutingContext rc) {
System.out.println("getChallenge");
return CompletableFuture.completedFuture(
public Uni<ChallengeData> getChallenge(RoutingContext rc) {
return Uni.createFrom().item(
new ChallengeData(
HttpResponseStatus.UNAUTHORIZED.code(), "", ""
)
);
}
@Override
public CompletionStage<Boolean> sendChallenge(RoutingContext context) {
System.out.println("sendChallenge");
Cookie cookie = context.getCookie(config.cookieName);
if (cookie != null) {
cookie.setMaxAge(0);
}
context.response().setStatusCode(HttpResponseStatus.UNAUTHORIZED.code());
return CompletableFuture.completedFuture(false);
}
@Override
public Set<Class<? extends AuthenticationRequest>> getCredentialTypes() {
System.out.println("getCredentialTypes");
@ -87,7 +74,7 @@ public class JanitorAuthMechanism implements HttpAuthenticationMechanism {
@Override
public HttpCredentialTransport getCredentialTransport() {
System.out.println("getCredentialTransport");
System.out.println("getCredentialTypes");
return new HttpCredentialTransport(HttpCredentialTransport.Type.COOKIE, config.cookieName);
}

128
janitor/runtime/src/main/java/org/pagan/janitor/security/JanitorIdentityProvider.java
Unescape Escape View File

@ -5,16 +5,16 @@ import io.quarkus.security.identity.AuthenticationRequestContext;
import io.quarkus.security.identity.IdentityProvider;
import io.quarkus.security.identity.SecurityIdentity;
import io.quarkus.security.runtime.QuarkusSecurityIdentity;
import io.smallrye.mutiny.Uni;
import io.smallrye.mutiny.subscription.UniEmitter;
import io.vertx.core.http.HttpMethod;
import io.vertx.core.logging.Logger;
import io.vertx.core.logging.LoggerFactory;
import java.util.concurrent.CompletableFuture;
import java.util.concurrent.CompletionStage;
import java.util.function.Consumer;
import javax.enterprise.context.ApplicationScoped;
import javax.inject.Inject;
import org.pagan.janitor.cache.SessionCache;
import org.pagan.janitor.cache.SessionInfo;
//import org.pagan.janitor.security.JanitorPrincipalProducer.NullSessionToken;
/**
* @author Edward M. Kagan
@ -34,79 +34,81 @@ public class JanitorIdentityProvider implements IdentityProvider<JanitorAuthenti
}
@Override
public CompletionStage<SecurityIdentity> authenticate(
JanitorAuthenticationRequest request,
public Uni<SecurityIdentity> authenticate(JanitorAuthenticationRequest request,
AuthenticationRequestContext context) {
if (request.getMethod() == null) {
return anonymous();
}
final HttpMethod method = request.getMethod();
final String sessionId = request.getSessionId();
final String csrfToken = request.getCsrfToken();
final String path = request.getPath();
if (request.getOrigin() != null && request.getOrigin().length() > 0)
{
// request.putHeader("Access-Control-Allow-Origin", request.getOrigin());
// request.putHeader("Access-Control-Allow-Methods", "POST, PUT, GET, OPTIONS, DELETE, PATCH, HEAD");
// request.putHeader("Access-Control-Allow-Credentials", "true");
// request.putHeader("Access-Control-Max-Age", "1209600");
// request.putHeader("Access-Control-Expose-Headers", "X-CSRF-TOKEN, X-CSRF-ERROR");
// request.putHeader("Access-Control-Allow-Headers", "origin, accept, authorization, content-type, x-requested-with, x-csrf-token, x-csrf-error");
}
if (method == HttpMethod.OPTIONS) {
LOG.debug("method = OPTIONS");
return anonymous();
}
if (sessionId == null) {
LOG.debug("sessionId = null");
return anonymous();
}
SessionInfo sessionInfo = sessionCache.get(sessionId);
LOG.debug("sessionInfo = " + sessionInfo);
if (sessionInfo == null) {
LOG.debug("session info not found in session storage");
return anonymous();
}
if (method != HttpMethod.GET && method != HttpMethod.HEAD) {
LOG.debug("path = " + path);
if (!path.equals("/api/auth/") && !path.equals("/api/auth") ) {
if (csrfToken == null) {
LOG.warn("csrfToken is null");
return failed();
return Uni.createFrom().emitter(new Consumer<UniEmitter<? super SecurityIdentity>>() {
@Override
public void accept(UniEmitter<? super SecurityIdentity> uniEmitter) {
if (request.getMethod() == null) {
anonymous(uniEmitter);
}
if (!sessionInfo.csrfToken().equals(csrfToken)) {
LOG.error("bad csrfToken");
return failed();
final HttpMethod method = request.getMethod();
final String sessionId = request.getSessionId();
final String csrfToken = request.getCsrfToken();
final String path = request.getPath();
if (request.getOrigin() != null && request.getOrigin().length() > 0) {
// request.putHeader("Access-Control-Allow-Origin", request.getOrigin());
// request.putHeader("Access-Control-Allow-Methods", "POST, PUT, GET, OPTIONS, DELETE, PATCH, HEAD");
// request.putHeader("Access-Control-Allow-Credentials", "true");
// request.putHeader("Access-Control-Max-Age", "1209600");
// request.putHeader("Access-Control-Expose-Headers", "X-CSRF-TOKEN, X-CSRF-ERROR");
// request.putHeader("Access-Control-Allow-Headers", "origin, accept, authorization, content-type, x-requested-with, x-csrf-token, x-csrf-error");
}
if (method == HttpMethod.OPTIONS) {
LOG.debug("method = OPTIONS");
anonymous(uniEmitter);
}
if (sessionId == null) {
LOG.debug("sessionId = null");
anonymous(uniEmitter);
}
SessionInfo sessionInfo = sessionCache.get(sessionId);
LOG.debug("sessionInfo = " + sessionInfo);
if (sessionInfo == null) {
LOG.debug("session info not found in session storage");
anonymous(uniEmitter);
}
}
}
return principal(sessionInfo);
if (method != HttpMethod.GET && method != HttpMethod.HEAD) {
LOG.debug("path = " + path);
if (!path.equals("/api/auth/") && !path.equals("/api/auth")) {
if (csrfToken == null) {
LOG.warn("csrfToken is null");
failed(uniEmitter);
}
if (!sessionInfo.csrfToken().equals(csrfToken)) {
LOG.error("bad csrfToken");
failed(uniEmitter);
}
}
}
principal(uniEmitter, sessionInfo);
}
});
}
private CompletionStage<SecurityIdentity> anonymous() {
return principal(SessionInfo.ANONYMOUS);
private void anonymous(UniEmitter<? super SecurityIdentity> uniEmitter) {
principal(uniEmitter, SessionInfo.ANONYMOUS);
}
private CompletionStage<SecurityIdentity> principal(SessionInfo sessionInfo) {
return CompletableFuture.completedFuture(
QuarkusSecurityIdentity.builder().setPrincipal(sessionInfo)
private void principal(UniEmitter<? super SecurityIdentity> uniEmitter, SessionInfo sessionInfo) {
uniEmitter.complete(
QuarkusSecurityIdentity.builder()
.setPrincipal(sessionInfo)
.addRole(sessionInfo.role())
.build()
);
}
private CompletionStage<SecurityIdentity> failed() {
CompletableFuture<SecurityIdentity> cf = new CompletableFuture<SecurityIdentity>();
cf.completeExceptionally(new AuthenticationFailedException());
return cf;
private void failed(UniEmitter<? super SecurityIdentity> uniEmitter) {
uniEmitter.fail(new AuthenticationFailedException());
}
}

4
pom.xml
Unescape Escape View File

@ -36,10 +36,10 @@
<maven.compiler.target>1.8</maven.compiler.target>
<project.build.sourceEncoding>UTF-8</project.build.sourceEncoding>
<project.reporting.outputEncoding>UTF-8</project.reporting.outputEncoding>
<quarkus-plugin.version>1.3.1.Final</quarkus-plugin.version>
<quarkus-plugin.version>1.4.2.Final</quarkus-plugin.version>
<quarkus.platform.artifact-id>quarkus-universe-bom</quarkus.platform.artifact-id>
<quarkus.platform.group-id>io.quarkus</quarkus.platform.group-id>
<quarkus.platform.version>1.3.1.Final</quarkus.platform.version>
<quarkus.platform.version>1.4.2.Final</quarkus.platform.version>
<surefire-plugin.version>2.22.1</surefire-plugin.version>
<cayenne.version>4.1.RC2</cayenne.version>
<jedis.version>3.2.0</jedis.version>

Write Preview
Loading…
Cancel
Save