Example 1 with JWTokenHandler
use of com.bakdata.conquery.models.auth.basic.JWTokenHandler in project conquery by bakdata.
the class IntrospectionDelegatingRealmFactory method createRealm.
public ConqueryAuthenticationRealm createRealm(ManagerNode managerNode) {
// Register token extractor for JWT Tokens
managerNode.getAuthController().getAuthenticationFilter().registerTokenExtractor(JWTokenHandler::extractToken);
// At start up, try tp retrieve the idp client api object if possible. If the idp service is not up don't fail start up.
authClient = getAuthClient(false);
// Register task to retrieve the idp client api, so the realm can be used, when the idp service is available.
if (managerNode != null && managerNode.getEnvironment().admin() != null) {
managerNode.getEnvironment().admin().addTask(new Task("keycloak-update-authz-client") {
@Override
public void execute(Map<String, List<String>> parameters, PrintWriter output) throws Exception {
// Fail if api could not be received
authClient = getAuthClient(true);
}
});
}
return new IntrospectionDelegatingRealm(managerNode.getStorage(), this);
}
Also used :
JWTokenHandler(com.bakdata.conquery.models.auth.basic.JWTokenHandler)
Task(io.dropwizard.servlets.tasks.Task)
List(java.util.List)
PrintWriter(java.io.PrintWriter)
Example 2 with JWTokenHandler
use of com.bakdata.conquery.models.auth.basic.JWTokenHandler in project conquery by bakdata.
the class LocalAuthenticationConfig method createRealm.
@Override
public ConqueryAuthenticationRealm createRealm(ManagerNode manager) {
// Token extractor is not needed because this realm depends on the ConqueryTokenRealm
manager.getAuthController().getAuthenticationFilter().registerTokenExtractor(JWTokenHandler::extractToken);
LocalAuthenticationRealm realm = new LocalAuthenticationRealm(manager.getValidator(), Jackson.copyMapperAndInjectables(Jackson.BINARY_MAPPER), manager.getAuthController().getConqueryTokenRealm(), storeName, directory, passwordStoreConfig, jwtDuration);
UserAuthenticationManagementProcessor processor = new UserAuthenticationManagementProcessor(realm, manager.getStorage());
// Register resources for users to exchange username and password for an access token
registerAdminUnprotectedAuthenticationResources(manager.getUnprotectedAuthAdmin(), realm);
registerApiUnprotectedAuthenticationResources(manager.getUnprotectedAuthApi(), realm);
registerAuthenticationAdminResources(manager.getAdmin().getJerseyConfig(), processor);
// Add login schema for admin end
final RedirectingAuthFilter redirectingAuthFilter = manager.getAuthController().getRedirectingAuthFilter();
redirectingAuthFilter.getLoginInitiators().add(loginProvider(manager.getUnprotectedAuthAdmin()));
return realm;
}
Also used :
JWTokenHandler(com.bakdata.conquery.models.auth.basic.JWTokenHandler)
LocalAuthenticationRealm(com.bakdata.conquery.models.auth.basic.LocalAuthenticationRealm)
UserAuthenticationManagementProcessor(com.bakdata.conquery.models.auth.basic.UserAuthenticationManagementProcessor)
RedirectingAuthFilter(com.bakdata.conquery.models.auth.web.RedirectingAuthFilter)
Aggregations
JWTokenHandler (com.bakdata.conquery.models.auth.basic.JWTokenHandler)2
LocalAuthenticationRealm (com.bakdata.conquery.models.auth.basic.LocalAuthenticationRealm)1
UserAuthenticationManagementProcessor (com.bakdata.conquery.models.auth.basic.UserAuthenticationManagementProcessor)1
RedirectingAuthFilter (com.bakdata.conquery.models.auth.web.RedirectingAuthFilter)1
Task (io.dropwizard.servlets.tasks.Task)1
PrintWriter (java.io.PrintWriter)1
List (java.util.List)1
