Example 1 with USER_CONTEXT
use of com.canoo.dp.impl.security.SecurityConstants.USER_CONTEXT in project dolphin-platform by canoo.
the class KeycloakSecurityContextExtractFilter method doFilter.
public void doFilter(final ServletRequest request, final ServletResponse response, final FilterChain chain) throws IOException, ServletException {
final HttpServletRequest req = (HttpServletRequest) request;
Assert.requireNonNull(chain, "chain");
final KeycloakSecurityContext securityContext = keyCloakSecurityExtractor.extractContext(request);
contextHolder.set(securityContext);
realmHolder.set(req.getHeader(REALM_NAME_HEADER));
appNameHolder.set(req.getHeader(APPLICATION_NAME_HEADER));
accessDenied.set(false);
final Subscription userContextSubscription = Optional.ofNullable(securityContext).map(c -> c.getToken()).map(t -> t.getPreferredUsername()).map(u -> ContextManagerImpl.getInstance().addThreadContext(USER_CONTEXT, u)).orElse(null);
try {
chain.doFilter(request, response);
} catch (Exception e) {
if (!accessDenied.get()) {
throw e;
} else {
LOG.error("SecurityContext error in request", e);
}
} finally {
Optional.ofNullable(userContextSubscription).ifPresent(s -> s.unsubscribe());
contextHolder.set(null);
boolean sendAccessDenied = accessDenied.get();
accessDenied.set(false);
if (sendAccessDenied) {
((HttpServletResponse) response).sendError(403, "Access Denied");
}
}
}
Also used :
HttpServletRequest(javax.servlet.http.HttpServletRequest)
FilterChain(javax.servlet.FilterChain)
ServletRequest(javax.servlet.ServletRequest)
Subscription(com.canoo.platform.core.functional.Subscription)
Logger(org.slf4j.Logger)
Assert(com.canoo.dp.impl.platform.core.Assert)
ContextManagerImpl(com.canoo.dp.impl.platform.core.context.ContextManagerImpl)
ServletException(javax.servlet.ServletException)
LoggerFactory(org.slf4j.LoggerFactory)
HttpServletResponse(javax.servlet.http.HttpServletResponse)
IOException(java.io.IOException)
API(org.apiguardian.api.API)
USER_CONTEXT(com.canoo.dp.impl.security.SecurityConstants.USER_CONTEXT)
INTERNAL(org.apiguardian.api.API.Status.INTERNAL)
HttpServletRequest(javax.servlet.http.HttpServletRequest)
REALM_NAME_HEADER(com.canoo.dp.impl.security.SecurityConstants.REALM_NAME_HEADER)
KeycloakSecurityContext(org.keycloak.KeycloakSecurityContext)
ServletResponse(javax.servlet.ServletResponse)
APPLICATION_NAME_HEADER(com.canoo.dp.impl.security.SecurityConstants.APPLICATION_NAME_HEADER)
FilterConfig(javax.servlet.FilterConfig)
Optional(java.util.Optional)
Filter(javax.servlet.Filter)
KeycloakSecurityContext(org.keycloak.KeycloakSecurityContext)
HttpServletResponse(javax.servlet.http.HttpServletResponse)
Subscription(com.canoo.platform.core.functional.Subscription)
ServletException(javax.servlet.ServletException)
IOException(java.io.IOException)
Aggregations
Assert (com.canoo.dp.impl.platform.core.Assert)1
ContextManagerImpl (com.canoo.dp.impl.platform.core.context.ContextManagerImpl)1
APPLICATION_NAME_HEADER (com.canoo.dp.impl.security.SecurityConstants.APPLICATION_NAME_HEADER)1
REALM_NAME_HEADER (com.canoo.dp.impl.security.SecurityConstants.REALM_NAME_HEADER)1
USER_CONTEXT (com.canoo.dp.impl.security.SecurityConstants.USER_CONTEXT)1
Subscription (com.canoo.platform.core.functional.Subscription)1
IOException (java.io.IOException)1
Optional (java.util.Optional)1
Filter (javax.servlet.Filter)1
FilterChain (javax.servlet.FilterChain)1
FilterConfig (javax.servlet.FilterConfig)1
ServletException (javax.servlet.ServletException)1
ServletRequest (javax.servlet.ServletRequest)1
ServletResponse (javax.servlet.ServletResponse)1
HttpServletRequest (javax.servlet.http.HttpServletRequest)1
HttpServletResponse (javax.servlet.http.HttpServletResponse)1
API (org.apiguardian.api.API)1
INTERNAL (org.apiguardian.api.API.Status.INTERNAL)1
KeycloakSecurityContext (org.keycloak.KeycloakSecurityContext)1
Logger (org.slf4j.Logger)1
