Examples with AuthScope com.peterphi.std.guice.common.auth.AuthScope used on opensource projects

Search in sources :

Example 1 with AuthScope

use of com.peterphi.std.guice.common.auth.AuthScope in project stdlib by petergeneric.

the class AuthConstraintMethodInterceptor method invoke.

@Override
public Object invoke(final MethodInvocation invocation) throws Throwable {
    // Never handle calls to base methods (like hashCode, toString, etc.)
    if (invocation.getMethod().getDeclaringClass().equals(Object.class))
        return invocation.proceed();
    if (log.isTraceEnabled())
        log.trace("Check authn for: " + invocation.getMethod());
    // Skip auth if we're not inside a Servlet call and we are only to enforce auth constraints on service calls
    if (onlyServletRequest && HttpCallContext.peek() == null) {
        if (log.isTraceEnabled())
            log.trace("Skip authn, should only run on servlet requests and this is not a servlet request");
        return invocation.proceed();
    }
    calls.mark();
    final AuthConstraint constraint = readConstraint(invocation);
    final CurrentUser user = userProvider.get();
    if (user == null)
        throw new IllegalArgumentException("Provider for CurrentUser returned null! Cannot apply AuthConstraint to method " + invocation.getMethod());
    // Acquire the auth scope (for constraint override)
    final AuthScope scope = getScope(constraint);
    // Test the user
    if (passes(scope, constraint, user)) {
        granted.mark();
        return invocation.proceed();
    } else {
        if (!user.isAnonymous())
            authenticatedDenied.mark();
        denied.mark();
        // Throw an exception to refuse access
        throw user.getAccessRefuser().refuse(scope, constraint, user);
    }
}
Also used : CurrentUser(com.peterphi.std.guice.common.auth.iface.CurrentUser) AuthConstraint(com.peterphi.std.guice.common.auth.annotations.AuthConstraint) AuthScope(com.peterphi.std.guice.common.auth.AuthScope)

Example 2 with AuthScope

use of com.peterphi.std.guice.common.auth.AuthScope in project stdlib by petergeneric.

the class AuthConstraintMethodInterceptor method getScope.

private AuthScope getScope(final String id) {
    AuthScope scope = scopes.getIfPresent(id);
    if (scope == null) {
        final String role;
        final Boolean skip;
        if (StringUtils.equals(SCOPE_DEFAULT, id)) {
            role = config.get(GuiceProperties.AUTHZ_DEFAULT_ROLE, null);
            skip = config.getBoolean(GuiceProperties.AUTHZ_DEFAULT_SKIP, true);
        } else {
            role = config.get("framework.webauth.scope." + id + ".role", null);
            skip = config.getBoolean("framework.webauth.scope." + id + ".skip", null);
        }
        scope = new AuthScope(id, role, skip);
        scopes.put(id, scope);
    }
    return scope;
}
Also used : AuthScope(com.peterphi.std.guice.common.auth.AuthScope)

Aggregations

AuthScope (com.peterphi.std.guice.common.auth.AuthScope)2 AuthConstraint (com.peterphi.std.guice.common.auth.annotations.AuthConstraint)1 CurrentUser (com.peterphi.std.guice.common.auth.iface.CurrentUser)1
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial