Search in sources :

Example 1 with AuthConstraintInterceptorModule

use of com.peterphi.std.guice.web.rest.auth.interceptor.AuthConstraintInterceptorModule in project stdlib by petergeneric.

the class AutoJAXRSBindingGuiceRole method register.

@Override
public void register(final Stage stage, final ClassScannerFactory scannerFactory, final GuiceConfig config, final GuiceSetup setup, final List<Module> modules, final AtomicReference<Injector> injectorRef, final MetricRegistry metrics) {
    // TODO remove HACK Don't run if we're within a unit test (this is an ugly hack...)
    if (!config.getBoolean(GuiceProperties.UNIT_TEST, false)) {
        final ClassScanner scanner = scannerFactory.getInstance();
        if (scanner == null)
            throw new IllegalArgumentException("No classpath scanner available, missing scan.packages?");
        // Optionally set up JAX-RS Service and Client bindings
        if (config.getBoolean(GuiceProperties.ROLE_JAXRS_SERVER_AUTO, true)) {
            modules.add(new JAXRSAutoRegisterServicesModule(config, scannerFactory));
        }
        // Set up authentication and authorisation logic
        {
            // Set up authentication
            {
                // Set up provider for CurrentUser
                List<String> authProviderNames = config.getList(GuiceProperties.AUTH_PROVIDER_NAMES, null);
                // If no providers set, pick up the defaults based on what's configured
                if (authProviderNames == null || authProviderNames.size() == 0) {
                    authProviderNames = new ArrayList<>();
                    // Set up JWT if a jwt secret is set
                    if (config.containsKey(GuiceProperties.AUTH_JWT_SECRET))
                        authProviderNames.add(GuiceConstants.JAXRS_SERVER_WEBAUTH_JWT_PROVIDER);
                    // Set up OAuth2 if an OAuth2 endpoint is set
                    if (config.containsKey(GuiceProperties.OAUTH2_CLIENT_ENDPOINT)) {
                        // OAuth2 present, anonymous CurrentUser can be claimed by oauth2 provider
                        authProviderNames.add(GuiceConstants.JAXRS_SERVER_WEBAUTH_OAUTH2_PROVIDER);
                    } else {
                        // OAuth2 not present, anonymous CurrentUser can be claimed by servlet provider
                        authProviderNames.add(GuiceConstants.JAXRS_SERVER_WEBAUTH_SERVLET_PROVIDER);
                    }
                }
                // N.B. WebappAuthenticationModule handles JWT and Servlet providers
                if (authProviderNames.contains(GuiceConstants.JAXRS_SERVER_WEBAUTH_OAUTH2_PROVIDER))
                    modules.add(new OAuth2ClientModule());
                modules.add(new WebappAuthenticationModule(metrics, authProviderNames, config));
            }
            // Optionally set up authorisation
            if (config.getBoolean(GuiceProperties.AUTH_ENABLED, true))
                modules.add(new AuthConstraintInterceptorModule(metrics, config));
        }
    }
}
Also used : WebappAuthenticationModule(com.peterphi.std.guice.web.rest.auth.userprovider.WebappAuthenticationModule) ClassScanner(com.peterphi.std.guice.common.ClassScanner) OAuth2ClientModule(com.peterphi.std.guice.web.rest.auth.oauth2.OAuth2ClientModule) AuthConstraintInterceptorModule(com.peterphi.std.guice.web.rest.auth.interceptor.AuthConstraintInterceptorModule)

Aggregations

ClassScanner (com.peterphi.std.guice.common.ClassScanner)1 AuthConstraintInterceptorModule (com.peterphi.std.guice.web.rest.auth.interceptor.AuthConstraintInterceptorModule)1 OAuth2ClientModule (com.peterphi.std.guice.web.rest.auth.oauth2.OAuth2ClientModule)1 WebappAuthenticationModule (com.peterphi.std.guice.web.rest.auth.userprovider.WebappAuthenticationModule)1