Examples with PowerAuthToken io.getlime.security.powerauth.rest.api.spring.annotation.PowerAuthToken used on opensource projects

Example 1 with PowerAuthToken

use of io.getlime.security.powerauth.rest.api.spring.annotation.PowerAuthToken in project powerauth-restful-integration by lime-company.

the class PowerAuthAnnotationInterceptor method preHandle.

@Override
public boolean preHandle(@NonNull HttpServletRequest request, @NonNull HttpServletResponse response, @NonNull Object handler) {
    // requests before the actual requests.
    if (handler instanceof HandlerMethod) {
        final HandlerMethod handlerMethod = (HandlerMethod) handler;
        // Obtain annotations
        PowerAuth powerAuthSignatureAnnotation = handlerMethod.getMethodAnnotation(PowerAuth.class);
        PowerAuthToken powerAuthTokenAnnotation = handlerMethod.getMethodAnnotation(PowerAuthToken.class);
        PowerAuthEncryption powerAuthEncryptionAnnotation = handlerMethod.getMethodAnnotation(PowerAuthEncryption.class);
        // Check that either signature or token annotation is active
        if (powerAuthSignatureAnnotation != null && powerAuthTokenAnnotation != null) {
            logger.warn("You cannot use both @PowerAuth and @PowerAuthToken on same handler method. We are removing both.");
            powerAuthSignatureAnnotation = null;
            powerAuthTokenAnnotation = null;
        }
        // sign-then-encrypt sequence in case both authorization and encryption are used.
        if (powerAuthEncryptionAnnotation != null) {
            final Type requestType = resolveGenericParameterTypeForEcies(handlerMethod);
            try {
                encryptionProvider.decryptRequest(request, requestType, powerAuthEncryptionAnnotation.scope());
            // Encryption object is saved in HTTP servlet request by encryption provider, so that it is available for Spring
            } catch (PowerAuthEncryptionException ex) {
                logger.warn("Decryption failed, error: {}", ex.getMessage());
                logger.debug("Error details", ex);
            }
        }
        // Resolve @PowerAuth annotation
        if (powerAuthSignatureAnnotation != null) {
            try {
                final String resourceId = expandResourceId(powerAuthSignatureAnnotation.resourceId(), request, handlerMethod);
                final String header = request.getHeader(PowerAuthSignatureHttpHeader.HEADER_NAME);
                final List<PowerAuthSignatureTypes> signatureTypes = Arrays.asList(powerAuthSignatureAnnotation.signatureType());
                final PowerAuthApiAuthentication authentication = authenticationProvider.validateRequestSignatureWithActivationDetails(request, resourceId, header, signatureTypes);
                request.setAttribute(PowerAuthRequestObjects.AUTHENTICATION_OBJECT, authentication);
            } catch (PowerAuthAuthenticationException ex) {
                logger.warn("Invalid request signature, authentication object was removed");
                request.setAttribute(PowerAuthRequestObjects.AUTHENTICATION_OBJECT, null);
            }
        }
        // Resolve @PowerAuthToken annotation
        if (powerAuthTokenAnnotation != null) {
            try {
                final String header = request.getHeader(PowerAuthTokenHttpHeader.HEADER_NAME);
                final List<PowerAuthSignatureTypes> signatureTypes = Arrays.asList(powerAuthTokenAnnotation.signatureType());
                final PowerAuthApiAuthentication authentication = authenticationProvider.validateTokenWithActivationDetails(header, signatureTypes);
                request.setAttribute(PowerAuthRequestObjects.AUTHENTICATION_OBJECT, authentication);
            } catch (PowerAuthAuthenticationException ex) {
                logger.warn("Invalid token, authentication object was removed");
                request.setAttribute(PowerAuthRequestObjects.AUTHENTICATION_OBJECT, null);
            }
        }
    }
    return true;
}