use of io.helidon.microprofile.server.JaxRsCdiExtension in project helidon by oracle.
the class TracingCdiExtension method prepareTracer.
private void prepareTracer(@Observes @Priority(PLATFORM_BEFORE + 11) @Initialized(ApplicationScoped.class) Object event, BeanManager bm) {
JaxRsCdiExtension jaxrs = bm.getExtension(JaxRsCdiExtension.class);
ServerCdiExtension server = bm.getExtension(ServerCdiExtension.class);
Config config = ((Config) ConfigProvider.getConfig()).get("tracing");
// we need that `tracing.service` is a required configuration, yet we do not want to just fail
// if not present. Let's make a "guess" about the service name
List<JaxRsApplication> jaxRsApps = jaxrs.applicationsToRun();
String serviceName = jaxrs.serviceName();
Tracer tracer = TracerBuilder.create(serviceName).config(config).build();
// tracer is available in global
Contexts.globalContext().register(tracer);
server.serverBuilder().tracer(tracer);
Contexts.context().ifPresent(ctx -> ctx.register(tracer));
if (tracer.getClass().getName().startsWith("io.opentracing.noop")) {
Logger.getLogger(TracingCdiExtension.class.getName()).warning("helidon-microprofile-tracing is on the classpath, yet there is no tracer implementation " + "library. Tracing uses a no-op tracer. As a result, no tracing will be configured" + " for WebServer and JAX-RS");
// no need to register all of this
return;
}
server.serverRoutingBuilder().register(WebTracingConfig.create(config));
jaxRsApps.forEach(app -> app.resourceConfig().register(MpTracingFilter.class));
}
use of io.helidon.microprofile.server.JaxRsCdiExtension in project helidon by oracle.
the class SecurityCdiExtension method registerSecurity.
// security must have priority higher than metrics, openapi and healt
// so we can protect these endpoints
private void registerSecurity(@Observes @Priority(LIBRARY_BEFORE) @Initialized(ApplicationScoped.class) Object adv, BeanManager bm) {
if (securityBuilder.noProvider(AuthenticationProvider.class)) {
LOGGER.info("Authentication provider is missing from security configuration, but security extension for microprofile " + "is enabled (requires providers configuration at key security.providers). " + "Security will not have any valid authentication provider");
securityBuilder.addAuthenticationProvider(this::failingAtnProvider);
}
if (securityBuilder.noProvider(AuthorizationProvider.class)) {
LOGGER.info("Authorization provider is missing from security configuration, but security extension for microprofile " + "is enabled (requires providers configuration at key security.providers). " + "ABAC provider is configured for authorization.");
securityBuilder.addAuthorizationProvider(AbacProvider.create());
}
Security tmpSecurity = securityBuilder.build();
// free it and make sure we fail if somebody wants to update security afterwards
securityBuilder = null;
if (!tmpSecurity.enabled()) {
// security is disabled, we need to set up some basic stuff - injection, security context etc.
LOGGER.info("Security is disabled.");
tmpSecurity = Security.builder().enabled(false).build();
}
// we need an effectively final instance to use in lambda
Security security = tmpSecurity;
// security is available in global
Contexts.globalContext().register(security);
JaxRsCdiExtension jaxrs = bm.getExtension(JaxRsCdiExtension.class);
ServerCdiExtension server = bm.getExtension(ServerCdiExtension.class);
Contexts.context().ifPresent(ctx -> ctx.register(security));
Config jerseyConfig = config.get("security.jersey");
if (jerseyConfig.get("enabled").asBoolean().orElse(true)) {
SecurityFeature feature = SecurityFeature.builder(security).config(jerseyConfig).build();
jaxrs.applicationsToRun().forEach(app -> app.resourceConfig().register(feature));
}
Config webServerConfig = config.get("security.web-server");
if (webServerConfig.exists() && webServerConfig.get("enabled").asBoolean().orElse(true)) {
server.serverRoutingBuilder().register(WebSecurity.create(security, config.get("security")));
}
this.security.set(security);
}
use of io.helidon.microprofile.server.JaxRsCdiExtension in project helidon by oracle.
the class JwtAuthCdiExtension method registerProvider.
void registerProvider(@Observes @Initialized(ApplicationScoped.class) @Priority(PLATFORM_BEFORE + 5) Object event, BeanManager bm) {
// Security extension to update and check builder
SecurityCdiExtension security = bm.getExtension(SecurityCdiExtension.class);
if (security.securityBuilder().hasProvider(JwtAuthProviderService.PROVIDER_NAME)) {
return;
}
// JAX-RS extension to get to applications to see if we are needed
JaxRsCdiExtension jaxrs = bm.getExtension(JaxRsCdiExtension.class);
boolean notNeeded = jaxrs.applicationsToRun().stream().map(JaxRsApplication::applicationClass).flatMap(Optional::stream).map(clazz -> clazz.getAnnotation(LoginConfig.class)).filter(Objects::nonNull).map(LoginConfig::authMethod).noneMatch("MP-JWT"::equals);
if (notNeeded) {
return;
}
security.securityBuilder().addProvider(JwtAuthProvider.create(config), JwtAuthProviderService.PROVIDER_NAME);
}
Aggregations