use of io.micronaut.context.annotation.Requires in project micronaut-gcp by micronaut-projects.
the class GoogleCredentialsFactory method defaultGoogleCredentials.
/**
* Method used to return the default {@link GoogleCredentials} and provide it as a bean.
*
* It will determine which credential in the following way:
* <ol>
* <li>If <pre>gcp.credentials.location</pre> is specified, use its location</li>
* <li>Otherwise, if <pre>gcp.credentials.encodedKey</pre> is specified, decode it and use its content</li>
* <li>None of the 2 properties were specified, use Application Default credential resolution. See
* <a href="https://github.com/googleapis/google-cloud-java#authentication">Google Cloud Java authentication</a>.
* This will resolve credential in the following order:
* <ol>
* <li>The credentials file pointed to by the <pre>GOOGLE_APPLICATION_CREDENTIALS</pre> environment variable</li>
* <li>Credentials provided by the Google Cloud SDK <pre>gcloud auth application-default login</pre> command</li>
* <li>Google App Engine built-in credentials when running inside of Google App Engine</li>
* <li>Google Cloud Shell built-in credentials when running inside of Google Cloud Shell</li>
* <li>Google Compute Engine built-in credentials when running inside of Google Compute Engine or Kubernetes Engine</li>
* </ol>
* </li>
* </ol>
*
* @return The {@link GoogleCredentials}
* @throws IOException An exception if an error occurs
*/
@Requires(missingBeans = GoogleCredentials.class)
@Requires(classes = com.google.auth.oauth2.GoogleCredentials.class)
@Primary
@Singleton
protected GoogleCredentials defaultGoogleCredentials() throws IOException {
final List<String> scopes = configuration.getScopes().stream().map(URI::toString).collect(Collectors.toList());
GoogleCredentials credentials;
if (configuration.getLocation().isPresent() && configuration.getEncodedKey().isPresent()) {
throw new ConfigurationException("Please specify only one of gcp.credentials.location or gcp.credentials.encodedKey");
} else if (configuration.getLocation().isPresent()) {
LOG.info("Google Credentials from gcp.credentials.location = " + configuration.getLocation());
FileInputStream fis = new FileInputStream(configuration.getLocation().get());
credentials = GoogleCredentials.fromStream(fis);
fis.close();
} else if (configuration.getEncodedKey().isPresent()) {
LOG.info("Google Credentials from gcp.credentials.encodedKey");
Base64.Decoder decoder = Base64.getDecoder();
byte[] bytes = decoder.decode(configuration.getEncodedKey().get());
ByteArrayInputStream is = new ByteArrayInputStream(bytes);
credentials = GoogleCredentials.fromStream(is);
is.close();
} else {
LOG.info("Google Credentials from Application Default Credentials");
credentials = GoogleCredentials.getApplicationDefault();
}
return credentials.createScoped(scopes);
}
use of io.micronaut.context.annotation.Requires in project micronaut-security by micronaut-projects.
the class OpenIdClientFactory method openIdClient.
/**
* Creates an {@link OpenIdClient} from the provided parameters.
*
* @param openIdClientConfiguration The openid client configuration
* @param clientConfiguration The client configuration
* @param openIdProviderMetadata The open id provider metadata
* @param authenticationMapper The user details mapper
* @param redirectUrlBuilder The redirect URL builder
* @param authorizationResponseHandler The authorization response handler
* @param endSessionEndpointResolver The end session resolver
* @param endSessionCallbackUrlBuilder The end session callback URL builder
* @return The OpenID client, or null if the client configuration does not allow it
*/
@EachBean(OpenIdClientConfiguration.class)
@Requires(condition = OpenIdClientCondition.class)
@SuppressWarnings("java:S107")
DefaultOpenIdClient openIdClient(@Parameter OpenIdClientConfiguration openIdClientConfiguration, @Parameter OauthClientConfiguration clientConfiguration, @Parameter BeanProvider<DefaultOpenIdProviderMetadata> openIdProviderMetadata, @Parameter @Nullable OpenIdAuthenticationMapper authenticationMapper, AuthorizationRedirectHandler redirectUrlBuilder, OpenIdAuthorizationResponseHandler authorizationResponseHandler, EndSessionEndpointResolver endSessionEndpointResolver, EndSessionCallbackUrlBuilder endSessionCallbackUrlBuilder) {
Supplier<OpenIdProviderMetadata> metadataSupplier = SupplierUtil.memoized(openIdProviderMetadata::get);
EndSessionEndpoint endSessionEndpoint = null;
if (openIdClientConfiguration.getEndSession().isEnabled()) {
endSessionEndpoint = endSessionEndpointResolver.resolve(clientConfiguration, metadataSupplier, endSessionCallbackUrlBuilder).orElse(null);
}
return new DefaultOpenIdClient(clientConfiguration, metadataSupplier, authenticationMapper, redirectUrlBuilder, authorizationResponseHandler, beanContext, endSessionEndpoint);
}
use of io.micronaut.context.annotation.Requires in project micronaut-security by micronaut-projects.
the class JwksUriSignatureFactory method createJwksUriSignature.
/**
* @param openIdProviderMetadata The open id provider metadata
* @param jwkValidator JWK Validator
* @return a {@link JwksSignature} pointed to the jwks_uri exposed via OpenID configuration
*/
@Requires(property = SecurityConfigurationProperties.PREFIX + ".authentication", value = "idtoken")
@EachBean(DefaultOpenIdProviderMetadata.class)
public JwksSignature createJwksUriSignature(@Parameter BeanProvider<DefaultOpenIdProviderMetadata> openIdProviderMetadata, JwkValidator jwkValidator) {
JwksSignatureConfigurationProperties jwksSignatureConfiguration = new JwksSignatureConfigurationProperties();
jwksSignatureConfiguration.setUrl(openIdProviderMetadata.get().getJwksUri());
return new JwksSignature(jwksSignatureConfiguration, jwkValidator);
}
Aggregations