Search in sources :

Example 1 with Authentication

use of io.micronaut.security.authentication.Authentication in project micronaut-security by micronaut-projects.

the class InterceptUrlMapRule method check.

/**
 * If no configured pattern matches the request, return {@link SecurityRuleResult#UNKNOWN}.
 * Reads the rules in order. The first matched rule will be used for determining authorization.
 *
 * @param request The current request
 * @param routeMatch The matched route
 * @param authentication The user authentication. Null if not authenticated
 * @return The result
 */
@Override
public Publisher<SecurityRuleResult> check(HttpRequest<?> request, @Nullable RouteMatch<?> routeMatch, @Nullable Authentication authentication) {
    final String path = request.getUri().getPath();
    final HttpMethod httpMethod = request.getMethod();
    Predicate<InterceptUrlMapPattern> exactMatch = p -> pathMatcher.matches(p.getPattern(), path) && p.getHttpMethod().isPresent() && httpMethod.equals(p.getHttpMethod().get());
    Predicate<InterceptUrlMapPattern> uriPatternMatchOnly = p -> pathMatcher.matches(p.getPattern(), path) && !p.getHttpMethod().isPresent();
    Optional<InterceptUrlMapPattern> matchedPattern = getPatternList().stream().filter(exactMatch).findFirst();
    // if we don't get an exact match try to find a match by the uri pattern
    if (!matchedPattern.isPresent()) {
        if (LOG.isDebugEnabled()) {
            LOG.debug("No url map pattern exact match found for path [{}] and method [{}]. Searching in patterns with no defined method.", path, httpMethod);
        }
        matchedPattern = getPatternList().stream().filter(uriPatternMatchOnly).findFirst();
        if (LOG.isDebugEnabled()) {
            if (matchedPattern.isPresent()) {
                LOG.debug("Url map pattern found for path [{}]. Comparing roles.", path);
            } else {
                LOG.debug("No url map pattern match found for path [{}]. Returning unknown.", path);
            }
        }
    }
    return Mono.from(matchedPattern.map(pattern -> compareRoles(pattern.getAccess(), getRoles(authentication))).orElse(Mono.just(SecurityRuleResult.UNKNOWN)));
}
Also used : HttpMethod(io.micronaut.http.HttpMethod) Logger(org.slf4j.Logger) Predicate(java.util.function.Predicate) Publisher(org.reactivestreams.Publisher) LoggerFactory(org.slf4j.LoggerFactory) Authentication(io.micronaut.security.authentication.Authentication) PathMatcher(io.micronaut.core.util.PathMatcher) Mono(reactor.core.publisher.Mono) AntPathMatcher(io.micronaut.core.util.AntPathMatcher) InterceptUrlMapPattern(io.micronaut.security.config.InterceptUrlMapPattern) List(java.util.List) Nullable(io.micronaut.core.annotation.Nullable) RolesFinder(io.micronaut.security.token.RolesFinder) Optional(java.util.Optional) HttpRequest(io.micronaut.http.HttpRequest) RouteMatch(io.micronaut.web.router.RouteMatch) Inject(jakarta.inject.Inject) InterceptUrlMapPattern(io.micronaut.security.config.InterceptUrlMapPattern) HttpMethod(io.micronaut.http.HttpMethod)

Example 2 with Authentication

use of io.micronaut.security.authentication.Authentication in project micronaut-security by micronaut-projects.

the class SessionAuthenticationFetcher method fetchAuthentication.

@Override
public Publisher<Authentication> fetchAuthentication(HttpRequest<?> request) {
    return Mono.<Authentication>create(emitter -> {
        Optional<Session> opt = request.getAttributes().get(HttpSessionFilter.SESSION_ATTRIBUTE, Session.class);
        if (opt.isPresent()) {
            Session session = opt.get();
            Optional<Authentication> authentication = session.get(SecurityFilter.AUTHENTICATION, Authentication.class);
            authentication.ifPresent(emitter::success);
        }
        emitter.success();
    });
}
Also used : Authentication(io.micronaut.security.authentication.Authentication) Session(io.micronaut.session.Session)

Example 3 with Authentication

use of io.micronaut.security.authentication.Authentication in project micronaut-security by micronaut-projects.

the class X509AuthenticationFetcher method fetchAuthentication.

@Override
public Publisher<Authentication> fetchAuthentication(HttpRequest<?> request) {
    return Mono.<Authentication>create(emitter -> {
        Optional<Certificate> optionalCertificate = request.getCertificate();
        if (optionalCertificate.isPresent()) {
            Certificate certificate = optionalCertificate.get();
            if (certificate instanceof X509Certificate) {
                emitter.success(new Authentication() {

                    X509Certificate x509Certificate = ((X509Certificate) certificate);

                    @Override
                    public String getName() {
                        return x509Certificate.getIssuerX500Principal().getName();
                    }

                    @NonNull
                    @Override
                    public Map<String, Object> getAttributes() {
                        return Collections.emptyMap();
                    }
                });
                return;
            }
        }
        emitter.success();
    });
}
Also used : Authentication(io.micronaut.security.authentication.Authentication) NonNull(io.micronaut.core.annotation.NonNull) Map(java.util.Map) X509Certificate(java.security.cert.X509Certificate) X509Certificate(java.security.cert.X509Certificate) Certificate(java.security.cert.Certificate)

Aggregations

Authentication (io.micronaut.security.authentication.Authentication)3 NonNull (io.micronaut.core.annotation.NonNull)1 Nullable (io.micronaut.core.annotation.Nullable)1 AntPathMatcher (io.micronaut.core.util.AntPathMatcher)1 PathMatcher (io.micronaut.core.util.PathMatcher)1 HttpMethod (io.micronaut.http.HttpMethod)1 HttpRequest (io.micronaut.http.HttpRequest)1 InterceptUrlMapPattern (io.micronaut.security.config.InterceptUrlMapPattern)1 RolesFinder (io.micronaut.security.token.RolesFinder)1 Session (io.micronaut.session.Session)1 RouteMatch (io.micronaut.web.router.RouteMatch)1 Inject (jakarta.inject.Inject)1 Certificate (java.security.cert.Certificate)1 X509Certificate (java.security.cert.X509Certificate)1 List (java.util.List)1 Map (java.util.Map)1 Optional (java.util.Optional)1 Predicate (java.util.function.Predicate)1 Publisher (org.reactivestreams.Publisher)1 Logger (org.slf4j.Logger)1