Examples with AuthHandler io.pravega.auth.AuthHandler used on opensource projects

Search in sources :

Example 1 with AuthHandler

use of io.pravega.auth.AuthHandler in project pravega by pravega.

the class AuthHandlerManager method authenticateAndAuthorize.

/**
 * API to authenticate and authorize access to a given resource.
 * @param resource The resource identifier for which the access needs to be controlled.
 * @param credentials  Credentials used for authentication.
 * @param level    Expected level of access.
 * @return         Returns true if the entity represented by the custom auth headers had given level of access to the resource.
 *                 Returns false if the entity does not have access.
 * @throws AuthenticationException if an authentication failure occurred.
 */
public boolean authenticateAndAuthorize(String resource, String credentials, AuthHandler.Permissions level) throws AuthenticationException {
    Preconditions.checkNotNull(credentials, "credentials");
    boolean retVal = false;
    try {
        String[] parts = extractMethodAndToken(credentials);
        String method = parts[0];
        String token = parts[1];
        AuthHandler handler = getHandler(method);
        Preconditions.checkNotNull(handler, "Can not find handler.");
        Principal principal;
        if ((principal = handler.authenticate(token)) == null) {
            throw new AuthenticationException("Authentication failure");
        }
        retVal = handler.authorize(resource, principal).ordinal() >= level.ordinal();
    } catch (AuthException e) {
        throw new AuthenticationException("Authentication failure");
    }
    return retVal;
}
Also used : AuthHandler(io.pravega.auth.AuthHandler) AuthenticationException(io.pravega.auth.AuthenticationException) AuthException(io.pravega.auth.AuthException) Principal(java.security.Principal)

Example 2 with AuthHandler

use of io.pravega.auth.AuthHandler in project pravega by pravega.

the class AuthHandlerManager method authorize.

/**
 * API to authorize a given principal and credential.
 *
 * @param resource The resource identifier for which the access needs to be controlled.
 * @param credentials Credentials used for authentication.
 * @param level Expected level of access.
 * @param principal Principal associated with the credentials.
 *
 * @return Returns true if the entity represented by the credentials has given level of access to the resource.
 *      Returns false if the entity does not have access.
 * @throws AuthException if an authentication or authorization failure occurred.
 */
public boolean authorize(String resource, Principal principal, String credentials, AuthHandler.Permissions level) throws AuthException {
    Preconditions.checkNotNull(credentials, "credentials");
    String method = extractMethodAndToken(credentials)[0];
    AuthHandler handler = getHandler(method);
    Preconditions.checkNotNull(handler, "Can not find handler.");
    return handler.authorize(resource, principal).ordinal() >= level.ordinal();
}
Also used : AuthHandler(io.pravega.auth.AuthHandler)

Example 3 with AuthHandler

use of io.pravega.auth.AuthHandler in project pravega by pravega.

the class PravegaAuthManager method registerInterceptors.

/**
 * Loads the custom implementations of the AuthHandler interface dynamically. Registers the interceptors with grpc.
 * Stores the implementation in a local map for routing the REST auth request.
 * @param builder The grpc service builder to register the interceptors.
 */
public void registerInterceptors(ServerBuilder<?> builder) {
    try {
        if (serverConfig.isAuthorizationEnabled()) {
            ServiceLoader<AuthHandler> loader = ServiceLoader.load(AuthHandler.class);
            for (AuthHandler handler : loader) {
                try {
                    handler.initialize(serverConfig);
                    synchronized (this) {
                        if (handlerMap.putIfAbsent(handler.getHandlerName(), handler) != null) {
                            log.warn("Handler with name {} already exists. Not replacing it with the latest handler");
                            continue;
                        }
                    }
                    builder.intercept(new PravegaInterceptor(handler));
                } catch (Exception e) {
                    log.warn("Exception while initializing auth handler {}", handler, e);
                }
            }
        }
    } catch (Throwable e) {
        log.warn("Exception while loading the auth handlers", e);
    }
}
Also used : AuthHandler(io.pravega.auth.AuthHandler) AuthenticationException(io.pravega.common.auth.AuthenticationException)

Example 4 with AuthHandler

use of io.pravega.auth.AuthHandler in project pravega by pravega.

the class PravegaAuthManager method authenticate.

/**
 * API to authenticate and authroize access to a given resource.
 * @param resource The resource identifier for which the access needs to be controlled.
 * @param paramMap  Custom headers used for authentication.
 * @param level    Expected level of access.
 * @return         Returns true if the entity represented by the custom auth headers had given level of access to the resource.
 * @throws AuthenticationException Exception faced during authentication/authorization.
 */
public boolean authenticate(String resource, Map<String, String> paramMap, AuthHandler.Permissions level) throws AuthenticationException {
    boolean retVal = false;
    try {
        String method = paramMap.get("method");
        AuthHandler handler = getHandler(method);
        retVal = handler.authenticate(paramMap) && handler.authorize(resource, paramMap).ordinal() >= level.ordinal();
    } catch (RuntimeException e) {
        throw new AuthenticationException(e);
    }
    return retVal;
}
Also used : AuthHandler(io.pravega.auth.AuthHandler) AuthenticationException(io.pravega.common.auth.AuthenticationException)

Example 5 with AuthHandler

use of io.pravega.auth.AuthHandler in project pravega by pravega.

the class AuthHandlerManager method authenticate.

/**
 * API to authenticate a given credential.
 * @param credentials  Credentials used for authentication.
 *
 * @return Returns the Principal if the entity represented by credentials is authenticated.
 * @throws AuthException if an authentication failure occurred.
 */
public Principal authenticate(String credentials) throws AuthException {
    Preconditions.checkNotNull(credentials, "credentials");
    String[] parts = extractMethodAndToken(credentials);
    String method = parts[0];
    String token = parts[1];
    AuthHandler handler = getHandler(method);
    Preconditions.checkNotNull(handler, "Can not find handler.");
    return handler.authenticate(token);
}
Also used : AuthHandler(io.pravega.auth.AuthHandler)

Aggregations

AuthHandler (io.pravega.auth.AuthHandler)6 AuthenticationException (io.pravega.common.auth.AuthenticationException)2 Principal (java.security.Principal)2 AuthException (io.pravega.auth.AuthException)1 AuthenticationException (io.pravega.auth.AuthenticationException)1
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial