Search in sources :

Example 1 with Credential

use of io.quarkus.security.credential.Credential in project quarkus by quarkusio.

the class SecurityContextOverrideHandler method updateIdentity.

private void updateIdentity(ResteasyReactiveRequestContext requestContext, SecurityContext modified) {
    requestContext.requireCDIRequestScope();
    InjectableInstance<CurrentIdentityAssociation> instance = getCurrentIdentityAssociation();
    if (instance.isResolvable()) {
        CurrentIdentityAssociation currentIdentityAssociation = instance.get();
        Uni<SecurityIdentity> oldIdentity = currentIdentityAssociation.getDeferredIdentity();
        currentIdentityAssociation.setIdentity(oldIdentity.map(new Function<SecurityIdentity, SecurityIdentity>() {

            @Override
            public SecurityIdentity apply(SecurityIdentity old) {
                Set<Credential> oldCredentials = old.getCredentials();
                Map<String, Object> oldAttributes = old.getAttributes();
                return new SecurityIdentity() {

                    @Override
                    public Principal getPrincipal() {
                        return modified.getUserPrincipal();
                    }

                    @Override
                    public boolean isAnonymous() {
                        return modified.getUserPrincipal() == null;
                    }

                    @Override
                    public Set<String> getRoles() {
                        throw new UnsupportedOperationException("retrieving all roles not supported when JAX-RS security context has been replaced");
                    }

                    @Override
                    public boolean hasRole(String role) {
                        return modified.isUserInRole(role);
                    }

                    @SuppressWarnings("unchecked")
                    @Override
                    public <T extends Credential> T getCredential(Class<T> credentialType) {
                        for (Credential cred : getCredentials()) {
                            if (credentialType.isAssignableFrom(cred.getClass())) {
                                return (T) cred;
                            }
                        }
                        return null;
                    }

                    @Override
                    public Set<Credential> getCredentials() {
                        return oldCredentials;
                    }

                    @SuppressWarnings("unchecked")
                    @Override
                    public <T> T getAttribute(String name) {
                        return (T) oldAttributes.get(name);
                    }

                    @Override
                    public Map<String, Object> getAttributes() {
                        return oldAttributes;
                    }

                    @Override
                    public Uni<Boolean> checkPermission(Permission permission) {
                        return Uni.createFrom().nullItem();
                    }
                };
            }
        }));
    }
}
Also used : Credential(io.quarkus.security.credential.Credential) SecurityIdentity(io.quarkus.security.identity.SecurityIdentity) Function(java.util.function.Function) CurrentIdentityAssociation(io.quarkus.security.identity.CurrentIdentityAssociation) Permission(java.security.Permission) ResourceClass(org.jboss.resteasy.reactive.common.model.ResourceClass)

Example 2 with Credential

use of io.quarkus.security.credential.Credential in project quarkus by quarkusio.

the class SecurityContextFilter method filter.

@Override
public void filter(ContainerRequestContext requestContext) throws IOException {
    SecurityContext modified = requestContext.getSecurityContext();
    if (modified instanceof ServletSecurityContext || modified instanceof QuarkusResteasySecurityContext) {
        // an original security context, it has not been modified
        return;
    }
    Set<Credential> oldCredentials = old.getCredentials();
    Map<String, Object> oldAttributes = old.getAttributes();
    SecurityIdentity newIdentity = new SecurityIdentity() {

        @Override
        public Principal getPrincipal() {
            return modified.getUserPrincipal();
        }

        @Override
        public boolean isAnonymous() {
            return modified.getUserPrincipal() == null;
        }

        @Override
        public Set<String> getRoles() {
            throw new UnsupportedOperationException("retrieving all roles not supported when JAX-RS security context has been replaced");
        }

        @Override
        public boolean hasRole(String role) {
            return modified.isUserInRole(role);
        }

        @Override
        public <T extends Credential> T getCredential(Class<T> credentialType) {
            for (Credential cred : getCredentials()) {
                if (credentialType.isAssignableFrom(cred.getClass())) {
                    return (T) cred;
                }
            }
            return null;
        }

        @Override
        public Set<Credential> getCredentials() {
            return oldCredentials;
        }

        @Override
        public <T> T getAttribute(String name) {
            return (T) oldAttributes.get(name);
        }

        @Override
        public Map<String, Object> getAttributes() {
            return oldAttributes;
        }

        @Override
        public Uni<Boolean> checkPermission(Permission permission) {
            return Uni.createFrom().nullItem();
        }
    };
    currentIdentityAssociation.setIdentity(newIdentity);
}
Also used : Credential(io.quarkus.security.credential.Credential) ServletSecurityContext(org.jboss.resteasy.plugins.server.servlet.ServletSecurityContext) SecurityIdentity(io.quarkus.security.identity.SecurityIdentity) QuarkusResteasySecurityContext(io.quarkus.resteasy.runtime.standalone.QuarkusResteasySecurityContext) SecurityContext(javax.ws.rs.core.SecurityContext) ServletSecurityContext(org.jboss.resteasy.plugins.server.servlet.ServletSecurityContext) QuarkusResteasySecurityContext(io.quarkus.resteasy.runtime.standalone.QuarkusResteasySecurityContext) Permission(java.security.Permission)

Aggregations

Credential (io.quarkus.security.credential.Credential)2 SecurityIdentity (io.quarkus.security.identity.SecurityIdentity)2 Permission (java.security.Permission)2 QuarkusResteasySecurityContext (io.quarkus.resteasy.runtime.standalone.QuarkusResteasySecurityContext)1 CurrentIdentityAssociation (io.quarkus.security.identity.CurrentIdentityAssociation)1 Function (java.util.function.Function)1 SecurityContext (javax.ws.rs.core.SecurityContext)1 ServletSecurityContext (org.jboss.resteasy.plugins.server.servlet.ServletSecurityContext)1 ResourceClass (org.jboss.resteasy.reactive.common.model.ResourceClass)1