Example 1 with TokenAuthenticationRequest
use of io.quarkus.security.identity.request.TokenAuthenticationRequest in project quarkus by quarkusio.
the class TokenRealmUnitTest method testAuthenticator.
@Test
public void testAuthenticator() throws Exception {
KeyPair keyPair = generateKeyPair();
PublicKey pk1 = keyPair.getPublic();
PrivateKey pk1Priv = keyPair.getPrivate();
JWTAuthContextInfo contextInfo = new JWTAuthContextInfo((RSAPublicKey) pk1, "https://server.example.com");
MpJwtValidator jwtValidator = new MpJwtValidator(new DefaultJWTParser(contextInfo), null);
QuarkusIdentityProviderManagerImpl authenticator = QuarkusIdentityProviderManagerImpl.builder().addProvider(new AnonymousIdentityProvider()).setBlockingExecutor(new Executor() {
@Override
public void execute(Runnable command) {
command.run();
}
}).addProvider(jwtValidator).build();
String jwt = TokenUtils.generateTokenString("/Token1.json", pk1Priv, "testTokenRealm");
TokenAuthenticationRequest tokenEvidence = new TokenAuthenticationRequest(new JsonWebTokenCredential(jwt));
SecurityIdentity securityIdentity = authenticator.authenticate(tokenEvidence).await().indefinitely();
Assertions.assertNotNull(securityIdentity);
Assertions.assertEquals("jdoe@example.com", securityIdentity.getPrincipal().getName());
}
Also used :
KeyPair(java.security.KeyPair)
PrivateKey(java.security.PrivateKey)
TokenAuthenticationRequest(io.quarkus.security.identity.request.TokenAuthenticationRequest)
PublicKey(java.security.PublicKey)
RSAPublicKey(java.security.interfaces.RSAPublicKey)
QuarkusIdentityProviderManagerImpl(io.quarkus.security.runtime.QuarkusIdentityProviderManagerImpl)
AnonymousIdentityProvider(io.quarkus.security.runtime.AnonymousIdentityProvider)
JsonWebTokenCredential(io.quarkus.smallrye.jwt.runtime.auth.JsonWebTokenCredential)
MpJwtValidator(io.quarkus.smallrye.jwt.runtime.auth.MpJwtValidator)
JWTAuthContextInfo(io.smallrye.jwt.auth.principal.JWTAuthContextInfo)
SecurityIdentity(io.quarkus.security.identity.SecurityIdentity)
Executor(java.util.concurrent.Executor)
DefaultJWTParser(io.smallrye.jwt.auth.principal.DefaultJWTParser)
Test(org.junit.jupiter.api.Test)
Example 2 with TokenAuthenticationRequest
use of io.quarkus.security.identity.request.TokenAuthenticationRequest in project quarkus by quarkusio.
the class OAuth2AuthMechanism method authenticate.
/**
* Extract the Authorization header and validate the bearer token if it exists. If it does, and is validated, this
* builds the org.jboss.security.SecurityContext authenticated Subject that drives the container APIs as well as
* the authorization layers.
*
* @param context - the http request exchange object
* @param identityProviderManager - the current security context that
* @return one of AUTHENTICATED, NOT_AUTHENTICATED or NOT_ATTEMPTED depending on the header and authentication outcome.
*/
@Override
public Uni<SecurityIdentity> authenticate(RoutingContext context, IdentityProviderManager identityProviderManager) {
String authHeader = context.request().headers().get("Authorization");
String bearerToken = authHeader != null ? authHeader.substring(7) : null;
if (bearerToken != null) {
// Install the OAuth2 principal as the caller
return identityProviderManager.authenticate(new TokenAuthenticationRequest(new TokenCredential(bearerToken, "bearer")));
}
// No suitable header has been found in this request,
return Uni.createFrom().nullItem();
}
Also used :
TokenAuthenticationRequest(io.quarkus.security.identity.request.TokenAuthenticationRequest)
TokenCredential(io.quarkus.security.credential.TokenCredential)
Example 3 with TokenAuthenticationRequest
use of io.quarkus.security.identity.request.TokenAuthenticationRequest in project boardgamefiesta by tomwetjens.
the class EventsAuthFilter method doFilter.
@Override
public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws IOException, ServletException {
var httpServletRequest = (HttpServletRequest) servletRequest;
var httpServletResponse = (HttpServletResponse) servletResponse;
var token = httpServletRequest.getParameter("token");
if (token == null || "".equals(token)) {
filterChain.doFilter(servletRequest, servletResponse);
return;
}
try {
var idTokenCredential = new IdTokenCredential(token, routingContext);
var tokenAuthenticationRequest = new TokenAuthenticationRequest(idTokenCredential);
SecurityIdentity securityIdentity = oidcIdentityProvider.authenticate(tokenAuthenticationRequest, function -> Uni.createFrom().item(function.get())).await().indefinitely();
filterChain.doFilter(new AuthenticatedRequest(httpServletRequest, securityIdentity.getPrincipal()), servletResponse);
} catch (CompletionException e) {
if (e.getCause() instanceof AuthenticationFailedException) {
log.debug("Authentication failed", e);
httpServletResponse.sendError(401);
} else {
log.error("Unexpected error during authentication", e);
httpServletResponse.sendError(500);
}
}
}
Also used :
HttpServletRequest(javax.servlet.http.HttpServletRequest)
SecurityIdentity(io.quarkus.security.identity.SecurityIdentity)
TokenAuthenticationRequest(io.quarkus.security.identity.request.TokenAuthenticationRequest)
AuthenticationFailedException(io.quarkus.security.AuthenticationFailedException)
CompletionException(java.util.concurrent.CompletionException)
HttpServletResponse(javax.servlet.http.HttpServletResponse)
IdTokenCredential(io.quarkus.oidc.IdTokenCredential)
Aggregations
TokenAuthenticationRequest (io.quarkus.security.identity.request.TokenAuthenticationRequest)3
SecurityIdentity (io.quarkus.security.identity.SecurityIdentity)2
IdTokenCredential (io.quarkus.oidc.IdTokenCredential)1
AuthenticationFailedException (io.quarkus.security.AuthenticationFailedException)1
TokenCredential (io.quarkus.security.credential.TokenCredential)1
AnonymousIdentityProvider (io.quarkus.security.runtime.AnonymousIdentityProvider)1
QuarkusIdentityProviderManagerImpl (io.quarkus.security.runtime.QuarkusIdentityProviderManagerImpl)1
JsonWebTokenCredential (io.quarkus.smallrye.jwt.runtime.auth.JsonWebTokenCredential)1
MpJwtValidator (io.quarkus.smallrye.jwt.runtime.auth.MpJwtValidator)1
DefaultJWTParser (io.smallrye.jwt.auth.principal.DefaultJWTParser)1
JWTAuthContextInfo (io.smallrye.jwt.auth.principal.JWTAuthContextInfo)1
KeyPair (java.security.KeyPair)1
PrivateKey (java.security.PrivateKey)1
PublicKey (java.security.PublicKey)1
RSAPublicKey (java.security.interfaces.RSAPublicKey)1
CompletionException (java.util.concurrent.CompletionException)1
Executor (java.util.concurrent.Executor)1
HttpServletRequest (javax.servlet.http.HttpServletRequest)1
HttpServletResponse (javax.servlet.http.HttpServletResponse)1
Test (org.junit.jupiter.api.Test)1
