Examples with QuarkusSecurityIdentity io.quarkus.security.runtime.QuarkusSecurityIdentity used on opensource projects

Search in sources :

Example 1 with QuarkusSecurityIdentity

use of io.quarkus.security.runtime.QuarkusSecurityIdentity in project quarkus by quarkusio.

the class OidcUtils method validateAndCreateIdentity.

static QuarkusSecurityIdentity validateAndCreateIdentity(RoutingContext vertxContext, TokenCredential credential, TenantConfigContext resolvedContext, JsonObject tokenJson, JsonObject rolesJson, UserInfo userInfo, TokenIntrospection introspectionResult) {
    OidcTenantConfig config = resolvedContext.oidcConfig;
    QuarkusSecurityIdentity.Builder builder = QuarkusSecurityIdentity.builder();
    builder.addCredential(credential);
    AuthorizationCodeTokens codeTokens = vertxContext != null ? vertxContext.get(AuthorizationCodeTokens.class.getName()) : null;
    if (codeTokens != null) {
        RefreshToken refreshTokenCredential = new RefreshToken(codeTokens.getRefreshToken());
        builder.addCredential(refreshTokenCredential);
        builder.addCredential(new AccessTokenCredential(codeTokens.getAccessToken(), refreshTokenCredential));
    }
    JsonWebToken jwtPrincipal;
    try {
        JwtClaims jwtClaims = JwtClaims.parse(tokenJson.encode());
        jwtClaims.setClaim(Claims.raw_token.name(), credential.getToken());
        jwtPrincipal = new OidcJwtCallerPrincipal(jwtClaims, credential, config.token.principalClaim.isPresent() ? config.token.principalClaim.get() : null);
    } catch (InvalidJwtException e) {
        throw new AuthenticationFailedException(e);
    }
    builder.addAttribute(QUARKUS_IDENTITY_EXPIRE_TIME, jwtPrincipal.getExpirationTime());
    builder.setPrincipal(jwtPrincipal);
    setRoutingContextAttribute(builder, vertxContext);
    setSecurityIdentityRoles(builder, config, rolesJson);
    setSecurityIdentityUserInfo(builder, userInfo);
    setSecurityIdentityIntrospecton(builder, introspectionResult);
    setSecurityIdentityConfigMetadata(builder, resolvedContext);
    setBlockinApiAttribute(builder, vertxContext);
    setTenantIdAttribute(builder, config);
    return builder.build();
}
Also used : InvalidJwtException(org.jose4j.jwt.consumer.InvalidJwtException) RefreshToken(io.quarkus.oidc.RefreshToken) QuarkusSecurityIdentity(io.quarkus.security.runtime.QuarkusSecurityIdentity) JwtClaims(org.jose4j.jwt.JwtClaims) AuthenticationFailedException(io.quarkus.security.AuthenticationFailedException) Builder(io.quarkus.security.runtime.QuarkusSecurityIdentity.Builder) AuthorizationCodeTokens(io.quarkus.oidc.AuthorizationCodeTokens) AccessTokenCredential(io.quarkus.oidc.AccessTokenCredential) JsonWebToken(org.eclipse.microprofile.jwt.JsonWebToken) OidcTenantConfig(io.quarkus.oidc.OidcTenantConfig)

Example 2 with QuarkusSecurityIdentity

use of io.quarkus.security.runtime.QuarkusSecurityIdentity in project quarkus by quarkusio.

the class TestIdentityProvider method authenticate.

@Override
public Uni<SecurityIdentity> authenticate(UsernamePasswordAuthenticationRequest request, AuthenticationRequestContext context) {
    TestIdentityController.TestIdentity ident = TestIdentityController.identities.get(request.getUsername());
    if (ident == null) {
        return Uni.createFrom().optional(Optional.empty());
    }
    if (!ident.password.equals(new String(request.getPassword().getPassword()))) {
        return Uni.createFrom().failure(new AuthenticationFailedException());
    }
    QuarkusSecurityIdentity identity = QuarkusSecurityIdentity.builder().setPrincipal(new QuarkusPrincipal(ident.username)).addRoles(ident.roles).addCredential(request.getPassword()).build();
    return Uni.createFrom().item(identity);
}
Also used : QuarkusSecurityIdentity(io.quarkus.security.runtime.QuarkusSecurityIdentity) AuthenticationFailedException(io.quarkus.security.AuthenticationFailedException) QuarkusPrincipal(io.quarkus.security.runtime.QuarkusPrincipal)

Example 3 with QuarkusSecurityIdentity

use of io.quarkus.security.runtime.QuarkusSecurityIdentity in project corrigeExamBack by barais.

the class UserJWTController method authorize.

@POST
@Path("/authenticate")
@PermitAll
public Response authorize(@Valid LoginVM loginVM) {
    try {
        QuarkusSecurityIdentity identity = authenticationService.authenticate(loginVM.username, loginVM.password);
        boolean rememberMe = (loginVM.rememberMe == null) ? false : loginVM.rememberMe;
        String jwt = tokenProvider.createToken(identity, rememberMe);
        return Response.ok().entity(new JWTToken(jwt)).header("Authorization", "Bearer " + jwt).build();
    } catch (SecurityException e) {
        return Response.status(401).build();
    }
}
Also used : QuarkusSecurityIdentity(io.quarkus.security.runtime.QuarkusSecurityIdentity) Path(javax.ws.rs.Path) POST(javax.ws.rs.POST) PermitAll(javax.annotation.security.PermitAll)

Example 4 with QuarkusSecurityIdentity

use of io.quarkus.security.runtime.QuarkusSecurityIdentity in project corrigeExamBack by barais.

the class AuthenticationService method createQuarkusSecurityIdentity.

private QuarkusSecurityIdentity createQuarkusSecurityIdentity(User user) {
    QuarkusSecurityIdentity.Builder builder = QuarkusSecurityIdentity.builder();
    builder.setPrincipal(new QuarkusPrincipal(user.login));
    builder.addCredential(new io.quarkus.security.credential.PasswordCredential(user.password.toCharArray()));
    builder.addRoles(user.authorities.stream().map(authority -> authority.name).collect(Collectors.toSet()));
    return builder.build();
}
Also used : QuarkusSecurityIdentity(io.quarkus.security.runtime.QuarkusSecurityIdentity) QuarkusPrincipal(io.quarkus.security.runtime.QuarkusPrincipal)

Aggregations

QuarkusSecurityIdentity (io.quarkus.security.runtime.QuarkusSecurityIdentity)4 AuthenticationFailedException (io.quarkus.security.AuthenticationFailedException)2 QuarkusPrincipal (io.quarkus.security.runtime.QuarkusPrincipal)2 AccessTokenCredential (io.quarkus.oidc.AccessTokenCredential)1 AuthorizationCodeTokens (io.quarkus.oidc.AuthorizationCodeTokens)1 OidcTenantConfig (io.quarkus.oidc.OidcTenantConfig)1 RefreshToken (io.quarkus.oidc.RefreshToken)1 Builder (io.quarkus.security.runtime.QuarkusSecurityIdentity.Builder)1 PermitAll (javax.annotation.security.PermitAll)1 POST (javax.ws.rs.POST)1 Path (javax.ws.rs.Path)1 JsonWebToken (org.eclipse.microprofile.jwt.JsonWebToken)1 JwtClaims (org.jose4j.jwt.JwtClaims)1 InvalidJwtException (org.jose4j.jwt.consumer.InvalidJwtException)1
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial