use of io.quarkus.vertx.http.runtime.security.QuarkusHttpUser in project quarkus by quarkusio.
the class UndertowDeploymentRecorder method setupRequestScope.
public void setupRequestScope(DeploymentInfo deploymentInfo, BeanContainer beanContainer) {
CurrentVertxRequest currentVertxRequest = CDI.current().select(CurrentVertxRequest.class).get();
Instance<CurrentIdentityAssociation> identityAssociations = CDI.current().select(CurrentIdentityAssociation.class);
CurrentIdentityAssociation association;
if (identityAssociations.isResolvable()) {
association = identityAssociations.get();
} else {
association = null;
}
deploymentInfo.addThreadSetupAction(new ThreadSetupHandler() {
@Override
public <T, C> ThreadSetupHandler.Action<T, C> create(Action<T, C> action) {
return new Action<T, C>() {
@Override
public T call(HttpServerExchange exchange, C context) throws Exception {
// Not sure what to do here
ManagedContext requestContext = beanContainer.requestContext();
if (requestContext.isActive()) {
return action.call(exchange, context);
} else if (exchange == null) {
requestContext.activate();
try {
return action.call(exchange, context);
} finally {
requestContext.terminate();
}
} else {
InjectableContext.ContextState existingRequestContext = exchange.getAttachment(REQUEST_CONTEXT);
try {
requestContext.activate(existingRequestContext);
VertxHttpExchange delegate = (VertxHttpExchange) exchange.getDelegate();
RoutingContext rc = (RoutingContext) delegate.getContext();
currentVertxRequest.setCurrent(rc);
if (association != null) {
QuarkusHttpUser existing = (QuarkusHttpUser) rc.user();
if (existing != null) {
SecurityIdentity identity = existing.getSecurityIdentity();
association.setIdentity(identity);
} else {
association.setIdentity(QuarkusHttpUser.getSecurityIdentity(rc, null));
}
}
return action.call(exchange, context);
} finally {
ServletRequestContext src = exchange.getAttachment(ServletRequestContext.ATTACHMENT_KEY);
HttpServletRequestImpl req = src.getOriginalRequest();
if (req.isAsyncStarted()) {
exchange.putAttachment(REQUEST_CONTEXT, requestContext.getState());
requestContext.deactivate();
if (existingRequestContext == null) {
req.getAsyncContextInternal().addListener(new AsyncListener() {
@Override
public void onComplete(AsyncEvent event) throws IOException {
requestContext.activate(exchange.getAttachment(REQUEST_CONTEXT));
requestContext.terminate();
}
@Override
public void onTimeout(AsyncEvent event) throws IOException {
onComplete(event);
}
@Override
public void onError(AsyncEvent event) throws IOException {
onComplete(event);
}
@Override
public void onStartAsync(AsyncEvent event) throws IOException {
}
});
}
} else {
requestContext.terminate();
}
}
}
}
};
}
});
}
use of io.quarkus.vertx.http.runtime.security.QuarkusHttpUser in project quarkus by quarkusio.
the class SmallRyeHealthHandlerBase method doHandle.
private void doHandle(RoutingContext ctx) {
QuarkusHttpUser user = (QuarkusHttpUser) ctx.user();
if (user != null) {
Arc.container().instance(CurrentIdentityAssociation.class).get().setIdentity(user.getSecurityIdentity());
}
SmallRyeHealthReporter reporter = Arc.container().instance(SmallRyeHealthReporter.class).get();
SmallRyeHealth health = getHealth(reporter, ctx);
HttpServerResponse resp = ctx.response();
if (health.isDown()) {
resp.setStatusCode(503);
}
resp.headers().set(HttpHeaders.CONTENT_TYPE, "application/json; charset=UTF-8");
try (ByteArrayOutputStream outputStream = new ByteArrayOutputStream()) {
reporter.reportHealth(outputStream, health);
resp.end(Buffer.buffer(outputStream.toByteArray()));
} catch (IOException e) {
throw new UncheckedIOException(e);
}
}
use of io.quarkus.vertx.http.runtime.security.QuarkusHttpUser in project quarkus by quarkusio.
the class SmallRyeGraphQLAbstractHandler method handleWithIdentity.
private Void handleWithIdentity(final RoutingContext ctx) {
if (currentIdentityAssociation != null) {
QuarkusHttpUser existing = (QuarkusHttpUser) ctx.user();
if (existing != null) {
SecurityIdentity identity = existing.getSecurityIdentity();
currentIdentityAssociation.setIdentity(identity);
} else {
currentIdentityAssociation.setIdentity(QuarkusHttpUser.getSecurityIdentity(ctx, null));
}
}
currentVertxRequest.setCurrent(ctx);
doHandle(ctx);
return null;
}
use of io.quarkus.vertx.http.runtime.security.QuarkusHttpUser in project quarkus by quarkusio.
the class RouteHandler method handle.
@Override
public void handle(RoutingContext context) {
QuarkusHttpUser user = (QuarkusHttpUser) context.user();
// todo: how should we handle non-proactive authentication here?
if (requestContext.isActive()) {
if (currentIdentityAssociation != null) {
if (user != null) {
SecurityIdentity identity = user.getSecurityIdentity();
currentIdentityAssociation.setIdentity(identity);
} else {
currentIdentityAssociation.setIdentity(QuarkusHttpUser.getSecurityIdentity(context, null));
}
}
if (user != null) {
securityIdentityEvent.fire(user.getSecurityIdentity());
}
invoke(context);
} else {
try {
// First attempt to obtain the request context state.
// If there is a route filter and the request can have body (POST, PUT, etc.) the route
// method is invoked asynchronously (once all data are read).
// However, the request context is activated by the filter and we need to make sure
// the same context is then used in the route method
ContextState state = context.get(REQUEST_CONTEXT_STATE);
// Activate the context, i.e. set the thread locals, state can be null
requestContext.activate(state);
currentVertxRequest.setCurrent(context);
if (currentIdentityAssociation != null) {
if (user != null) {
SecurityIdentity identity = user.getSecurityIdentity();
currentIdentityAssociation.setIdentity(identity);
} else {
currentIdentityAssociation.setIdentity(QuarkusHttpUser.getSecurityIdentity(context, null));
}
}
if (user != null) {
securityIdentityEvent.fire(user.getSecurityIdentity());
}
if (state == null) {
// Reactive routes can use async processing (e.g. mutiny Uni/Multi) and context propagation
// 1. Store the state (which is basically a shared Map instance)
// 2. Terminate the context correctly when the response is disposed or an exception is thrown
final ContextState endState = requestContext.getState();
context.put(REQUEST_CONTEXT_STATE, endState);
context.addEndHandler(new Handler<AsyncResult<Void>>() {
@Override
public void handle(AsyncResult<Void> result) {
requestContext.destroy(endState);
}
});
}
invoke(context);
} finally {
// Deactivate the context, i.e. cleanup the thread locals
requestContext.deactivate();
}
}
}
use of io.quarkus.vertx.http.runtime.security.QuarkusHttpUser in project quarkus by quarkusio.
the class ServletRequestContext method handleRequestScopeActivation.
protected void handleRequestScopeActivation() {
super.handleRequestScopeActivation();
QuarkusHttpUser user = (QuarkusHttpUser) context.user();
if (user != null) {
fireSecurityIdentity(user.getSecurityIdentity());
}
}
Aggregations