Search in sources :

Example 1 with QuarkusHttpUser

use of io.quarkus.vertx.http.runtime.security.QuarkusHttpUser in project quarkus by quarkusio.

the class UndertowDeploymentRecorder method setupRequestScope.

public void setupRequestScope(DeploymentInfo deploymentInfo, BeanContainer beanContainer) {
    CurrentVertxRequest currentVertxRequest = CDI.current().select(CurrentVertxRequest.class).get();
    Instance<CurrentIdentityAssociation> identityAssociations = CDI.current().select(CurrentIdentityAssociation.class);
    CurrentIdentityAssociation association;
    if (identityAssociations.isResolvable()) {
        association = identityAssociations.get();
    } else {
        association = null;
    }
    deploymentInfo.addThreadSetupAction(new ThreadSetupHandler() {

        @Override
        public <T, C> ThreadSetupHandler.Action<T, C> create(Action<T, C> action) {
            return new Action<T, C>() {

                @Override
                public T call(HttpServerExchange exchange, C context) throws Exception {
                    // Not sure what to do here
                    ManagedContext requestContext = beanContainer.requestContext();
                    if (requestContext.isActive()) {
                        return action.call(exchange, context);
                    } else if (exchange == null) {
                        requestContext.activate();
                        try {
                            return action.call(exchange, context);
                        } finally {
                            requestContext.terminate();
                        }
                    } else {
                        InjectableContext.ContextState existingRequestContext = exchange.getAttachment(REQUEST_CONTEXT);
                        try {
                            requestContext.activate(existingRequestContext);
                            VertxHttpExchange delegate = (VertxHttpExchange) exchange.getDelegate();
                            RoutingContext rc = (RoutingContext) delegate.getContext();
                            currentVertxRequest.setCurrent(rc);
                            if (association != null) {
                                QuarkusHttpUser existing = (QuarkusHttpUser) rc.user();
                                if (existing != null) {
                                    SecurityIdentity identity = existing.getSecurityIdentity();
                                    association.setIdentity(identity);
                                } else {
                                    association.setIdentity(QuarkusHttpUser.getSecurityIdentity(rc, null));
                                }
                            }
                            return action.call(exchange, context);
                        } finally {
                            ServletRequestContext src = exchange.getAttachment(ServletRequestContext.ATTACHMENT_KEY);
                            HttpServletRequestImpl req = src.getOriginalRequest();
                            if (req.isAsyncStarted()) {
                                exchange.putAttachment(REQUEST_CONTEXT, requestContext.getState());
                                requestContext.deactivate();
                                if (existingRequestContext == null) {
                                    req.getAsyncContextInternal().addListener(new AsyncListener() {

                                        @Override
                                        public void onComplete(AsyncEvent event) throws IOException {
                                            requestContext.activate(exchange.getAttachment(REQUEST_CONTEXT));
                                            requestContext.terminate();
                                        }

                                        @Override
                                        public void onTimeout(AsyncEvent event) throws IOException {
                                            onComplete(event);
                                        }

                                        @Override
                                        public void onError(AsyncEvent event) throws IOException {
                                            onComplete(event);
                                        }

                                        @Override
                                        public void onStartAsync(AsyncEvent event) throws IOException {
                                        }
                                    });
                                }
                            } else {
                                requestContext.terminate();
                            }
                        }
                    }
                }
            };
        }
    });
}
Also used : InjectableContext(io.quarkus.arc.InjectableContext) ServletRequestContext(io.undertow.servlet.handlers.ServletRequestContext) IOException(java.io.IOException) CurrentVertxRequest(io.quarkus.vertx.http.runtime.CurrentVertxRequest) AsyncEvent(javax.servlet.AsyncEvent) AuthenticationFailedException(io.quarkus.security.AuthenticationFailedException) IOException(java.io.IOException) ServletException(javax.servlet.ServletException) ForbiddenException(io.quarkus.security.ForbiddenException) UnauthorizedException(io.quarkus.security.UnauthorizedException) HttpServerExchange(io.undertow.server.HttpServerExchange) SecurityIdentity(io.quarkus.security.identity.SecurityIdentity) ThreadSetupHandler(io.undertow.servlet.api.ThreadSetupHandler) VertxHttpExchange(io.undertow.vertx.VertxHttpExchange) RoutingContext(io.vertx.ext.web.RoutingContext) HttpServletRequestImpl(io.undertow.servlet.spec.HttpServletRequestImpl) CurrentIdentityAssociation(io.quarkus.security.identity.CurrentIdentityAssociation) AsyncListener(javax.servlet.AsyncListener) ManagedContext(io.quarkus.arc.ManagedContext) QuarkusHttpUser(io.quarkus.vertx.http.runtime.security.QuarkusHttpUser)

Example 2 with QuarkusHttpUser

use of io.quarkus.vertx.http.runtime.security.QuarkusHttpUser in project quarkus by quarkusio.

the class SmallRyeHealthHandlerBase method doHandle.

private void doHandle(RoutingContext ctx) {
    QuarkusHttpUser user = (QuarkusHttpUser) ctx.user();
    if (user != null) {
        Arc.container().instance(CurrentIdentityAssociation.class).get().setIdentity(user.getSecurityIdentity());
    }
    SmallRyeHealthReporter reporter = Arc.container().instance(SmallRyeHealthReporter.class).get();
    SmallRyeHealth health = getHealth(reporter, ctx);
    HttpServerResponse resp = ctx.response();
    if (health.isDown()) {
        resp.setStatusCode(503);
    }
    resp.headers().set(HttpHeaders.CONTENT_TYPE, "application/json; charset=UTF-8");
    try (ByteArrayOutputStream outputStream = new ByteArrayOutputStream()) {
        reporter.reportHealth(outputStream, health);
        resp.end(Buffer.buffer(outputStream.toByteArray()));
    } catch (IOException e) {
        throw new UncheckedIOException(e);
    }
}
Also used : SmallRyeHealth(io.smallrye.health.SmallRyeHealth) HttpServerResponse(io.vertx.core.http.HttpServerResponse) SmallRyeHealthReporter(io.smallrye.health.SmallRyeHealthReporter) UncheckedIOException(java.io.UncheckedIOException) QuarkusHttpUser(io.quarkus.vertx.http.runtime.security.QuarkusHttpUser) ByteArrayOutputStream(java.io.ByteArrayOutputStream) IOException(java.io.IOException) UncheckedIOException(java.io.UncheckedIOException)

Example 3 with QuarkusHttpUser

use of io.quarkus.vertx.http.runtime.security.QuarkusHttpUser in project quarkus by quarkusio.

the class SmallRyeGraphQLAbstractHandler method handleWithIdentity.

private Void handleWithIdentity(final RoutingContext ctx) {
    if (currentIdentityAssociation != null) {
        QuarkusHttpUser existing = (QuarkusHttpUser) ctx.user();
        if (existing != null) {
            SecurityIdentity identity = existing.getSecurityIdentity();
            currentIdentityAssociation.setIdentity(identity);
        } else {
            currentIdentityAssociation.setIdentity(QuarkusHttpUser.getSecurityIdentity(ctx, null));
        }
    }
    currentVertxRequest.setCurrent(ctx);
    doHandle(ctx);
    return null;
}
Also used : SecurityIdentity(io.quarkus.security.identity.SecurityIdentity) QuarkusHttpUser(io.quarkus.vertx.http.runtime.security.QuarkusHttpUser)

Example 4 with QuarkusHttpUser

use of io.quarkus.vertx.http.runtime.security.QuarkusHttpUser in project quarkus by quarkusio.

the class RouteHandler method handle.

@Override
public void handle(RoutingContext context) {
    QuarkusHttpUser user = (QuarkusHttpUser) context.user();
    // todo: how should we handle non-proactive authentication here?
    if (requestContext.isActive()) {
        if (currentIdentityAssociation != null) {
            if (user != null) {
                SecurityIdentity identity = user.getSecurityIdentity();
                currentIdentityAssociation.setIdentity(identity);
            } else {
                currentIdentityAssociation.setIdentity(QuarkusHttpUser.getSecurityIdentity(context, null));
            }
        }
        if (user != null) {
            securityIdentityEvent.fire(user.getSecurityIdentity());
        }
        invoke(context);
    } else {
        try {
            // First attempt to obtain the request context state.
            // If there is a route filter and the request can have body (POST, PUT, etc.) the route
            // method is invoked asynchronously (once all data are read).
            // However, the request context is activated by the filter and we need to make sure
            // the same context is then used in the route method
            ContextState state = context.get(REQUEST_CONTEXT_STATE);
            // Activate the context, i.e. set the thread locals, state can be null
            requestContext.activate(state);
            currentVertxRequest.setCurrent(context);
            if (currentIdentityAssociation != null) {
                if (user != null) {
                    SecurityIdentity identity = user.getSecurityIdentity();
                    currentIdentityAssociation.setIdentity(identity);
                } else {
                    currentIdentityAssociation.setIdentity(QuarkusHttpUser.getSecurityIdentity(context, null));
                }
            }
            if (user != null) {
                securityIdentityEvent.fire(user.getSecurityIdentity());
            }
            if (state == null) {
                // Reactive routes can use async processing (e.g. mutiny Uni/Multi) and context propagation
                // 1. Store the state (which is basically a shared Map instance)
                // 2. Terminate the context correctly when the response is disposed or an exception is thrown
                final ContextState endState = requestContext.getState();
                context.put(REQUEST_CONTEXT_STATE, endState);
                context.addEndHandler(new Handler<AsyncResult<Void>>() {

                    @Override
                    public void handle(AsyncResult<Void> result) {
                        requestContext.destroy(endState);
                    }
                });
            }
            invoke(context);
        } finally {
            // Deactivate the context, i.e. cleanup the thread locals
            requestContext.deactivate();
        }
    }
}
Also used : SecurityIdentity(io.quarkus.security.identity.SecurityIdentity) ContextState(io.quarkus.arc.InjectableContext.ContextState) QuarkusHttpUser(io.quarkus.vertx.http.runtime.security.QuarkusHttpUser) AsyncResult(io.vertx.core.AsyncResult)

Example 5 with QuarkusHttpUser

use of io.quarkus.vertx.http.runtime.security.QuarkusHttpUser in project quarkus by quarkusio.

the class ServletRequestContext method handleRequestScopeActivation.

protected void handleRequestScopeActivation() {
    super.handleRequestScopeActivation();
    QuarkusHttpUser user = (QuarkusHttpUser) context.user();
    if (user != null) {
        fireSecurityIdentity(user.getSecurityIdentity());
    }
}
Also used : QuarkusHttpUser(io.quarkus.vertx.http.runtime.security.QuarkusHttpUser)

Aggregations

QuarkusHttpUser (io.quarkus.vertx.http.runtime.security.QuarkusHttpUser)12 SecurityIdentity (io.quarkus.security.identity.SecurityIdentity)10 ManagedContext (io.quarkus.arc.ManagedContext)5 IOException (java.io.IOException)3 RequestContextImpl (io.quarkus.funqy.runtime.RequestContextImpl)2 HttpServerResponse (io.vertx.core.http.HttpServerResponse)2 RoutingContext (io.vertx.ext.web.RoutingContext)2 ByteArrayOutputStream (java.io.ByteArrayOutputStream)2 ServletException (javax.servlet.ServletException)2 JsonProcessingException (com.fasterxml.jackson.core.JsonProcessingException)1 ObjectWriter (com.fasterxml.jackson.databind.ObjectWriter)1 InjectableContext (io.quarkus.arc.InjectableContext)1 ContextState (io.quarkus.arc.InjectableContext.ContextState)1 AccessTokenCredential (io.quarkus.oidc.AccessTokenCredential)1 AuthenticationFailedException (io.quarkus.security.AuthenticationFailedException)1 ForbiddenException (io.quarkus.security.ForbiddenException)1 UnauthorizedException (io.quarkus.security.UnauthorizedException)1 CurrentIdentityAssociation (io.quarkus.security.identity.CurrentIdentityAssociation)1 CurrentVertxRequest (io.quarkus.vertx.http.runtime.CurrentVertxRequest)1 SmallRyeHealth (io.smallrye.health.SmallRyeHealth)1