use of io.vertx.ext.auth.AuthProvider in project vertx-web by vert-x3.
the class BasicAuthHandlerTest method doLogin.
private void doLogin(String realm) throws Exception {
Handler<RoutingContext> handler = rc -> {
assertNotNull(rc.user());
assertEquals("tim", rc.user().principal().getString("username"));
rc.response().end("Welcome to the protected resource!");
};
JsonObject authConfig = new JsonObject().put("properties_path", "classpath:login/loginusers.properties");
AuthProvider authProvider = ShiroAuth.create(vertx, ShiroAuthRealmType.PROPERTIES, authConfig);
router.route("/protected/*").handler(BasicAuthHandler.create(authProvider, realm));
router.route("/protected/somepage").handler(handler);
testRequest(HttpMethod.GET, "/protected/somepage", null, resp -> {
String wwwAuth = resp.headers().get("WWW-Authenticate");
assertNotNull(wwwAuth);
assertEquals("Basic realm=\"" + realm + "\"", wwwAuth);
}, 401, "Unauthorized", null);
// Now try again with credentials
testRequest(HttpMethod.GET, "/protected/somepage", req -> req.putHeader("Authorization", "Basic dGltOmRlbGljaW91czpzYXVzYWdlcw=="), resp -> {
String wwwAuth = resp.headers().get("WWW-Authenticate");
assertNull(wwwAuth);
}, 200, "OK", "Welcome to the protected resource!");
}
use of io.vertx.ext.auth.AuthProvider in project vertx-web by vert-x3.
the class BasicAuthHandlerTest method testSecurityBypass.
@Test
public void testSecurityBypass() throws Exception {
Handler<RoutingContext> handler = rc -> {
fail("should not get here");
rc.response().end("Welcome to the protected resource!");
};
JsonObject authConfig = new JsonObject().put("properties_path", "classpath:login/loginusers.properties");
AuthProvider authProvider = ShiroAuth.create(vertx, ShiroAuthRealmType.PROPERTIES, authConfig);
router.route().pathRegex("/api/.*").handler(BasicAuthHandler.create(authProvider));
router.route("/api/v1/standard-job-profiles").handler(handler);
testRequest(HttpMethod.GET, "//api/v1/standard-job-profiles", 401, "Unauthorized");
}
use of io.vertx.ext.auth.AuthProvider in project vertx-swagger by bobxwang.
the class RestApiVerticle method configRoute.
private void configRoute(final Router router) {
router.get("/logout").handler(context -> {
context.clearUser();
context.response().setStatusCode(302).putHeader("Location", "/").end();
});
AuthProvider authProvider = ChainAuth.create();
AuthHandler basicAuthHandler = BasicAuthHandler.create(authProvider);
router.route("/private/*").handler(basicAuthHandler);
Route route = router.route(HttpMethod.GET, "/private/path/");
route.handler(ctx -> ctx.response().end(new JsonObject().put("rs", new Date().toString()).encodePrettily()));
router.route(HttpMethod.GET, "/some/path/").handler(routingContext -> {
HttpServerResponse response = routingContext.response();
// 由于我们会在不同的处理器里写入响应,因此需要启用分块传输,仅当需要通过多个处理器输出响应时才需要
response.setChunked(true);
response.write("route1\n");
// 1 秒后调用下一个处理器
routingContext.vertx().setTimer(1000, tid -> routingContext.next());
});
router.route(HttpMethod.GET, "/some/path/").handler(routingContext -> {
HttpServerResponse response = routingContext.response();
response.write("route2\n");
// 1 秒后调用下一个处理器
routingContext.vertx().setTimer(1000, tid -> routingContext.next());
});
router.route(HttpMethod.GET, "/some/path/").handler(routingContext -> {
HttpServerResponse response = routingContext.response();
response.write("route3");
// 结束响应
routingContext.response().end();
});
router.route(HttpMethod.GET, "/long/time").blockingHandler(ctx -> {
// call other service maybe long time, so here we using block pattern
try {
Thread.sleep(5000l);
} catch (InterruptedException e) {
e.printStackTrace();
}
ctx.response().end(new JsonObject().put("rs", new Date().toString()).encodePrettily());
});
// 如果您需要在一个阻塞处理器中处理一个 multipart 类型的表单数据,您需要首先使用一个非阻塞的处理器来调用 setExpectMultipart(true)
router.post("/some/longtime/endpoint").handler(ctx -> {
ctx.request().setExpectMultipart(true);
ctx.next();
}).blockingHandler(ctx -> {
// 执行某些阻塞操作
});
}
use of io.vertx.ext.auth.AuthProvider in project vertx-auth by vert-x3.
the class AuthJWTExamples method example14.
public void example14(Vertx vertx) {
JsonObject config = new JsonObject().put("public-key", "BASE64-ENCODED-PUBLIC_KEY").put("permissionsClaimKey", "realm_access/roles");
AuthProvider provider = JWTAuth.create(vertx, config);
}
use of io.vertx.ext.auth.AuthProvider in project vertx-auth by vert-x3.
the class CreateShiroAuthProviderTest method testCreateWithRealm.
@Test
public void testCreateWithRealm() {
Realm realm = new MyShiroRealm();
AuthProvider authProvider = ShiroAuth.create(vertx, realm);
JsonObject authInfo = new JsonObject().put("username", "tim").put("password", "sausages");
authProvider.authenticate(authInfo, onSuccess(user -> {
assertNotNull(user);
testComplete();
}));
await();
}
Aggregations