Search in sources :

Example 1 with AuthenticationHandler

use of io.vertx.ext.web.handler.AuthenticationHandler in project vertx-web by vert-x3.

the class AuthenticationHandlersStore method resolveHandlers.

private List<AuthenticationHandler> resolveHandlers(Map.Entry<String, Object> e, boolean failOnNotFound) {
    List<AuthenticationHandler> authenticationHandlers;
    if (failOnNotFound) {
        authenticationHandlers = Optional.ofNullable(this.securityHandlers.get(e.getKey())).orElseThrow(() -> RouterBuilderException.createMissingSecurityHandler(e.getKey()));
    } else {
        authenticationHandlers = Optional.ofNullable(this.securityHandlers.get(e.getKey())).orElse(Collections.emptyList());
    }
    // Some scopes are defines, we need to configure them in OAuth2Handlers
    if (e.getValue() instanceof JsonArray && ((JsonArray) e.getValue()).size() != 0) {
        List<String> scopes = ((JsonArray) e.getValue()).stream().map(v -> (String) v).collect(Collectors.toList());
        for (int i = 0; i < authenticationHandlers.size(); i++) {
            if (authenticationHandlers.get(i) instanceof ScopedAuthentication<?>) {
                ScopedAuthentication<?> scopedHandler = (ScopedAuthentication<?>) authenticationHandlers.get(i);
                // this mutates the state, so we replace the list with an updated handler
                AuthenticationHandler updatedHandler = scopedHandler.withScopes(scopes);
                authenticationHandlers.set(i, updatedHandler);
            }
        }
    }
    return authenticationHandlers;
}
Also used : JsonArray(io.vertx.core.json.JsonArray) JsonArray(io.vertx.core.json.JsonArray) RouterBuilderException(io.vertx.ext.web.openapi.RouterBuilderException) java.util(java.util) User(io.vertx.ext.auth.User) SimpleAuthenticationHandler(io.vertx.ext.web.handler.SimpleAuthenticationHandler) ChainAuthHandler(io.vertx.ext.web.handler.ChainAuthHandler) AuthenticationHandler(io.vertx.ext.web.handler.AuthenticationHandler) JsonObject(io.vertx.core.json.JsonObject) Future(io.vertx.core.Future) Collectors(java.util.stream.Collectors) ScopedAuthentication(io.vertx.ext.web.handler.impl.ScopedAuthentication) ScopedAuthentication(io.vertx.ext.web.handler.impl.ScopedAuthentication) SimpleAuthenticationHandler(io.vertx.ext.web.handler.SimpleAuthenticationHandler) AuthenticationHandler(io.vertx.ext.web.handler.AuthenticationHandler)

Example 2 with AuthenticationHandler

use of io.vertx.ext.web.handler.AuthenticationHandler in project vertx-web by vert-x3.

the class AuthenticationHandlersStore method andAuths.

private AuthenticationHandler andAuths(JsonObject securityRequirements, boolean failOnNotFound) {
    List<AuthenticationHandler> handlers = securityRequirements.stream().flatMap(e -> resolveHandlers(e, failOnNotFound).stream()).collect(Collectors.toList());
    if (handlers.size() == 0) {
        return null;
    }
    if (handlers.size() == 1) {
        return handlers.get(0);
    }
    ChainAuthHandler authHandler = ChainAuthHandler.all();
    handlers.forEach(authHandler::add);
    return authHandler;
}
Also used : JsonArray(io.vertx.core.json.JsonArray) RouterBuilderException(io.vertx.ext.web.openapi.RouterBuilderException) java.util(java.util) User(io.vertx.ext.auth.User) SimpleAuthenticationHandler(io.vertx.ext.web.handler.SimpleAuthenticationHandler) ChainAuthHandler(io.vertx.ext.web.handler.ChainAuthHandler) AuthenticationHandler(io.vertx.ext.web.handler.AuthenticationHandler) JsonObject(io.vertx.core.json.JsonObject) Future(io.vertx.core.Future) Collectors(java.util.stream.Collectors) ScopedAuthentication(io.vertx.ext.web.handler.impl.ScopedAuthentication) SimpleAuthenticationHandler(io.vertx.ext.web.handler.SimpleAuthenticationHandler) AuthenticationHandler(io.vertx.ext.web.handler.AuthenticationHandler) ChainAuthHandler(io.vertx.ext.web.handler.ChainAuthHandler)

Example 3 with AuthenticationHandler

use of io.vertx.ext.web.handler.AuthenticationHandler in project vertx-web by vert-x3.

the class AuthenticationHandlersStore method orAuths.

private AuthenticationHandler orAuths(JsonArray securityRequirements, boolean failOnNotFound) {
    if (securityRequirements == null || securityRequirements.size() == 0) {
        return null;
    }
    boolean hasEmptyAuth = false;
    for (int i = 0; i < securityRequirements.size(); i++) {
        if (EMPTY_JSON.equals(securityRequirements.getValue(i))) {
            hasEmptyAuth = true;
            securityRequirements.remove(i);
            break;
        }
    }
    ChainAuthHandler authHandler;
    switch(securityRequirements.size()) {
        case 0:
            return SUCCESS_HANDLER;
        case 1:
            if (!hasEmptyAuth) {
                // If one security requirements, we don't need a ChainAuthHandler
                return andAuths(securityRequirements.getJsonObject(0), failOnNotFound);
            }
        default:
            authHandler = ChainAuthHandler.any();
            securityRequirements.stream().map(jo -> (JsonObject) jo).map(jo -> andAuths(jo, failOnNotFound)).filter(Objects::nonNull).forEach(authHandler::add);
    }
    if (hasEmptyAuth) {
        authHandler.add(SUCCESS_HANDLER);
    }
    return authHandler;
}
Also used : JsonArray(io.vertx.core.json.JsonArray) RouterBuilderException(io.vertx.ext.web.openapi.RouterBuilderException) java.util(java.util) User(io.vertx.ext.auth.User) SimpleAuthenticationHandler(io.vertx.ext.web.handler.SimpleAuthenticationHandler) ChainAuthHandler(io.vertx.ext.web.handler.ChainAuthHandler) AuthenticationHandler(io.vertx.ext.web.handler.AuthenticationHandler) JsonObject(io.vertx.core.json.JsonObject) Future(io.vertx.core.Future) Collectors(java.util.stream.Collectors) ScopedAuthentication(io.vertx.ext.web.handler.impl.ScopedAuthentication) JsonObject(io.vertx.core.json.JsonObject) ChainAuthHandler(io.vertx.ext.web.handler.ChainAuthHandler)

Example 4 with AuthenticationHandler

use of io.vertx.ext.web.handler.AuthenticationHandler in project vertx-web by vert-x3.

the class OpenAPI3RouterBuilderImpl method createRouter.

@Override
public Router createRouter() {
    Router router = Router.router(vertx);
    Route globalRoute = router.route();
    if (bodyHandler != null) {
        globalRoute.handler(bodyHandler);
    }
    globalHandlers.forEach(globalRoute::handler);
    // sort paths by number of patterned fields so /pets/mine is matched first
    // when there is a choice between /pets/{petId} and /pets/mine
    List<ResolvedOpenAPI3Path> resolvedPaths = operations.values().stream().map(it -> new ResolvedOpenAPI3Path(it, openapi)).sorted().collect(Collectors.toList());
    for (ResolvedOpenAPI3Path resolvedPath : resolvedPaths) {
        OperationImpl operation = resolvedPath.operation;
        // If user don't want 501 handlers and the operation is not configured, skip it
        if (!options.isMountNotImplementedHandler() && !operation.isConfigured())
            continue;
        List<Handler<RoutingContext>> handlersToLoad = new ArrayList<>();
        List<Handler<RoutingContext>> failureHandlersToLoad = new ArrayList<>();
        // Authentication Handler
        AuthenticationHandler authnHandler = this.securityHandlers.solveAuthenticationHandler(OpenAPI3Utils.mergeSecurityRequirements(this.openapi.getOpenAPI().getJsonArray("security"), operation.getOperationModel().getJsonArray("security")), this.options.isRequireSecurityHandlers());
        if (authnHandler != null) {
            handlersToLoad.add(authnHandler);
        }
        // Generate ValidationHandler
        ValidationHandlerImpl validationHandler = validationHandlerGenerator.create(operation);
        handlersToLoad.add(validationHandler);
        // Check if path is set by user
        if (operation.isConfigured()) {
            handlersToLoad.addAll(operation.getUserHandlers());
            failureHandlersToLoad.addAll(operation.getUserFailureHandlers());
            if (operation.mustMountRouteToService()) {
                try {
                    io.vertx.ext.web.api.service.RouteToEBServiceHandler routeToEBServiceHandler = (operation.getEbServiceDeliveryOptions() != null) ? io.vertx.ext.web.api.service.RouteToEBServiceHandler.build(vertx.eventBus(), operation.getEbServiceAddress(), operation.getEbServiceMethodName(), operation.getEbServiceDeliveryOptions()) : io.vertx.ext.web.api.service.RouteToEBServiceHandler.build(vertx.eventBus(), operation.getEbServiceAddress(), operation.getEbServiceMethodName());
                    routeToEBServiceHandler.extraPayloadMapper(serviceExtraPayloadMapper);
                    handlersToLoad.add(routeToEBServiceHandler);
                } catch (NoClassDefFoundError exception) {
                    throw new IllegalStateException("You're trying to use api service without adding it to your classpath. " + "Check you have included vertx-web-api-service in your dependencies", exception);
                }
            }
        } else {
            // Check if not implemented or method not allowed
            List<HttpMethod> configuredMethodsForThisPath = operations.values().stream().filter(ov -> operation.getOpenAPIPath().equals(ov.getOpenAPIPath())).filter(OperationImpl::isConfigured).map(OperationImpl::getHttpMethod).collect(Collectors.toList());
            if (!configuredMethodsForThisPath.isEmpty())
                handlersToLoad.add(generateNotAllowedHandler(configuredMethodsForThisPath));
            else
                handlersToLoad.add(NOT_IMPLEMENTED_HANDLER);
        }
        // Now add all handlers to route
        Route route = resolvedPath.optionalPattern.map(solvedRegex -> router.routeWithRegex(operation.getHttpMethod(), solvedRegex.toString())).orElseGet(() -> router.route(operation.getHttpMethod(), operation.getOpenAPIPath())).setName(options.getRouteNamingStrategy().apply(operation));
        String exposeConfigurationKey = this.getOptions().getOperationModelKey();
        if (exposeConfigurationKey != null)
            route.handler(context -> context.put(exposeConfigurationKey, operation.getOperationModel()).next());
        // Set produces/consumes
        Set<String> consumes = ((JsonObject) JsonPointer.from("/requestBody/content").queryJsonOrDefault(operation.getOperationModel(), new JsonObject())).fieldNames();
        Set<String> produces = operation.getOperationModel().getJsonObject("responses", new JsonObject()).stream().map(Map.Entry::getValue).map(j -> (JsonObject) j).flatMap(j -> j.getJsonObject("content", new JsonObject()).fieldNames().stream()).collect(Collectors.toSet());
        for (String ct : produces) route.produces(ct);
        if (!consumes.isEmpty())
            ((RouteImpl) route).setEmptyBodyPermittedWithConsumes(!validationHandler.isBodyRequired());
        if (options.isMountResponseContentTypeHandler() && produces.size() != 0)
            route.handler(ResponseContentTypeHandler.create());
        route.setRegexGroupsNames(new ArrayList<>(resolvedPath.resolver.getMappedGroups().values()));
        for (Handler<RoutingContext> handler : handlersToLoad) route.handler(handler);
        for (Handler<RoutingContext> failureHandler : failureHandlersToLoad) route.failureHandler(failureHandler);
    }
    if (this.options.getContractEndpoint() != null) {
        router.get(this.options.getContractEndpoint()).handler(ContractEndpointHandler.create(this.openapi));
    }
    return router;
}
Also used : DeliveryOptions(io.vertx.core.eventbus.DeliveryOptions) java.util(java.util) LoggerFactory(io.vertx.core.impl.logging.LoggerFactory) OpenAPI3SchemaParser(io.vertx.json.schema.openapi3.OpenAPI3SchemaParser) AuthenticationHandler(io.vertx.ext.web.handler.AuthenticationHandler) Router(io.vertx.ext.web.Router) RoutingContext(io.vertx.ext.web.RoutingContext) BodyHandler(io.vertx.ext.web.handler.BodyHandler) Function(java.util.function.Function) ValidationHandlerImpl(io.vertx.ext.web.validation.impl.ValidationHandlerImpl) io.vertx.ext.web.openapi(io.vertx.ext.web.openapi) JsonObject(io.vertx.core.json.JsonObject) Method(java.lang.reflect.Method) Logger(io.vertx.core.impl.logging.Logger) Route(io.vertx.ext.web.Route) Vertx(io.vertx.core.Vertx) SchemaParser(io.vertx.json.schema.SchemaParser) SchemaRouter(io.vertx.json.schema.SchemaRouter) Collectors(java.util.stream.Collectors) Stream(java.util.stream.Stream) HttpMethod(io.vertx.core.http.HttpMethod) ResponseContentTypeHandler(io.vertx.ext.web.handler.ResponseContentTypeHandler) RouteImpl(io.vertx.ext.web.impl.RouteImpl) Pattern(java.util.regex.Pattern) Handler(io.vertx.core.Handler) JsonPointer(io.vertx.core.json.pointer.JsonPointer) HttpClient(io.vertx.core.http.HttpClient) JsonObject(io.vertx.core.json.JsonObject) ValidationHandlerImpl(io.vertx.ext.web.validation.impl.ValidationHandlerImpl) RoutingContext(io.vertx.ext.web.RoutingContext) AuthenticationHandler(io.vertx.ext.web.handler.AuthenticationHandler) Route(io.vertx.ext.web.Route) Router(io.vertx.ext.web.Router) SchemaRouter(io.vertx.json.schema.SchemaRouter) AuthenticationHandler(io.vertx.ext.web.handler.AuthenticationHandler) BodyHandler(io.vertx.ext.web.handler.BodyHandler) ResponseContentTypeHandler(io.vertx.ext.web.handler.ResponseContentTypeHandler) Handler(io.vertx.core.Handler) HttpMethod(io.vertx.core.http.HttpMethod)

Aggregations

JsonObject (io.vertx.core.json.JsonObject)4 AuthenticationHandler (io.vertx.ext.web.handler.AuthenticationHandler)4 java.util (java.util)4 Collectors (java.util.stream.Collectors)4 Future (io.vertx.core.Future)3 JsonArray (io.vertx.core.json.JsonArray)3 User (io.vertx.ext.auth.User)3 ChainAuthHandler (io.vertx.ext.web.handler.ChainAuthHandler)3 SimpleAuthenticationHandler (io.vertx.ext.web.handler.SimpleAuthenticationHandler)3 ScopedAuthentication (io.vertx.ext.web.handler.impl.ScopedAuthentication)3 RouterBuilderException (io.vertx.ext.web.openapi.RouterBuilderException)3 Handler (io.vertx.core.Handler)1 Vertx (io.vertx.core.Vertx)1 DeliveryOptions (io.vertx.core.eventbus.DeliveryOptions)1 HttpClient (io.vertx.core.http.HttpClient)1 HttpMethod (io.vertx.core.http.HttpMethod)1 Logger (io.vertx.core.impl.logging.Logger)1 LoggerFactory (io.vertx.core.impl.logging.LoggerFactory)1 JsonPointer (io.vertx.core.json.pointer.JsonPointer)1 Route (io.vertx.ext.web.Route)1