use of io.vertx.ext.web.handler.AuthenticationHandler in project vertx-web by vert-x3.
the class AuthenticationHandlersStore method resolveHandlers.
private List<AuthenticationHandler> resolveHandlers(Map.Entry<String, Object> e, boolean failOnNotFound) {
List<AuthenticationHandler> authenticationHandlers;
if (failOnNotFound) {
authenticationHandlers = Optional.ofNullable(this.securityHandlers.get(e.getKey())).orElseThrow(() -> RouterBuilderException.createMissingSecurityHandler(e.getKey()));
} else {
authenticationHandlers = Optional.ofNullable(this.securityHandlers.get(e.getKey())).orElse(Collections.emptyList());
}
// Some scopes are defines, we need to configure them in OAuth2Handlers
if (e.getValue() instanceof JsonArray && ((JsonArray) e.getValue()).size() != 0) {
List<String> scopes = ((JsonArray) e.getValue()).stream().map(v -> (String) v).collect(Collectors.toList());
for (int i = 0; i < authenticationHandlers.size(); i++) {
if (authenticationHandlers.get(i) instanceof ScopedAuthentication<?>) {
ScopedAuthentication<?> scopedHandler = (ScopedAuthentication<?>) authenticationHandlers.get(i);
// this mutates the state, so we replace the list with an updated handler
AuthenticationHandler updatedHandler = scopedHandler.withScopes(scopes);
authenticationHandlers.set(i, updatedHandler);
}
}
}
return authenticationHandlers;
}
use of io.vertx.ext.web.handler.AuthenticationHandler in project vertx-web by vert-x3.
the class AuthenticationHandlersStore method andAuths.
private AuthenticationHandler andAuths(JsonObject securityRequirements, boolean failOnNotFound) {
List<AuthenticationHandler> handlers = securityRequirements.stream().flatMap(e -> resolveHandlers(e, failOnNotFound).stream()).collect(Collectors.toList());
if (handlers.size() == 0) {
return null;
}
if (handlers.size() == 1) {
return handlers.get(0);
}
ChainAuthHandler authHandler = ChainAuthHandler.all();
handlers.forEach(authHandler::add);
return authHandler;
}
use of io.vertx.ext.web.handler.AuthenticationHandler in project vertx-web by vert-x3.
the class AuthenticationHandlersStore method orAuths.
private AuthenticationHandler orAuths(JsonArray securityRequirements, boolean failOnNotFound) {
if (securityRequirements == null || securityRequirements.size() == 0) {
return null;
}
boolean hasEmptyAuth = false;
for (int i = 0; i < securityRequirements.size(); i++) {
if (EMPTY_JSON.equals(securityRequirements.getValue(i))) {
hasEmptyAuth = true;
securityRequirements.remove(i);
break;
}
}
ChainAuthHandler authHandler;
switch(securityRequirements.size()) {
case 0:
return SUCCESS_HANDLER;
case 1:
if (!hasEmptyAuth) {
// If one security requirements, we don't need a ChainAuthHandler
return andAuths(securityRequirements.getJsonObject(0), failOnNotFound);
}
default:
authHandler = ChainAuthHandler.any();
securityRequirements.stream().map(jo -> (JsonObject) jo).map(jo -> andAuths(jo, failOnNotFound)).filter(Objects::nonNull).forEach(authHandler::add);
}
if (hasEmptyAuth) {
authHandler.add(SUCCESS_HANDLER);
}
return authHandler;
}
use of io.vertx.ext.web.handler.AuthenticationHandler in project vertx-web by vert-x3.
the class OpenAPI3RouterBuilderImpl method createRouter.
@Override
public Router createRouter() {
Router router = Router.router(vertx);
Route globalRoute = router.route();
if (bodyHandler != null) {
globalRoute.handler(bodyHandler);
}
globalHandlers.forEach(globalRoute::handler);
// sort paths by number of patterned fields so /pets/mine is matched first
// when there is a choice between /pets/{petId} and /pets/mine
List<ResolvedOpenAPI3Path> resolvedPaths = operations.values().stream().map(it -> new ResolvedOpenAPI3Path(it, openapi)).sorted().collect(Collectors.toList());
for (ResolvedOpenAPI3Path resolvedPath : resolvedPaths) {
OperationImpl operation = resolvedPath.operation;
// If user don't want 501 handlers and the operation is not configured, skip it
if (!options.isMountNotImplementedHandler() && !operation.isConfigured())
continue;
List<Handler<RoutingContext>> handlersToLoad = new ArrayList<>();
List<Handler<RoutingContext>> failureHandlersToLoad = new ArrayList<>();
// Authentication Handler
AuthenticationHandler authnHandler = this.securityHandlers.solveAuthenticationHandler(OpenAPI3Utils.mergeSecurityRequirements(this.openapi.getOpenAPI().getJsonArray("security"), operation.getOperationModel().getJsonArray("security")), this.options.isRequireSecurityHandlers());
if (authnHandler != null) {
handlersToLoad.add(authnHandler);
}
// Generate ValidationHandler
ValidationHandlerImpl validationHandler = validationHandlerGenerator.create(operation);
handlersToLoad.add(validationHandler);
// Check if path is set by user
if (operation.isConfigured()) {
handlersToLoad.addAll(operation.getUserHandlers());
failureHandlersToLoad.addAll(operation.getUserFailureHandlers());
if (operation.mustMountRouteToService()) {
try {
io.vertx.ext.web.api.service.RouteToEBServiceHandler routeToEBServiceHandler = (operation.getEbServiceDeliveryOptions() != null) ? io.vertx.ext.web.api.service.RouteToEBServiceHandler.build(vertx.eventBus(), operation.getEbServiceAddress(), operation.getEbServiceMethodName(), operation.getEbServiceDeliveryOptions()) : io.vertx.ext.web.api.service.RouteToEBServiceHandler.build(vertx.eventBus(), operation.getEbServiceAddress(), operation.getEbServiceMethodName());
routeToEBServiceHandler.extraPayloadMapper(serviceExtraPayloadMapper);
handlersToLoad.add(routeToEBServiceHandler);
} catch (NoClassDefFoundError exception) {
throw new IllegalStateException("You're trying to use api service without adding it to your classpath. " + "Check you have included vertx-web-api-service in your dependencies", exception);
}
}
} else {
// Check if not implemented or method not allowed
List<HttpMethod> configuredMethodsForThisPath = operations.values().stream().filter(ov -> operation.getOpenAPIPath().equals(ov.getOpenAPIPath())).filter(OperationImpl::isConfigured).map(OperationImpl::getHttpMethod).collect(Collectors.toList());
if (!configuredMethodsForThisPath.isEmpty())
handlersToLoad.add(generateNotAllowedHandler(configuredMethodsForThisPath));
else
handlersToLoad.add(NOT_IMPLEMENTED_HANDLER);
}
// Now add all handlers to route
Route route = resolvedPath.optionalPattern.map(solvedRegex -> router.routeWithRegex(operation.getHttpMethod(), solvedRegex.toString())).orElseGet(() -> router.route(operation.getHttpMethod(), operation.getOpenAPIPath())).setName(options.getRouteNamingStrategy().apply(operation));
String exposeConfigurationKey = this.getOptions().getOperationModelKey();
if (exposeConfigurationKey != null)
route.handler(context -> context.put(exposeConfigurationKey, operation.getOperationModel()).next());
// Set produces/consumes
Set<String> consumes = ((JsonObject) JsonPointer.from("/requestBody/content").queryJsonOrDefault(operation.getOperationModel(), new JsonObject())).fieldNames();
Set<String> produces = operation.getOperationModel().getJsonObject("responses", new JsonObject()).stream().map(Map.Entry::getValue).map(j -> (JsonObject) j).flatMap(j -> j.getJsonObject("content", new JsonObject()).fieldNames().stream()).collect(Collectors.toSet());
for (String ct : produces) route.produces(ct);
if (!consumes.isEmpty())
((RouteImpl) route).setEmptyBodyPermittedWithConsumes(!validationHandler.isBodyRequired());
if (options.isMountResponseContentTypeHandler() && produces.size() != 0)
route.handler(ResponseContentTypeHandler.create());
route.setRegexGroupsNames(new ArrayList<>(resolvedPath.resolver.getMappedGroups().values()));
for (Handler<RoutingContext> handler : handlersToLoad) route.handler(handler);
for (Handler<RoutingContext> failureHandler : failureHandlersToLoad) route.failureHandler(failureHandler);
}
if (this.options.getContractEndpoint() != null) {
router.get(this.options.getContractEndpoint()).handler(ContractEndpointHandler.create(this.openapi));
}
return router;
}
Aggregations