Search in sources :

Example 1 with IdentityStore

use of javax.security.enterprise.identitystore.IdentityStore in project Payara by payara.

the class CdiInitEventHandler method installAuthenticationMechanism.

public static void installAuthenticationMechanism(AfterBeanDiscovery afterBeanDiscovery) {
    afterBeanDiscovery.addBean(new CdiProducer<IdentityStore>().scope(ApplicationScoped.class).beanClass(IdentityStore.class).types(Object.class, IdentityStore.class, SignedJWTIdentityStore.class).addToId("store " + LoginConfig.class).create(e -> new SignedJWTIdentityStore()));
    afterBeanDiscovery.addBean(new CdiProducer<HttpAuthenticationMechanism>().scope(ApplicationScoped.class).beanClass(HttpAuthenticationMechanism.class).types(Object.class, HttpAuthenticationMechanism.class, JWTAuthenticationMechanism.class).addToId("mechanism " + LoginConfig.class).create(e -> new JWTAuthenticationMechanism()));
    // MP-JWT 1.0 7.1.1. Injection of JsonWebToken
    afterBeanDiscovery.addBean(new CdiProducer<JsonWebToken>().scope(RequestScoped.class).beanClass(JsonWebToken.class).types(Object.class, JsonWebToken.class).addToId("token " + LoginConfig.class).create(e -> getJsonWebToken()));
    // MP-JWT 1.0 7.1.2
    for (JWTInjectableType injectableType : computeTypes()) {
        // Add a new Bean<T>/Dynamic producer for each type that 7.1.2 asks
        // us to support.
        afterBeanDiscovery.addBean(new CdiProducer<Object>().scope(Dependent.class).beanClass(CdiInitEventHandler.class).types(injectableType.getFullType()).qualifiers(new ClaimAnnotationLiteral()).addToId("claim for " + injectableType.getFullType()).create(creationalContext -> {
            // Get the qualifier from the injection point
            Claim claim = getQualifier(getCurrentInjectionPoint(CdiUtils.getBeanManager(), creationalContext), Claim.class);
            String claimName = getClaimName(claim);
            // Obtain the raw named value from the request scoped JsonWebToken's embedded claims and convert
            // it according to the target type for which this Bean<T> was created.
            Object claimObj = injectableType.convert(getJsonWebToken().getClaims().get(claimName));
            // into an Optional. I.e. Optional<Long> or ClaimValue<Optional<Long>>
            if (injectableType.isOptional()) {
                claimObj = Optional.ofNullable(claimObj);
            }
            // into a ClaimValue, e.g. ClaimValue<Long> or ClaimValue<Optional<Long>>
            if (injectableType.isClaimValue()) {
                claimObj = new ClaimValueImpl<Object>(claimName, claimObj);
            }
            return claimObj;
        }));
    }
}
Also used : AfterBeanDiscovery(javax.enterprise.inject.spi.AfterBeanDiscovery) ClaimValue(org.eclipse.microprofile.jwt.ClaimValue) IdentityStore(javax.security.enterprise.identitystore.IdentityStore) ClaimValueImpl(fish.payara.microprofile.jwtauth.jwt.ClaimValueImpl) CdiProducer(org.glassfish.soteria.cdi.CdiProducer) LoginConfig(org.eclipse.microprofile.auth.LoginConfig) HashSet(java.util.HashSet) CreationalContext(javax.enterprise.context.spi.CreationalContext) JsonStructure(javax.json.JsonStructure) SecurityContext(javax.security.enterprise.SecurityContext) JsonNumber(javax.json.JsonNumber) SignedJWTIdentityStore(fish.payara.microprofile.jwtauth.eesecurity.SignedJWTIdentityStore) Arrays.asList(java.util.Arrays.asList) JWTAuthenticationMechanism(fish.payara.microprofile.jwtauth.eesecurity.JWTAuthenticationMechanism) ClaimAnnotationLiteral(fish.payara.microprofile.jwtauth.jwt.ClaimAnnotationLiteral) HttpAuthenticationMechanism(javax.security.enterprise.authentication.mechanism.http.HttpAuthenticationMechanism) Collectors.toSet(java.util.stream.Collectors.toSet) Collections.emptyMap(java.util.Collections.emptyMap) JsonObject(javax.json.JsonObject) CdiUtils.getBeanReference(org.glassfish.soteria.cdi.CdiUtils.getBeanReference) JsonArray(javax.json.JsonArray) Set(java.util.Set) Claim(org.eclipse.microprofile.jwt.Claim) JsonWebTokenImpl(fish.payara.microprofile.jwtauth.jwt.JsonWebTokenImpl) JsonString(javax.json.JsonString) Dependent(javax.enterprise.context.Dependent) RequestScoped(javax.enterprise.context.RequestScoped) JsonWebToken(org.eclipse.microprofile.jwt.JsonWebToken) Annotation(java.lang.annotation.Annotation) Optional(java.util.Optional) ApplicationScoped(javax.enterprise.context.ApplicationScoped) JWTInjectableType(fish.payara.microprofile.jwtauth.jwt.JWTInjectableType) Collections(java.util.Collections) Bean(javax.enterprise.inject.spi.Bean) InjectionPoint(javax.enterprise.inject.spi.InjectionPoint) CdiUtils(org.glassfish.soteria.cdi.CdiUtils) BeanManager(javax.enterprise.inject.spi.BeanManager) HttpAuthenticationMechanism(javax.security.enterprise.authentication.mechanism.http.HttpAuthenticationMechanism) RequestScoped(javax.enterprise.context.RequestScoped) ClaimAnnotationLiteral(fish.payara.microprofile.jwtauth.jwt.ClaimAnnotationLiteral) SignedJWTIdentityStore(fish.payara.microprofile.jwtauth.eesecurity.SignedJWTIdentityStore) JsonString(javax.json.JsonString) ClaimValueImpl(fish.payara.microprofile.jwtauth.jwt.ClaimValueImpl) ApplicationScoped(javax.enterprise.context.ApplicationScoped) JWTInjectableType(fish.payara.microprofile.jwtauth.jwt.JWTInjectableType) JsonWebToken(org.eclipse.microprofile.jwt.JsonWebToken) CdiProducer(org.glassfish.soteria.cdi.CdiProducer) LoginConfig(org.eclipse.microprofile.auth.LoginConfig) JsonObject(javax.json.JsonObject) JWTAuthenticationMechanism(fish.payara.microprofile.jwtauth.eesecurity.JWTAuthenticationMechanism) IdentityStore(javax.security.enterprise.identitystore.IdentityStore) SignedJWTIdentityStore(fish.payara.microprofile.jwtauth.eesecurity.SignedJWTIdentityStore) Claim(org.eclipse.microprofile.jwt.Claim)

Aggregations

JWTAuthenticationMechanism (fish.payara.microprofile.jwtauth.eesecurity.JWTAuthenticationMechanism)1 SignedJWTIdentityStore (fish.payara.microprofile.jwtauth.eesecurity.SignedJWTIdentityStore)1 ClaimAnnotationLiteral (fish.payara.microprofile.jwtauth.jwt.ClaimAnnotationLiteral)1 ClaimValueImpl (fish.payara.microprofile.jwtauth.jwt.ClaimValueImpl)1 JWTInjectableType (fish.payara.microprofile.jwtauth.jwt.JWTInjectableType)1 JsonWebTokenImpl (fish.payara.microprofile.jwtauth.jwt.JsonWebTokenImpl)1 Annotation (java.lang.annotation.Annotation)1 Arrays.asList (java.util.Arrays.asList)1 Collections (java.util.Collections)1 Collections.emptyMap (java.util.Collections.emptyMap)1 HashSet (java.util.HashSet)1 Optional (java.util.Optional)1 Set (java.util.Set)1 Collectors.toSet (java.util.stream.Collectors.toSet)1 ApplicationScoped (javax.enterprise.context.ApplicationScoped)1 Dependent (javax.enterprise.context.Dependent)1 RequestScoped (javax.enterprise.context.RequestScoped)1 CreationalContext (javax.enterprise.context.spi.CreationalContext)1 AfterBeanDiscovery (javax.enterprise.inject.spi.AfterBeanDiscovery)1 Bean (javax.enterprise.inject.spi.Bean)1