Examples with AUTHENTICATION - javax.ws.rs.Priorities.AUTHENTICATION

Example 1 with AUTHENTICATION

use of javax.ws.rs.Priorities.AUTHENTICATION in project trino by trinodb.

the class AuthenticationFilter method filter.

@Override
public void filter(ContainerRequestContext request) {
    if (InternalAuthenticationManager.isInternalRequest(request)) {
        internalAuthenticationManager.handleInternalRequest(request);
        return;
    }
    List<Authenticator> authenticators;
    if (request.getSecurityContext().isSecure()) {
        authenticators = this.authenticators;
    } else if (insecureAuthenticationOverHttpAllowed) {
        authenticators = ImmutableList.of(insecureAuthenticator);
    } else {
        throw new ForbiddenException("Authentication over HTTP is not enabled");
    }
    // try to authenticate, collecting errors and authentication headers
    Set<String> messages = new LinkedHashSet<>();
    Set<String> authenticateHeaders = new LinkedHashSet<>();
    for (Authenticator authenticator : authenticators) {
        Identity authenticatedIdentity;
        try {
            authenticatedIdentity = authenticator.authenticate(request);
        } catch (AuthenticationException e) {
            // Some authenticators (e.g. password) nest multiple internal authenticators.
            // Exceptions from additional failed login attempts are suppressed in the first exception
            Stream.concat(Stream.of(e), Arrays.stream(e.getSuppressed())).filter(ex -> ex instanceof AuthenticationException).map(AuthenticationException.class::cast).forEach(ex -> {
                if (ex.getMessage() != null) {
                    messages.add(ex.getMessage());
                }
                ex.getAuthenticateHeader().ifPresent(authenticateHeaders::add);
            });
            continue;
        }
        // authentication succeeded
        setAuthenticatedIdentity(request, authenticatedIdentity);
        return;
    }
    // authentication failed
    if (messages.isEmpty()) {
        messages.add("Unauthorized");
    }
    // The error string is used by clients for exception messages and
    // is presented to the end user, thus it should be a single line.
    String error = Joiner.on(" | ").join(messages);
    sendWwwAuthenticate(request, error, authenticateHeaders);
}

Also used : LinkedHashSet(java.util.LinkedHashSet) Arrays(java.util.Arrays) ForbiddenException(javax.ws.rs.ForbiddenException) Set(java.util.Set) ContainerRequestFilter(javax.ws.rs.container.ContainerRequestFilter) ServletSecurityUtils.sendWwwAuthenticate(io.trino.server.ServletSecurityUtils.sendWwwAuthenticate) ContainerRequestContext(javax.ws.rs.container.ContainerRequestContext) Inject(javax.inject.Inject) Priority(javax.annotation.Priority) List(java.util.List) Preconditions.checkArgument(com.google.common.base.Preconditions.checkArgument) Stream(java.util.stream.Stream) ImmutableList(com.google.common.collect.ImmutableList) InternalAuthenticationManager(io.trino.server.InternalAuthenticationManager) ServletSecurityUtils.setAuthenticatedIdentity(io.trino.server.ServletSecurityUtils.setAuthenticatedIdentity) Identity(io.trino.spi.security.Identity) Objects.requireNonNull(java.util.Objects.requireNonNull) AUTHENTICATION(javax.ws.rs.Priorities.AUTHENTICATION) LinkedHashSet(java.util.LinkedHashSet) Joiner(com.google.common.base.Joiner) ForbiddenException(javax.ws.rs.ForbiddenException) ServletSecurityUtils.setAuthenticatedIdentity(io.trino.server.ServletSecurityUtils.setAuthenticatedIdentity) Identity(io.trino.spi.security.Identity)

Aggregations

Joiner (com.google.common.base.Joiner)1 Preconditions.checkArgument (com.google.common.base.Preconditions.checkArgument)1 ImmutableList (com.google.common.collect.ImmutableList)1 InternalAuthenticationManager (io.trino.server.InternalAuthenticationManager)1 ServletSecurityUtils.sendWwwAuthenticate (io.trino.server.ServletSecurityUtils.sendWwwAuthenticate)1 ServletSecurityUtils.setAuthenticatedIdentity (io.trino.server.ServletSecurityUtils.setAuthenticatedIdentity)1 Identity (io.trino.spi.security.Identity)1 Arrays (java.util.Arrays)1 LinkedHashSet (java.util.LinkedHashSet)1 List (java.util.List)1 Objects.requireNonNull (java.util.Objects.requireNonNull)1 Set (java.util.Set)1 Stream (java.util.stream.Stream)1 Priority (javax.annotation.Priority)1 Inject (javax.inject.Inject)1 ForbiddenException (javax.ws.rs.ForbiddenException)1 AUTHENTICATION (javax.ws.rs.Priorities.AUTHENTICATION)1 ContainerRequestContext (javax.ws.rs.container.ContainerRequestContext)1 ContainerRequestFilter (javax.ws.rs.container.ContainerRequestFilter)1