Examples with IdentityProvider org.apache.nifi.registry.security.authentication.IdentityProvider used on opensource projects

Search in sources :

Example 1 with IdentityProvider

use of org.apache.nifi.registry.security.authentication.IdentityProvider in project nifi-registry by apache.

the class AccessResource method createAccessTokenByTryingAllProviders.

/**
 * Creates a token for accessing the REST API.
 *
 * @param httpServletRequest the servlet request
 * @return A JWT (string)
 */
@POST
@Consumes(MediaType.WILDCARD)
@Produces(MediaType.TEXT_PLAIN)
@Path("/token")
@ApiOperation(value = "Creates a token for accessing the REST API via auto-detected method of verifying client identity claim credentials", notes = "The token returned is formatted as a JSON Web Token (JWT). The token is base64 encoded and comprised of three parts. The header, " + "the body, and the signature. The expiration of the token is a contained within the body. The token can be used in the Authorization header " + "in the format 'Authorization: Bearer <token>'.", response = String.class)
@ApiResponses({ @ApiResponse(code = 400, message = HttpStatusMessages.MESSAGE_400), @ApiResponse(code = 401, message = HttpStatusMessages.MESSAGE_401), @ApiResponse(code = 409, message = HttpStatusMessages.MESSAGE_409 + " The NiFi Registry may not be configured to support login with username/password."), @ApiResponse(code = 500, message = HttpStatusMessages.MESSAGE_500) })
public Response createAccessTokenByTryingAllProviders(@Context HttpServletRequest httpServletRequest) {
    // only support access tokens when communicating over HTTPS
    if (!httpServletRequest.isSecure()) {
        throw new IllegalStateException("Access tokens are only issued over HTTPS");
    }
    List<IdentityProvider> identityProviderWaterfall = generateIdentityProviderWaterfall();
    String token = null;
    for (IdentityProvider provider : identityProviderWaterfall) {
        AuthenticationRequest authenticationRequest = identityProvider.extractCredentials(httpServletRequest);
        if (authenticationRequest == null) {
            continue;
        }
        try {
            token = createAccessToken(identityProvider, authenticationRequest);
            break;
        } catch (final InvalidCredentialsException ice) {
            logger.debug("{}: the supplied client credentials are invalid.", identityProvider.getClass().getSimpleName());
            logger.debug("", ice);
        }
    }
    if (StringUtils.isEmpty(token)) {
        List<IdentityProviderUsage.AuthType> acceptableAuthTypes = identityProviderWaterfall.stream().map(IdentityProvider::getUsageInstructions).map(IdentityProviderUsage::getAuthType).filter(Objects::nonNull).distinct().collect(Collectors.toList());
        throw new UnauthorizedException("Client credentials are missing or invalid according to all configured identity providers.").withAuthenticateChallenge(acceptableAuthTypes);
    }
    // build the response
    final URI uri = URI.create(generateResourceUri("access", "token"));
    return generateCreatedResponse(uri, token).build();
}
Also used : InvalidCredentialsException(org.apache.nifi.registry.security.authentication.exception.InvalidCredentialsException) Objects(java.util.Objects) UnauthorizedException(org.apache.nifi.registry.web.exception.UnauthorizedException) KerberosSpnegoIdentityProvider(org.apache.nifi.registry.web.security.authentication.kerberos.KerberosSpnegoIdentityProvider) BasicAuthIdentityProvider(org.apache.nifi.registry.security.authentication.BasicAuthIdentityProvider) X509IdentityProvider(org.apache.nifi.registry.web.security.authentication.x509.X509IdentityProvider) IdentityProvider(org.apache.nifi.registry.security.authentication.IdentityProvider) AuthenticationRequest(org.apache.nifi.registry.security.authentication.AuthenticationRequest) URI(java.net.URI) Path(javax.ws.rs.Path) POST(javax.ws.rs.POST) Consumes(javax.ws.rs.Consumes) Produces(javax.ws.rs.Produces) ApiOperation(io.swagger.annotations.ApiOperation) ApiResponses(io.swagger.annotations.ApiResponses)

Aggregations

ApiOperation (io.swagger.annotations.ApiOperation)1 ApiResponses (io.swagger.annotations.ApiResponses)1 URI (java.net.URI)1 Objects (java.util.Objects)1 Consumes (javax.ws.rs.Consumes)1 POST (javax.ws.rs.POST)1 Path (javax.ws.rs.Path)1 Produces (javax.ws.rs.Produces)1 AuthenticationRequest (org.apache.nifi.registry.security.authentication.AuthenticationRequest)1 BasicAuthIdentityProvider (org.apache.nifi.registry.security.authentication.BasicAuthIdentityProvider)1 IdentityProvider (org.apache.nifi.registry.security.authentication.IdentityProvider)1 InvalidCredentialsException (org.apache.nifi.registry.security.authentication.exception.InvalidCredentialsException)1 UnauthorizedException (org.apache.nifi.registry.web.exception.UnauthorizedException)1 KerberosSpnegoIdentityProvider (org.apache.nifi.registry.web.security.authentication.kerberos.KerberosSpnegoIdentityProvider)1 X509IdentityProvider (org.apache.nifi.registry.web.security.authentication.x509.X509IdentityProvider)1
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial