Search in sources :

Example 1 with DefaultAuthFilter

use of org.broadinstitute.consent.http.authentication.DefaultAuthFilter in project consent by DataBiosphere.

the class ConsentApplication method run.

@Override
public void run(ConsentConfiguration config, Environment env) {
    try {
        initializeLiquibase(config);
    } catch (LiquibaseException | SQLException e) {
        LOGGER.error("Exception initializing liquibase: " + e);
    }
    // TODO: Update all services to use an injector.
    // Previously, this code was working around a dropwizard+Guice issue with singletons and JDBI.
    final Injector injector = Guice.createInjector(new ConsentModule(config, env));
    // Clients
    final HttpClientUtil clientUtil = new HttpClientUtil();
    final GCSStore googleStore = injector.getProvider(GCSStore.class).get();
    // Services
    final ApprovalExpirationTimeService approvalExpirationTimeService = injector.getProvider(ApprovalExpirationTimeService.class).get();
    final ConsentService consentService = injector.getProvider(ConsentService.class).get();
    final DarCollectionService darCollectionService = injector.getProvider(DarCollectionService.class).get();
    final DacService dacService = injector.getProvider(DacService.class).get();
    final DataAccessRequestService dataAccessRequestService = injector.getProvider(DataAccessRequestService.class).get();
    final DatasetAssociationService datasetAssociationService = injector.getProvider(DatasetAssociationService.class).get();
    final DatasetService datasetService = injector.getProvider(DatasetService.class).get();
    final ElectionService electionService = injector.getProvider(ElectionService.class).get();
    final EmailNotifierService emailNotifierService = injector.getProvider(EmailNotifierService.class).get();
    final GCSService gcsService = injector.getProvider(GCSService.class).get();
    final InstitutionService institutionService = injector.getProvider(InstitutionService.class).get();
    final MetricsService metricsService = injector.getProvider(MetricsService.class).get();
    final PendingCaseService pendingCaseService = injector.getProvider(PendingCaseService.class).get();
    final UserService userService = injector.getProvider(UserService.class).get();
    final VoteService voteService = injector.getProvider(VoteService.class).get();
    final AuditService auditService = injector.getProvider(AuditService.class).get();
    final SummaryService summaryService = injector.getProvider(SummaryService.class).get();
    final ReviewResultsService reviewResultsService = injector.getProvider(ReviewResultsService.class).get();
    final UseRestrictionValidator useRestrictionValidator = injector.getProvider(UseRestrictionValidator.class).get();
    final MatchService matchService = injector.getProvider(MatchService.class).get();
    final OAuthAuthenticator authenticator = injector.getProvider(OAuthAuthenticator.class).get();
    final LibraryCardService libraryCardService = injector.getProvider(LibraryCardService.class).get();
    final SamService samService = injector.getProvider(SamService.class).get();
    System.setProperty("sun.net.http.allowRestrictedHeaders", "true");
    configureCors(env);
    // Health Checks
    env.healthChecks().register(GCS_CHECK, new GCSHealthCheck(gcsService));
    env.healthChecks().register(ES_CHECK, new ElasticSearchHealthCheck(config.getElasticSearchConfiguration()));
    env.healthChecks().register(ONTOLOGY_CHECK, new OntologyHealthCheck(clientUtil, config.getServicesConfiguration()));
    env.healthChecks().register(SAM_CHECK, new SamHealthCheck(clientUtil, config.getServicesConfiguration()));
    env.healthChecks().register(SG_CHECK, new SendGridHealthCheck(clientUtil, config.getMailConfiguration()));
    final StoreOntologyService storeOntologyService = new StoreOntologyService(googleStore, config.getStoreOntologyConfiguration().getBucketSubdirectory(), config.getStoreOntologyConfiguration().getConfigurationFileName());
    final ResearcherService researcherService = injector.getProvider(ResearcherService.class).get();
    final NihService nihService = injector.getProvider(NihService.class).get();
    final IndexOntologyService indexOntologyService = new IndexOntologyService(config.getElasticSearchConfiguration());
    final IndexerService indexerService = new IndexerServiceImpl(storeOntologyService, indexOntologyService);
    // Custom Error handling. Expand to include other codes when necessary
    final ErrorPageErrorHandler errorHandler = new ErrorPageErrorHandler();
    errorHandler.addErrorPage(404, "/error/404");
    env.getApplicationContext().setErrorHandler(errorHandler);
    env.jersey().register(ResponseServerFilter.class);
    env.jersey().register(ErrorResource.class);
    // Register standard application resources.
    env.jersey().register(new ApprovalExpirationTimeResource(approvalExpirationTimeService, userService));
    env.jersey().register(new DataAccessRequestResourceVersion2(dataAccessRequestService, emailNotifierService, gcsService, userService, matchService));
    env.jersey().register(new DataAccessRequestResource(dataAccessRequestService, userService, consentService, electionService));
    env.jersey().register(new DatasetResource(consentService, datasetService, userService, dataAccessRequestService));
    env.jersey().register(new DatasetAssociationsResource(datasetAssociationService));
    env.jersey().register(new ConsentResource(auditService, userService, consentService, matchService, useRestrictionValidator));
    env.jersey().register(new ConsentAssociationResource(consentService, userService));
    env.jersey().register(new ConsentElectionResource(consentService, dacService, emailNotifierService, voteService, electionService));
    env.jersey().register(new ConsentManageResource(consentService));
    env.jersey().register(new ConsentVoteResource(emailNotifierService, electionService, voteService));
    env.jersey().register(new ConsentCasesResource(electionService, pendingCaseService, summaryService));
    env.jersey().register(new DacResource(dacService, userService));
    env.jersey().register(new DACUserResource(userService));
    env.jersey().register(new DarCollectionResource(dataAccessRequestService, darCollectionService, userService));
    env.jersey().register(new DataRequestElectionResource(dataAccessRequestService, emailNotifierService, summaryService, voteService, electionService));
    env.jersey().register(new DataRequestVoteResource(dataAccessRequestService, datasetAssociationService, emailNotifierService, voteService, datasetService, electionService, userService));
    env.jersey().register(new DataRequestCasesResource(electionService, pendingCaseService, summaryService));
    env.jersey().register(new DataRequestReportsResource(dataAccessRequestService));
    env.jersey().register(new DataUseLetterResource(auditService, googleStore, userService, consentService));
    env.jersey().register(new ElectionResource(voteService, electionService));
    env.jersey().register(new ElectionReviewResource(dataAccessRequestService, consentService, electionService, reviewResultsService));
    env.jersey().register(new EmailNotifierResource(emailNotifierService));
    env.jersey().register(new IndexerResource(indexerService, googleStore));
    env.jersey().register(new InstitutionResource(userService, institutionService));
    env.jersey().register(new LibraryCardResource(userService, libraryCardService));
    env.jersey().register(new MatchResource(matchService));
    env.jersey().register(new MetricsResource(metricsService));
    env.jersey().register(new NihAccountResource(nihService, userService));
    env.jersey().register(new ResearcherResource(researcherService));
    env.jersey().register(new SamResource(samService));
    env.jersey().register(new SwaggerResource(config.getGoogleAuthentication()));
    env.jersey().register(new StatusResource(env.healthChecks()));
    env.jersey().register(new UserResource(researcherService, samService, userService));
    env.jersey().register(new TosResource(samService));
    env.jersey().register(injector.getInstance(VersionResource.class));
    env.jersey().register(new VoteResource(userService, voteService));
    // Authentication filters
    final UserRoleDAO userRoleDAO = injector.getProvider(UserRoleDAO.class).get();
    AuthFilter defaultAuthFilter = new DefaultAuthFilter.Builder<AuthUser>().setAuthenticator(new DefaultAuthenticator()).setRealm(" ").buildAuthFilter();
    List<AuthFilter> filters = Lists.newArrayList(defaultAuthFilter, new BasicCustomAuthFilter(new BasicAuthenticator(config.getBasicAuthentication())), new OAuthCustomAuthFilter(authenticator, userRoleDAO));
    env.jersey().register(new AuthDynamicFeature(new ChainedAuthFilter(filters)));
    env.jersey().register(RolesAllowedDynamicFeature.class);
    env.jersey().register(new AuthValueFactoryProvider.Binder<>(AuthUser.class));
}
Also used : ApprovalExpirationTimeResource(org.broadinstitute.consent.http.resources.ApprovalExpirationTimeResource) UseRestrictionValidator(org.broadinstitute.consent.http.service.UseRestrictionValidator) ConsentElectionResource(org.broadinstitute.consent.http.resources.ConsentElectionResource) DacResource(org.broadinstitute.consent.http.resources.DacResource) NihAccountResource(org.broadinstitute.consent.http.resources.NihAccountResource) DataRequestCasesResource(org.broadinstitute.consent.http.resources.DataRequestCasesResource) ConsentService(org.broadinstitute.consent.http.service.ConsentService) VersionResource(org.broadinstitute.consent.http.resources.VersionResource) AuthValueFactoryProvider(io.dropwizard.auth.AuthValueFactoryProvider) DatasetService(org.broadinstitute.consent.http.service.DatasetService) DefaultAuthFilter(org.broadinstitute.consent.http.authentication.DefaultAuthFilter) BasicCustomAuthFilter(org.broadinstitute.consent.http.authentication.BasicCustomAuthFilter) OAuthCustomAuthFilter(org.broadinstitute.consent.http.authentication.OAuthCustomAuthFilter) AuthFilter(io.dropwizard.auth.AuthFilter) ChainedAuthFilter(io.dropwizard.auth.chained.ChainedAuthFilter) AuthUser(org.broadinstitute.consent.http.models.AuthUser) IndexerService(org.broadinstitute.consent.http.service.ontology.IndexerService) ConsentVoteResource(org.broadinstitute.consent.http.resources.ConsentVoteResource) LibraryCardService(org.broadinstitute.consent.http.service.LibraryCardService) ElasticSearchHealthCheck(org.broadinstitute.consent.http.health.ElasticSearchHealthCheck) BasicAuthenticator(org.broadinstitute.consent.http.authentication.BasicAuthenticator) PendingCaseService(org.broadinstitute.consent.http.service.PendingCaseService) ChainedAuthFilter(io.dropwizard.auth.chained.ChainedAuthFilter) Injector(com.google.inject.Injector) DatasetAssociationsResource(org.broadinstitute.consent.http.resources.DatasetAssociationsResource) DataRequestElectionResource(org.broadinstitute.consent.http.resources.DataRequestElectionResource) MatchService(org.broadinstitute.consent.http.service.MatchService) ResearcherResource(org.broadinstitute.consent.http.resources.ResearcherResource) ConsentVoteResource(org.broadinstitute.consent.http.resources.ConsentVoteResource) VoteResource(org.broadinstitute.consent.http.resources.VoteResource) DataRequestVoteResource(org.broadinstitute.consent.http.resources.DataRequestVoteResource) AuthDynamicFeature(io.dropwizard.auth.AuthDynamicFeature) AuditService(org.broadinstitute.consent.http.service.AuditService) DataUseLetterResource(org.broadinstitute.consent.http.resources.DataUseLetterResource) DarCollectionResource(org.broadinstitute.consent.http.resources.DarCollectionResource) MetricsResource(org.broadinstitute.consent.http.resources.MetricsResource) DarCollectionService(org.broadinstitute.consent.http.service.DarCollectionService) BasicCustomAuthFilter(org.broadinstitute.consent.http.authentication.BasicCustomAuthFilter) UserResource(org.broadinstitute.consent.http.resources.UserResource) DACUserResource(org.broadinstitute.consent.http.resources.DACUserResource) ConsentResource(org.broadinstitute.consent.http.resources.ConsentResource) StoreOntologyService(org.broadinstitute.consent.http.service.ontology.StoreOntologyService) ConsentAssociationResource(org.broadinstitute.consent.http.resources.ConsentAssociationResource) UserRoleDAO(org.broadinstitute.consent.http.db.UserRoleDAO) DataAccessRequestResourceVersion2(org.broadinstitute.consent.http.resources.DataAccessRequestResourceVersion2) LibraryCardResource(org.broadinstitute.consent.http.resources.LibraryCardResource) GCSStore(org.broadinstitute.consent.http.cloudstore.GCSStore) ApprovalExpirationTimeService(org.broadinstitute.consent.http.service.ApprovalExpirationTimeService) ConsentCasesResource(org.broadinstitute.consent.http.resources.ConsentCasesResource) DataRequestReportsResource(org.broadinstitute.consent.http.resources.DataRequestReportsResource) DataAccessRequestService(org.broadinstitute.consent.http.service.DataAccessRequestService) DatasetAssociationService(org.broadinstitute.consent.http.service.DatasetAssociationService) OAuthAuthenticator(org.broadinstitute.consent.http.authentication.OAuthAuthenticator) DatasetResource(org.broadinstitute.consent.http.resources.DatasetResource) ResearcherService(org.broadinstitute.consent.http.service.ResearcherService) IndexOntologyService(org.broadinstitute.consent.http.service.ontology.IndexOntologyService) MatchResource(org.broadinstitute.consent.http.resources.MatchResource) SwaggerResource(org.broadinstitute.consent.http.resources.SwaggerResource) TosResource(org.broadinstitute.consent.http.resources.TosResource) DefaultAuthFilter(org.broadinstitute.consent.http.authentication.DefaultAuthFilter) ReviewResultsService(org.broadinstitute.consent.http.service.ReviewResultsService) IndexerResource(org.broadinstitute.consent.http.resources.IndexerResource) ErrorPageErrorHandler(org.eclipse.jetty.servlet.ErrorPageErrorHandler) SQLException(java.sql.SQLException) OAuthCustomAuthFilter(org.broadinstitute.consent.http.authentication.OAuthCustomAuthFilter) InstitutionService(org.broadinstitute.consent.http.service.InstitutionService) ElectionReviewResource(org.broadinstitute.consent.http.resources.ElectionReviewResource) VoteService(org.broadinstitute.consent.http.service.VoteService) SummaryService(org.broadinstitute.consent.http.service.SummaryService) IndexerServiceImpl(org.broadinstitute.consent.http.service.ontology.IndexerServiceImpl) StatusResource(org.broadinstitute.consent.http.resources.StatusResource) SamResource(org.broadinstitute.consent.http.resources.SamResource) OntologyHealthCheck(org.broadinstitute.consent.http.health.OntologyHealthCheck) ConsentManageResource(org.broadinstitute.consent.http.resources.ConsentManageResource) SamHealthCheck(org.broadinstitute.consent.http.health.SamHealthCheck) InstitutionResource(org.broadinstitute.consent.http.resources.InstitutionResource) DataAccessRequestResource(org.broadinstitute.consent.http.resources.DataAccessRequestResource) GCSHealthCheck(org.broadinstitute.consent.http.health.GCSHealthCheck) HttpClientUtil(org.broadinstitute.consent.http.util.HttpClientUtil) NihService(org.broadinstitute.consent.http.service.NihService) EmailNotifierResource(org.broadinstitute.consent.http.resources.EmailNotifierResource) MetricsService(org.broadinstitute.consent.http.service.MetricsService) UserService(org.broadinstitute.consent.http.service.UserService) DefaultAuthenticator(org.broadinstitute.consent.http.authentication.DefaultAuthenticator) DACUserResource(org.broadinstitute.consent.http.resources.DACUserResource) DataRequestVoteResource(org.broadinstitute.consent.http.resources.DataRequestVoteResource) SamService(org.broadinstitute.consent.http.service.sam.SamService) DacService(org.broadinstitute.consent.http.service.DacService) SendGridHealthCheck(org.broadinstitute.consent.http.health.SendGridHealthCheck) ElectionResource(org.broadinstitute.consent.http.resources.ElectionResource) DataRequestElectionResource(org.broadinstitute.consent.http.resources.DataRequestElectionResource) ConsentElectionResource(org.broadinstitute.consent.http.resources.ConsentElectionResource) LiquibaseException(liquibase.exception.LiquibaseException) EmailNotifierService(org.broadinstitute.consent.http.service.EmailNotifierService) GCSService(org.broadinstitute.consent.http.cloudstore.GCSService) ElectionService(org.broadinstitute.consent.http.service.ElectionService)

Aggregations

Injector (com.google.inject.Injector)1 AuthDynamicFeature (io.dropwizard.auth.AuthDynamicFeature)1 AuthFilter (io.dropwizard.auth.AuthFilter)1 AuthValueFactoryProvider (io.dropwizard.auth.AuthValueFactoryProvider)1 ChainedAuthFilter (io.dropwizard.auth.chained.ChainedAuthFilter)1 SQLException (java.sql.SQLException)1 LiquibaseException (liquibase.exception.LiquibaseException)1 BasicAuthenticator (org.broadinstitute.consent.http.authentication.BasicAuthenticator)1 BasicCustomAuthFilter (org.broadinstitute.consent.http.authentication.BasicCustomAuthFilter)1 DefaultAuthFilter (org.broadinstitute.consent.http.authentication.DefaultAuthFilter)1 DefaultAuthenticator (org.broadinstitute.consent.http.authentication.DefaultAuthenticator)1 OAuthAuthenticator (org.broadinstitute.consent.http.authentication.OAuthAuthenticator)1 OAuthCustomAuthFilter (org.broadinstitute.consent.http.authentication.OAuthCustomAuthFilter)1 GCSService (org.broadinstitute.consent.http.cloudstore.GCSService)1 GCSStore (org.broadinstitute.consent.http.cloudstore.GCSStore)1 UserRoleDAO (org.broadinstitute.consent.http.db.UserRoleDAO)1 ElasticSearchHealthCheck (org.broadinstitute.consent.http.health.ElasticSearchHealthCheck)1 GCSHealthCheck (org.broadinstitute.consent.http.health.GCSHealthCheck)1 OntologyHealthCheck (org.broadinstitute.consent.http.health.OntologyHealthCheck)1 SamHealthCheck (org.broadinstitute.consent.http.health.SamHealthCheck)1