Example 1 with PasswordOAuth2AuthDecoratorSupplier
use of org.kie.kogito.serverless.workflow.suppliers.PasswordOAuth2AuthDecoratorSupplier in project kogito-runtimes by kiegroup.
the class DescriptorRestOperationHandler method addSecurity.
private void addSecurity(WorkItemNodeFactory<?> node, OpenAPIDescriptor openAPI, String serviceName) {
Collection<Supplier<Expression>> authDecorators = new ArrayList<>();
for (SecurityScheme scheme : openAPI.getSchemes()) {
switch(scheme.getType()) {
case APIKEY:
authDecorators.add(new ApiKeyAuthDecoratorSupplier(scheme.getName(), from(scheme.getIn())));
node.workParameter(ApiKeyAuthDecorator.KEY_PREFIX, runtimeOpenApi(serviceName, API_KEY_PREFIX, parserContext.getContext())).workParameter(ApiKeyAuthDecorator.KEY, runtimeOpenApi(serviceName, API_KEY, parserContext.getContext()));
break;
case HTTP:
if (scheme.getScheme().equals("bearer")) {
authDecorators.add(new BearerTokenAuthDecoratorSupplier());
node.workParameter(RestWorkItemHandler.AUTH_METHOD, new BearerTokenAuthDecorator()).workParameter(BearerTokenAuthDecorator.BEARER_TOKEN, runtimeOpenApi(serviceName, ACCESS_TOKEN, parserContext.getContext()));
} else if (scheme.getScheme().equals("basic")) {
authDecorators.add(new BasicAuthDecoratorSupplier());
node.workParameter(RestWorkItemHandler.USER, runtimeOpenApi(serviceName, USER_PROP, parserContext.getContext())).workParameter(RestWorkItemHandler.PASSWORD, runtimeOpenApi(serviceName, PASSWORD_PROP, parserContext.getContext()));
}
break;
case OAUTH2:
// only support client and password credentials
if (scheme.getFlows().getClientCredentials() != null) {
authDecorators.add(new ClientOAuth2AuthDecoratorSupplier(scheme.getFlows().getClientCredentials().getTokenUrl(), scheme.getFlows().getClientCredentials().getRefreshUrl()));
node.workParameter(ClientOAuth2AuthDecorator.CLIENT_ID, runtimeOpenApi(serviceName, "client_id", parserContext.getContext())).workParameter(ClientOAuth2AuthDecorator.CLIENT_SECRET, runtimeOpenApi(serviceName, "client_secret", parserContext.getContext()));
} else if (scheme.getFlows().getPassword() != null) {
authDecorators.add(new PasswordOAuth2AuthDecoratorSupplier(scheme.getFlows().getPassword().getTokenUrl(), scheme.getFlows().getPassword().getRefreshUrl()));
node.workParameter(RestWorkItemHandler.USER, runtimeOpenApi(serviceName, USER_PROP, parserContext.getContext())).workParameter(RestWorkItemHandler.PASSWORD, runtimeOpenApi(serviceName, PASSWORD_PROP, parserContext.getContext()));
} else if (scheme.getFlows().getAuthorizationCode() != null) {
logger.warn("Unsupported scheme type {} for authorization code flow {}", scheme.getType(), scheme.getFlows().getAuthorizationCode());
} else if (scheme.getFlows().getImplicit() != null) {
logger.warn("Unsupported scheme type {} for implicit flow {}", scheme.getType(), scheme.getFlows().getImplicit());
}
break;
default:
logger.warn("Unsupported scheme type {}", scheme.getType());
}
}
if (!authDecorators.isEmpty()) {
node.workParameter(RestWorkItemHandler.AUTH_METHOD, authDecorators);
}
}
Also used :
ApiKeyAuthDecoratorSupplier(org.kie.kogito.serverless.workflow.suppliers.ApiKeyAuthDecoratorSupplier)
ClientOAuth2AuthDecoratorSupplier(org.kie.kogito.serverless.workflow.suppliers.ClientOAuth2AuthDecoratorSupplier)
PasswordOAuth2AuthDecoratorSupplier(org.kie.kogito.serverless.workflow.suppliers.PasswordOAuth2AuthDecoratorSupplier)
BearerTokenAuthDecorator(org.kogito.workitem.rest.auth.BearerTokenAuthDecorator)
ArrayList(java.util.ArrayList)
BearerTokenAuthDecoratorSupplier(org.kie.kogito.serverless.workflow.suppliers.BearerTokenAuthDecoratorSupplier)
CollectionParamsDecoratorSupplier(org.kie.kogito.serverless.workflow.suppliers.CollectionParamsDecoratorSupplier)
PasswordOAuth2AuthDecoratorSupplier(org.kie.kogito.serverless.workflow.suppliers.PasswordOAuth2AuthDecoratorSupplier)
ConfigSuppliedWorkItemSupplier(org.kie.kogito.serverless.workflow.suppliers.ConfigSuppliedWorkItemSupplier)
Supplier(java.util.function.Supplier)
ApiKeyAuthDecoratorSupplier(org.kie.kogito.serverless.workflow.suppliers.ApiKeyAuthDecoratorSupplier)
BasicAuthDecoratorSupplier(org.kie.kogito.serverless.workflow.suppliers.BasicAuthDecoratorSupplier)
ClientOAuth2AuthDecoratorSupplier(org.kie.kogito.serverless.workflow.suppliers.ClientOAuth2AuthDecoratorSupplier)
BearerTokenAuthDecoratorSupplier(org.kie.kogito.serverless.workflow.suppliers.BearerTokenAuthDecoratorSupplier)
BasicAuthDecoratorSupplier(org.kie.kogito.serverless.workflow.suppliers.BasicAuthDecoratorSupplier)
SecurityScheme(io.swagger.v3.oas.models.security.SecurityScheme)
Aggregations
SecurityScheme (io.swagger.v3.oas.models.security.SecurityScheme)1
ArrayList (java.util.ArrayList)1
Supplier (java.util.function.Supplier)1
ApiKeyAuthDecoratorSupplier (org.kie.kogito.serverless.workflow.suppliers.ApiKeyAuthDecoratorSupplier)1
BasicAuthDecoratorSupplier (org.kie.kogito.serverless.workflow.suppliers.BasicAuthDecoratorSupplier)1
BearerTokenAuthDecoratorSupplier (org.kie.kogito.serverless.workflow.suppliers.BearerTokenAuthDecoratorSupplier)1
ClientOAuth2AuthDecoratorSupplier (org.kie.kogito.serverless.workflow.suppliers.ClientOAuth2AuthDecoratorSupplier)1
CollectionParamsDecoratorSupplier (org.kie.kogito.serverless.workflow.suppliers.CollectionParamsDecoratorSupplier)1
ConfigSuppliedWorkItemSupplier (org.kie.kogito.serverless.workflow.suppliers.ConfigSuppliedWorkItemSupplier)1
PasswordOAuth2AuthDecoratorSupplier (org.kie.kogito.serverless.workflow.suppliers.PasswordOAuth2AuthDecoratorSupplier)1
BearerTokenAuthDecorator (org.kogito.workitem.rest.auth.BearerTokenAuthDecorator)1
