Example 1 with MCRRestAPIAuthentication
use of org.mycore.restapi.v1.MCRRestAPIAuthentication in project mycore by MyCoRe-Org.
the class MCRSessionFilter method addJWTToResponse.
/**
* If request was authenticated via JSON Web Token add a new token if <code>aud</code> was
* {@link MCRRestAPIAuthentication#AUDIENCE}.
*
* If the response has a status code that represents a client error (4xx), the JSON Web Token is ommited.
* If the response already has a JSON Web Token no changes are made.
*/
private static void addJWTToResponse(ContainerRequestContext requestContext, ContainerResponseContext responseContext) {
MCRSession currentSession = MCRSessionMgr.getCurrentSession();
boolean renewJWT = Optional.ofNullable(requestContext.getProperty(PROP_RENEW_JWT)).map(Boolean.class::cast).orElse(Boolean.FALSE);
Optional.ofNullable(requestContext.getHeaderString(HttpHeaders.AUTHORIZATION)).filter(s -> s.startsWith("Bearer ")).filter(s -> !responseContext.getStatusInfo().getFamily().equals(Response.Status.Family.CLIENT_ERROR)).filter(s -> responseContext.getHeaderString(HttpHeaders.AUTHORIZATION) == null).map(h -> renewJWT ? ("Bearer " + MCRRestAPIAuthentication.getToken(currentSession, currentSession.getCurrentIP()).orElseThrow(() -> new InternalServerErrorException("Could not get JSON Web Token"))) : h).ifPresent(h -> {
responseContext.getHeaders().putSingle(HttpHeaders.AUTHORIZATION, h);
// Authorization header may never be cached in public caches
Optional.ofNullable(requestContext.getHeaderString(HttpHeaders.CACHE_CONTROL)).map(RuntimeDelegate.getInstance().createHeaderDelegate(CacheControl.class)::fromString).filter(cc -> !cc.isPrivate()).ifPresent(cc -> {
cc.setPrivate(true);
responseContext.getHeaders().putSingle(HttpHeaders.CACHE_CONTROL, cc);
});
});
}
Also used :
JWT(com.auth0.jwt.JWT)
Arrays(java.util.Arrays)
Context(jakarta.ws.rs.core.Context)
HttpServletRequest(jakarta.servlet.http.HttpServletRequest)
DecodedJWT(com.auth0.jwt.interfaces.DecodedJWT)
MCRUser(org.mycore.user2.MCRUser)
MCRRestAPIAuthentication(org.mycore.restapi.v1.MCRRestAPIAuthentication)
LinkedHashMap(java.util.LinkedHashMap)
Response(jakarta.ws.rs.core.Response)
SecurityContext(jakarta.ws.rs.core.SecurityContext)
MCRJWTUtil(org.mycore.frontend.jersey.MCRJWTUtil)
ContainerRequestFilter(jakarta.ws.rs.container.ContainerRequestFilter)
Map(java.util.Map)
ContainerResponseContext(jakarta.ws.rs.container.ContainerResponseContext)
ContainerResponseFilter(jakarta.ws.rs.container.ContainerResponseFilter)
Priority(jakarta.annotation.Priority)
MCRTransactionHelper(org.mycore.common.MCRTransactionHelper)
Claim(com.auth0.jwt.interfaces.Claim)
InternalServerErrorException(jakarta.ws.rs.InternalServerErrorException)
JWTVerificationException(com.auth0.jwt.exceptions.JWTVerificationException)
MCRUserInformation(org.mycore.common.MCRUserInformation)
CacheControl(jakarta.ws.rs.core.CacheControl)
NotAuthorizedException(jakarta.ws.rs.NotAuthorizedException)
MCRConfiguration2(org.mycore.common.config.MCRConfiguration2)
IOException(java.io.IOException)
MCRUserManager(org.mycore.user2.MCRUserManager)
MCRFrontendUtil(org.mycore.frontend.MCRFrontendUtil)
Provider(jakarta.ws.rs.ext.Provider)
UnknownHostException(java.net.UnknownHostException)
Collectors(java.util.stream.Collectors)
ProxyOutputStream(org.apache.commons.io.output.ProxyOutputStream)
StandardCharsets(java.nio.charset.StandardCharsets)
Priorities(jakarta.ws.rs.Priorities)
RuntimeDelegate(jakarta.ws.rs.ext.RuntimeDelegate)
MCRJWTResource(org.mycore.frontend.jersey.resources.MCRJWTResource)
Base64(java.util.Base64)
List(java.util.List)
Principal(java.security.Principal)
Logger(org.apache.logging.log4j.Logger)
MCRSystemUserInformation(org.mycore.common.MCRSystemUserInformation)
ContainerRequestContext(jakarta.ws.rs.container.ContainerRequestContext)
MCRSession(org.mycore.common.MCRSession)
MCRRestAPIUtil(org.mycore.restapi.v1.utils.MCRRestAPIUtil)
HttpHeaders(jakarta.ws.rs.core.HttpHeaders)
MCRSessionMgr(org.mycore.common.MCRSessionMgr)
Optional(java.util.Optional)
Application(jakarta.ws.rs.core.Application)
LogManager(org.apache.logging.log4j.LogManager)
MCRSession(org.mycore.common.MCRSession)
InternalServerErrorException(jakarta.ws.rs.InternalServerErrorException)
Aggregations
JWT (com.auth0.jwt.JWT)1
JWTVerificationException (com.auth0.jwt.exceptions.JWTVerificationException)1
Claim (com.auth0.jwt.interfaces.Claim)1
DecodedJWT (com.auth0.jwt.interfaces.DecodedJWT)1
Priority (jakarta.annotation.Priority)1
HttpServletRequest (jakarta.servlet.http.HttpServletRequest)1
InternalServerErrorException (jakarta.ws.rs.InternalServerErrorException)1
NotAuthorizedException (jakarta.ws.rs.NotAuthorizedException)1
Priorities (jakarta.ws.rs.Priorities)1
ContainerRequestContext (jakarta.ws.rs.container.ContainerRequestContext)1
ContainerRequestFilter (jakarta.ws.rs.container.ContainerRequestFilter)1
ContainerResponseContext (jakarta.ws.rs.container.ContainerResponseContext)1
ContainerResponseFilter (jakarta.ws.rs.container.ContainerResponseFilter)1
Application (jakarta.ws.rs.core.Application)1
CacheControl (jakarta.ws.rs.core.CacheControl)1
Context (jakarta.ws.rs.core.Context)1
HttpHeaders (jakarta.ws.rs.core.HttpHeaders)1
Response (jakarta.ws.rs.core.Response)1
SecurityContext (jakarta.ws.rs.core.SecurityContext)1
Provider (jakarta.ws.rs.ext.Provider)1
