Search in sources :

Example 1 with RsaPublicKeyLoader

use of org.sdase.commons.server.auth.key.RsaPublicKeyLoader in project sda-dropwizard-commons by SDA-SE.

the class AuthBundle method run.

@Override
public void run(T configuration, Environment environment) {
    AuthConfig config = configProvider.apply(configuration);
    if (config.isDisableAuth()) {
        LOG.warn("Authentication is disabled. This setting should NEVER be used in production.");
    }
    Tracer currentTracer = tracer == null ? GlobalTracer.get() : tracer;
    Client client = createKeyLoaderClient(environment, config, currentTracer);
    RsaPublicKeyLoader keyLoader = new RsaPublicKeyLoader();
    config.getKeys().stream().map(k -> this.createKeySources(k, client)).forEach(keyLoader::addKeySource);
    ScheduledExecutorService executorService = environment.lifecycle().scheduledExecutorService("reloadKeysExecutorService").build();
    RsaKeyLoaderScheduler.create(keyLoader, executorService).start();
    AuthService authRSA256Service = new AuthRSA256Service(keyLoader, config.getLeeway());
    JwtAuthenticator authenticator = new JwtAuthenticator(authRSA256Service, config.isDisableAuth());
    JwtAuthFilter<JwtPrincipal> authFilter = new JwtAuthFilter.Builder<JwtPrincipal>().withTracer(currentTracer).setAcceptAnonymous(!useAnnotatedAuthorization).setAuthenticator(authenticator).buildAuthFilter();
    if (useAnnotatedAuthorization) {
        // Use the AuthDynamicFeature to only affect endpoints that are
        // annotated
        environment.jersey().register(new AuthDynamicFeature(authFilter));
    } else {
        // Apply the filter for all calls
        environment.jersey().register(authFilter);
    }
    environment.jersey().register(JwtAuthExceptionMapper.class);
    environment.jersey().register(ForbiddenExceptionMapper.class);
}
Also used : KeySource(org.sdase.commons.server.auth.key.KeySource) OpenIdProviderDiscoveryKeySource(org.sdase.commons.server.auth.key.OpenIdProviderDiscoveryKeySource) ClientTracingUtil.registerTracing(org.sdase.commons.server.opentracing.client.ClientTracingUtil.registerTracing) Bootstrap(io.dropwizard.setup.Bootstrap) JwtAuthenticator(org.sdase.commons.server.auth.service.JwtAuthenticator) URISyntaxException(java.net.URISyntaxException) AuthDynamicFeature(io.dropwizard.auth.AuthDynamicFeature) Client(javax.ws.rs.client.Client) LoggerFactory(org.slf4j.LoggerFactory) ForbiddenExceptionMapper(org.sdase.commons.server.auth.error.ForbiddenExceptionMapper) RsaPublicKeyLoader(org.sdase.commons.server.auth.key.RsaPublicKeyLoader) StringUtils(org.apache.commons.lang3.StringUtils) ProxySelector(java.net.ProxySelector) AuthConfig(org.sdase.commons.server.auth.config.AuthConfig) Configuration(io.dropwizard.Configuration) ConfiguredBundle(io.dropwizard.ConfiguredBundle) AuthService(org.sdase.commons.server.auth.service.AuthService) ScheduledExecutorService(java.util.concurrent.ScheduledExecutorService) SystemDefaultRoutePlanner(org.apache.http.impl.conn.SystemDefaultRoutePlanner) RsaKeyLoaderScheduler(org.sdase.commons.server.auth.key.RsaKeyLoaderScheduler) URI(java.net.URI) Environment(io.dropwizard.setup.Environment) JwtAuthExceptionMapper(org.sdase.commons.server.auth.error.JwtAuthExceptionMapper) Logger(org.slf4j.Logger) Tracer(io.opentracing.Tracer) KeyLocation(org.sdase.commons.server.auth.config.KeyLocation) JwksKeySource(org.sdase.commons.server.auth.key.JwksKeySource) GlobalTracer(io.opentracing.util.GlobalTracer) JerseyClientBuilder(io.dropwizard.client.JerseyClientBuilder) AuthConfigProvider(org.sdase.commons.server.auth.config.AuthConfigProvider) AuthRSA256Service(org.sdase.commons.server.auth.service.AuthRSA256Service) PemKeySource(org.sdase.commons.server.auth.key.PemKeySource) JwtAuthFilter(org.sdase.commons.server.auth.filter.JwtAuthFilter) ScheduledExecutorService(java.util.concurrent.ScheduledExecutorService) Tracer(io.opentracing.Tracer) GlobalTracer(io.opentracing.util.GlobalTracer) JerseyClientBuilder(io.dropwizard.client.JerseyClientBuilder) AuthRSA256Service(org.sdase.commons.server.auth.service.AuthRSA256Service) AuthConfig(org.sdase.commons.server.auth.config.AuthConfig) RsaPublicKeyLoader(org.sdase.commons.server.auth.key.RsaPublicKeyLoader) AuthService(org.sdase.commons.server.auth.service.AuthService) JwtAuthenticator(org.sdase.commons.server.auth.service.JwtAuthenticator) Client(javax.ws.rs.client.Client) AuthDynamicFeature(io.dropwizard.auth.AuthDynamicFeature)

Example 2 with RsaPublicKeyLoader

use of org.sdase.commons.server.auth.key.RsaPublicKeyLoader in project sda-dropwizard-commons by SDA-SE.

the class AuthRSA256ServiceTest method setUp.

@BeforeEach
void setUp() {
    this.keyLoader = new RsaPublicKeyLoader();
    this.service = new AuthRSA256Service(this.keyLoader, 0);
}
Also used : RsaPublicKeyLoader(org.sdase.commons.server.auth.key.RsaPublicKeyLoader) BeforeEach(org.junit.jupiter.api.BeforeEach)

Aggregations

RsaPublicKeyLoader (org.sdase.commons.server.auth.key.RsaPublicKeyLoader)2 Configuration (io.dropwizard.Configuration)1 ConfiguredBundle (io.dropwizard.ConfiguredBundle)1 AuthDynamicFeature (io.dropwizard.auth.AuthDynamicFeature)1 JerseyClientBuilder (io.dropwizard.client.JerseyClientBuilder)1 Bootstrap (io.dropwizard.setup.Bootstrap)1 Environment (io.dropwizard.setup.Environment)1 Tracer (io.opentracing.Tracer)1 GlobalTracer (io.opentracing.util.GlobalTracer)1 ProxySelector (java.net.ProxySelector)1 URI (java.net.URI)1 URISyntaxException (java.net.URISyntaxException)1 ScheduledExecutorService (java.util.concurrent.ScheduledExecutorService)1 Client (javax.ws.rs.client.Client)1 StringUtils (org.apache.commons.lang3.StringUtils)1 SystemDefaultRoutePlanner (org.apache.http.impl.conn.SystemDefaultRoutePlanner)1 BeforeEach (org.junit.jupiter.api.BeforeEach)1 AuthConfig (org.sdase.commons.server.auth.config.AuthConfig)1 AuthConfigProvider (org.sdase.commons.server.auth.config.AuthConfigProvider)1 KeyLocation (org.sdase.commons.server.auth.config.KeyLocation)1