static AuthenticatorConfiguration fromConfig(Config config, String serviceName) { final String domainWhitelistKey = "styx.authentication.domain-whitelist"; final String resourceWhitelistKey = "styx.authentication.resource-whitelist"; final AuthenticatorConfigurationBuilder builder = AuthenticatorConfiguration.builder() .service(serviceName); get(config, config::getStringList, domainWhitelistKey).ifPresent(builder::domainWhitelist); get(config, config::getConfigList, resourceWhitelistKey).ifPresent(resourceWhitelist -> builder.resourceWhitelist(resourceWhitelist.stream() .map(item -> new ResourceId() .setType(item.getString("type")) .setId(item.getString("id"))) .collect(Collectors.toSet()))); return builder.build(); } }
Authenticator(GoogleIdTokenVerifier googleIdTokenVerifier, CloudResourceManager cloudResourceManager, Iam iam, AuthenticatorConfiguration configuration) { this.googleIdTokenVerifier = Objects.requireNonNull(googleIdTokenVerifier, "googleIdTokenVerifier"); this.cloudResourceManager = Objects.requireNonNull(cloudResourceManager, "cloudResourceManager"); this.iam = Objects.requireNonNull(iam, "iam"); this.domainWhitelist = configuration.domainWhitelist(); this.resourceWhitelist = configuration.resourceWhitelist(); }
authenticatorFactory.apply(AuthenticatorConfiguration.fromConfig(config, serviceName))); environment.routingEngine() .registerAutoRoute(Route.sync("GET", "/ping", rc -> "pong"))
@Override public Authenticator apply(AuthenticatorConfiguration configuration) { final HttpTransport httpTransport; try { httpTransport = GoogleNetHttpTransport.newTrustedTransport(); } catch (GeneralSecurityException | IOException e) { throw new RuntimeException(e); } final JsonFactory jsonFactory = Utils.getDefaultJsonFactory(); final GoogleIdTokenVerifier googleIdTokenVerifier = buildGoogleIdTokenVerifier(httpTransport, jsonFactory); final GoogleCredential credential = loadCredential(); final CloudResourceManager cloudResourceManager = buildCloudResourceManager(httpTransport, jsonFactory, credential, configuration.service()); final Iam iam = buildIam(httpTransport, jsonFactory, credential, configuration.service()); final Authenticator validator = new Authenticator(googleIdTokenVerifier, cloudResourceManager, iam, configuration); try { validator.cacheResources(); } catch (IOException e) { throw new RuntimeException(e); } return validator; } }
AuthenticatorConfiguration.fromConfig(config, serviceName)));