@Override public Object invoke(MethodInvocation invocation) throws Throwable { RequireToken requireToken = ClassUtil.getAnnotation(invocation.getMethod(), RequireToken.class); String tokenName = requireToken.value(); Context context = RouteDispatcher.getRouteContext(); // extract the named token from a header or a query parameter String token = Strings.emptyToNull(context.getRequest().getHeader(tokenName)); token = Optional.fromNullable(token).or(context.getParameter(tokenName).toString("")); if (Strings.isNullOrEmpty(token)) { throw new AuthorizationException("Missing '{}' token", tokenName); } Account account = getAccount(); if (account.isGuest()) { // authenticate by token TokenCredentials credentials = new TokenCredentials(token); account = securityManager.get().authenticate(credentials); if (account == null) { throw new AuthorizationException("Invalid '{}' value '{}'", tokenName, token); } context.setLocal(AuthConstants.ACCOUNT_ATTRIBUTE, account); log.debug("'{}' account authenticated by token '{}'", account.getUsername(), token); } else { // validate token account.checkToken(token); } return invocation.proceed(); }
@Override protected void setup() { bind(BasicAuthenticationHandler.class); bind(FormAuthenticationHandler.class); Matcher<Class> controllers = subclassesOf(Controller.class); Matcher<Class> notControllers = not(controllers); /* * The grand ControllerInterceptor. */ ControllerInterceptor controllerInterceptor = new ControllerInterceptor(getProvider(SecurityManager.class)); bindInterceptor(controllers, any(), controllerInterceptor); /* * Individual method interceptors for annotating non-controllers. */ RequireTokenInterceptor tokenInterceptor = new RequireTokenInterceptor(getProvider(SecurityManager.class)); bindInterceptor(notControllers, annotatedWith(RequireToken.class), tokenInterceptor); RequireAuthenticatedInterceptor authenticatedInterceptor = new RequireAuthenticatedInterceptor(); bindInterceptor(notControllers, annotatedWith(RequireAuthenticated.class), authenticatedInterceptor); RequireAdministratorInterceptor administratorInterceptor = new RequireAdministratorInterceptor(); bindInterceptor(notControllers, annotatedWith(RequireAdministrator.class), administratorInterceptor); RequireRoleInterceptor roleInterceptor = new RequireRoleInterceptor(); bindInterceptor(notControllers, annotatedWith(RequireRole.class), roleInterceptor); RequirePermissionInterceptor permissionInterceptor = new RequirePermissionInterceptor(); bindInterceptor(notControllers, annotatedWith(RequirePermission.class), permissionInterceptor); RequireRolesInterceptor rolesInterceptor = new RequireRolesInterceptor(); bindInterceptor(notControllers, annotatedWith(RequireRoles.class), rolesInterceptor); RequirePermissionsInterceptor permissionsInterceptor = new RequirePermissionsInterceptor(); bindInterceptor(notControllers, annotatedWith(RequirePermissions.class), permissionsInterceptor); }
@Override protected void setup() { bind(BasicAuthenticationHandler.class); bind(FormAuthenticationHandler.class); Matcher<Class> controllers = subclassesOf(Controller.class); Matcher<Class> notControllers = not(controllers); /* * The grand ControllerInterceptor. */ ControllerInterceptor controllerInterceptor = new ControllerInterceptor(getProvider(SecurityManager.class)); bindInterceptor(controllers, any(), controllerInterceptor); /* * Individual method interceptors for annotating non-controllers. */ RequireTokenInterceptor tokenInterceptor = new RequireTokenInterceptor(getProvider(SecurityManager.class)); bindInterceptor(notControllers, annotatedWith(RequireToken.class), tokenInterceptor); RequireAuthenticatedInterceptor authenticatedInterceptor = new RequireAuthenticatedInterceptor(); bindInterceptor(notControllers, annotatedWith(RequireAuthenticated.class), authenticatedInterceptor); RequireAdministratorInterceptor administratorInterceptor = new RequireAdministratorInterceptor(); bindInterceptor(notControllers, annotatedWith(RequireAdministrator.class), administratorInterceptor); RequireRoleInterceptor roleInterceptor = new RequireRoleInterceptor(); bindInterceptor(notControllers, annotatedWith(RequireRole.class), roleInterceptor); RequirePermissionInterceptor permissionInterceptor = new RequirePermissionInterceptor(); bindInterceptor(notControllers, annotatedWith(RequirePermission.class), permissionInterceptor); RequireRolesInterceptor rolesInterceptor = new RequireRolesInterceptor(); bindInterceptor(notControllers, annotatedWith(RequireRoles.class), rolesInterceptor); RequirePermissionsInterceptor permissionsInterceptor = new RequirePermissionsInterceptor(); bindInterceptor(notControllers, annotatedWith(RequirePermissions.class), permissionsInterceptor); }
@Override public Object invoke(MethodInvocation invocation) throws Throwable { RequireToken requireToken = ClassUtil.getAnnotation(invocation.getMethod(), RequireToken.class); String tokenName = requireToken.value(); Context context = RouteDispatcher.getRouteContext(); // extract the named token from a header or a query parameter String token = Strings.emptyToNull(context.getRequest().getHeader(tokenName)); token = Optional.fromNullable(token).or(context.getParameter(tokenName).toString("")); if (Strings.isNullOrEmpty(token)) { throw new AuthorizationException("Missing '{}' token", tokenName); } Account account = getAccount(); if (account.isGuest()) { // authenticate by token TokenCredentials credentials = new TokenCredentials(token); account = securityManager.get().authenticate(credentials); if (account == null) { throw new AuthorizationException("Invalid '{}' value '{}'", tokenName, token); } context.setLocal(AuthConstants.ACCOUNT_ATTRIBUTE, account); log.debug("'{}' account authenticated by token '{}'", account.getUsername(), token); } else { // validate token account.checkToken(token); } return invocation.proceed(); }