@Override public DefaultSecurityContext createSecurityContextFor( final HttpServerExchange exchange, final AuthenticationRule rule, final SecurityConfiguration securityConfiguration ) { final boolean authenticationRequired = rule != AuthenticationRule.EMPTY && rule.authenticationRequired(); return new DefaultSecurityContext(rule, exchange, securityConfiguration, authenticationRequired); } }
public AuthenticationRule( @NonNull final String pattern, @NonNull final List<IdentityManager> identityManagers, @NonNull final List<AuthenticationMechanism> mechanisms, @NonNull final List<String> expectedRoles, @NonNull final List<String> exceptionPatterns, final boolean authenticationRequired) // CHECKED { this.pattern = pattern; this.matcher = URLMatcher.compile( pattern ); this.identityManagers = identityManagers; this.mechanisms = mechanisms; this.expectedRoles = expectedRoles; this.exceptionPatterns = convertToURLMatcher( exceptionPatterns ); this.authenticationRequired = authenticationRequired; if ( isInvalid() ) throw new UnsupportedOperationException( MSG_INVALID_RULE + toString() ); }
public AuthenticationRule retrieveAuthenticationRuleForUrl( final String url ) { for ( final AuthenticationRule rule : rules ) if ( rule.matches( url ) ) return rule; return null; } }
private Account performAuthentication() { final Iterator<AuthenticationMechanism> iterator = rule.mechanisms().iterator(); Account account = getCurrentSession().getAuthenticatedAccount(); while ( account == null && iterator.hasNext() ) { currentAuthMechanism = iterator.next(); account = currentAuthMechanism.authenticate( exchange, rule.identityManagers(), getCurrentSession() ); } return account; }
public boolean matches( final String url ) { return matcher.matches( url, null ) && !matchesIgnoredUrls( url ); }
Collection<AuthenticationMechanism> getConfigurableMechanisms( AuthenticationRuleMatcher ruleMatcher ){ final Set<AuthenticationMechanism> configurable = new HashSet<>(); ruleMatcher.rules().forEach( r -> configurable.addAll( r.mechanisms() ) ); final ArrayList<AuthenticationMechanism> configurableSorted = new ArrayList<>(configurable); configurableSorted.sort((o1, o2) -> Integer.compare(o2.priority(), o1.priority())); return configurableSorted; }
void runAuthenticationInIOThread(final HttpServerExchange exchange, final AuthenticationRule rule, final SecurityContext context) { exchange.dispatch( new AuthenticationRunner( exchange, next, context, rule.expectedRoles(), permissionDeniedPage ) ); } }
private AuthenticationRule convertConfToRule( final Config ruleConf ) { final List<String> defaultIdentityManagersAndAuthMechanisms = Collections.singletonList("default"); final List<String> defaultExcludedPatterns = authConfig.getStringList("default-excluded-patterns"); final List<IdentityManager> identityManagers = getIdentityManagerFor( ruleConf, defaultIdentityManagersAndAuthMechanisms ); final List<AuthenticationMechanism> mechanisms = extractNeededMechanisms( ruleConf.getStringList("auth-mechanisms", defaultIdentityManagersAndAuthMechanisms) ); final List<String> excludedPatterns = ruleConf.getStringList("exclude-patterns", new ArrayList<>()); final boolean authenticationRequired = ruleConf.getBoolean( "authentication-required", true ); excludedPatterns.addAll( defaultExcludedPatterns ); return new AuthenticationRule( ruleConf.getString( "pattern" ), identityManagers, mechanisms, ruleConf.getStringList( "expected-roles", Collections.emptyList() ), excludedPatterns, authenticationRequired ); }