public AuthenticationRuleMatcher( final CDI provider, final Config authConfig, final AuthenticationEndpoints authenticationEndpoints) { this.authConfig = authConfig; this.provider = provider; mechanisms = instantiateMechanismsFoundOnConfig(); identityManagers = instantiateIdentityManagersFoundOnConfig(); securityContextFactory = instantiateSecurityContextFactory( authConfig ); rules = readRulesFromConfig(); this.authenticationEndpoints = authenticationEndpoints; }
private List<AuthenticationMechanism> extractNeededMechanisms( final List<String> authMechanisms ) { return authMechanisms.stream() .map(mechanism -> mechanisms().get(mechanism)) .collect(Collectors.toList()); }
private Map<String, AuthenticationMechanism> instantiateMechanismsFoundOnConfig() { final Map<String, Object> values = authConfig.getConfig("auth-mechanisms").toMap(); final Map<String, AuthenticationMechanism> mechanisms = convert( values, o->instantiate( (String)o, AuthenticationMechanism.class ) ); log.debug("Found Authentication Mechanisms: " + mechanisms); return mechanisms; }
private AuthenticationRule convertConfToRule( final Config ruleConf ) { final List<String> defaultIdentityManagersAndAuthMechanisms = Collections.singletonList("default"); final List<String> defaultExcludedPatterns = authConfig.getStringList("default-excluded-patterns"); final List<IdentityManager> identityManagers = getIdentityManagerFor( ruleConf, defaultIdentityManagersAndAuthMechanisms ); final List<AuthenticationMechanism> mechanisms = extractNeededMechanisms( ruleConf.getStringList("auth-mechanisms", defaultIdentityManagersAndAuthMechanisms) ); final List<String> excludedPatterns = ruleConf.getStringList("exclude-patterns", new ArrayList<>()); final boolean authenticationRequired = ruleConf.getBoolean( "authentication-required", true ); excludedPatterns.addAll( defaultExcludedPatterns ); return new AuthenticationRule( ruleConf.getString( "pattern" ), identityManagers, mechanisms, ruleConf.getStringList( "expected-roles", Collections.emptyList() ), excludedPatterns, authenticationRequired ); }
AuthenticationRuleMatcher createRuleMatcher() { return new AuthenticationRuleMatcher( provider, config.getConfig("server.auth"), authenticationEndpoints); } }
private SecurityContextFactory instantiateSecurityContextFactory( final Config authConfig ) { final String className = authConfig.getString( "security-context-factory" ); final SecurityContextFactory factory = instantiate( className, SecurityContextFactory.class ); log.debug("Found SecurityContextFactory: " + factory); return factory; }
private List<IdentityManager> getIdentityManagerFor( final List<String> identityManagers ) { final List<IdentityManager> ims = new TinyList<>(); for ( final String name : identityManagers ){ final IdentityManager identityManager = identityManagers().get( name ); if ( identityManager == null ) throw new IllegalArgumentException("No IdentityManager registered for " + name ); ims.add( identityManager ); } return ims; }
private List<IdentityManager> getIdentityManagerFor( Config ruleConf, List<String> defaultIdentityManagersAndAuthMechanisms ) { List<String> identityManagers = ruleConf.getStringList("identity-manager"); if ( identityManagers != null && !identityManagers.isEmpty() ) { log.warn("The 'identity-manager' entry is deprecated."); log.warn("Consider use 'identity-managers'."); } else identityManagers = ruleConf.getStringList("identity-managers", defaultIdentityManagersAndAuthMechanisms ); return getIdentityManagerFor( identityManagers ); }
private Map<String, IdentityManager> instantiateIdentityManagersFoundOnConfig() { final Map<String, Object> values = authConfig.getConfig("identity-managers").toMap(); final Map<String, IdentityManager> identityManagers = convert( values, o->instantiate( (String)o, IdentityManager.class ) ); log.debug( "Found Identity Managers: " + identityManagers ); return identityManagers; }