private String getUserName() { return user.principal().getString("username"); }
private String getUserName() { AccessToken tok = (AccessToken) user.getDelegate(); return tok.accessToken().getString("preferred_username"); }
@Override public void setUser(User user) { // System.err.println("setUser: "+user); ResteasyProviderFactory.pushContext(io.vertx.reactivex.ext.auth.User.class, io.vertx.reactivex.ext.auth.User.newInstance(user)); delegate.setUser(user); }
User user; try { user = await(auth.rxAuthenticate(creds)); }catch(VertxException x) { return Response.status(Status.FORBIDDEN).build(); boolean canCreate = await(user.rxIsAuthorised("create")); boolean canUpdate = await(user.rxIsAuthorised("update")); boolean canDelete = await(user.rxIsAuthorised("delete")); JsonArray permissions = new JsonArray(); if(canCreate) permissions.add("delete"); String jwtToken = jwt.generateToken( new JsonObject() .put("username", username)
@Path("/save") @POST public Single<Response> save(@FormParam("id") String id, @FormParam("title") String title, @FormParam("markdown") String markdown, @FormParam("newPage") String newPage){ return fiber((con) -> { boolean isNewPage = "yes".equals(newPage); String requiredPermission = isNewPage ? "create" : "update"; if(!await(user.rxIsAuthorised(requiredPermission))) throw new AuthorizationException("Not authorized"); String sql = isNewPage ? SQL.SQL_CREATE_PAGE : SQL.SQL_SAVE_PAGE; JsonArray params = new JsonArray(); if (isNewPage) { params.add(title).add(markdown); } else { params.add(markdown).add(id); } await(con.rxUpdateWithParams(sql, params)); URI location = Router.getURI(WikiResource::renderPage, title); return Response.seeOther(location).build(); }); }
auth != null ? io.vertx.rxjava.ext.auth.AuthProvider.newInstance(auth.getDelegate()) : null); ResteasyProviderFactory.pushContext(io.vertx.rxjava.ext.auth.User.class, context.user() != null ? io.vertx.rxjava.ext.auth.User.newInstance(context.user().getDelegate()) : null); ResteasyProviderFactory.pushContext(io.vertx.rxjava.ext.web.Session.class, context.session() != null ? io.vertx.rxjava.ext.web.Session.newInstance(context.session().getDelegate()) : null);
User user; try { user = await(auth.rxAuthenticate(creds)); }catch(VertxException x) { return Response.status(Status.FORBIDDEN).build(); boolean canCreate = await(user.rxIsAuthorised("create")); boolean canUpdate = await(user.rxIsAuthorised("update")); boolean canDelete = await(user.rxIsAuthorised("delete")); JsonArray permissions = new JsonArray(); if(canCreate) permissions.add("delete"); String jwtToken = jwt.generateToken( new JsonObject() .put("username", username)
if (authenticatedUser == null || !(authenticatedUser.getDelegate() instanceof io.gravitee.am.gateway.handler.vertx.auth.user.User)) { io.gravitee.am.model.User endUser = ((io.gravitee.am.gateway.handler.vertx.auth.user.User) authenticatedUser.getDelegate()).getUser(); Date loggedAt = endUser.getLoggedAt(); if (loggedAt == null) {
@GET public Single<Template> index(){ return fiber(() -> { List<Pages> res = await(dao.findAll()); List<String> pages = res .stream() .map(page -> page.getName()) .sorted() .collect(Collectors.toList()); boolean canCreatePage = await(user.rxIsAuthorised("create")); return new Template("templates/index.ftl") .set("title", "Wiki home") .set("pages", pages) .set("canCreatePage", canCreatePage) .set("username", getUserName()) .set("backup_gist_url", flash.get("backup_gist_url")); }); }
@Override public void setUser(User user) { // System.err.println("setUser: "+user); ResteasyProviderFactory.pushContext(io.vertx.reactivex.ext.auth.User.class, io.vertx.reactivex.ext.auth.User.newInstance(user)); delegate.setUser(user); }
if (authenticatedUser == null || !(authenticatedUser.getDelegate() instanceof io.gravitee.am.gateway.handler.vertx.auth.user.User)) { io.gravitee.am.model.User endUser = ((io.gravitee.am.gateway.handler.vertx.auth.user.User) authenticatedUser.getDelegate()).getUser(); Date loggedAt = endUser.getLoggedAt(); if (loggedAt == null) {
@Override public Single<Boolean> assertAuthorized(Annotation authzSpec) { if(authzSpec instanceof RequiresPermissions){ User user = getUser(); if(user == null) return Single.error(new AuthorizationException("User required")); Single<Boolean> ret = Single.just(true); for(String perm : ((RequiresPermissions) authzSpec).value()){ ret = user.rxIsAuthorised(perm).zipWith(ret, (a, b) -> a && b); } return ret; } return Single.just(true); } }
@Override public void handle(RoutingContext context) { // The authorization server first validates the client credentials (in // case of a confidential client) and then verifies whether the token // was issued to the client making the revocation request. If this // validation fails, the request is refused and the client is informed // of the error by the authorization server as described below. User authenticatedUser = context.user(); if (authenticatedUser == null || ! (authenticatedUser.getDelegate() instanceof Client)) { throw new InvalidClientException("Invalid client"); } Client client = (Client) authenticatedUser.getDelegate(); revocationTokenService .revoke(createRequest(context), client.getClient()) .subscribe(() -> context.response().setStatusCode(200).end(), error -> context.fail(error)); }
@Override public Single<Boolean> assertAuthorized(Annotation authzSpec) { if(authzSpec instanceof RequiresPermissions){ User user = getUser(); if(user == null) return Single.error(new AuthorizationException("User required")); Single<Boolean> ret = Single.just(true); for(String perm : ((RequiresPermissions) authzSpec).value()){ ret = user.rxIsAuthorised(perm).zipWith(ret, (a, b) -> a && b); } return ret; } return Single.just(true); } }
@Override public void handle(RoutingContext context) { // The authorization server first validates the client credentials (in // case of a confidential client) and then verifies whether the token // was issued to the client making the revocation request. If this // validation fails, the request is refused and the client is informed // of the error by the authorization server as described below. User authenticatedUser = context.user(); if (authenticatedUser == null || ! (authenticatedUser.getDelegate() instanceof Client)) { throw new InvalidClientException("Invalid client"); } Client client = (Client) authenticatedUser.getDelegate(); revocationTokenService .revoke(createRequest(context), client.getClient()) .subscribe(() -> context.response().setStatusCode(200).end(), error -> context.fail(error)); }
@GET public Single<Template> index(){ return fiber((con) -> { ResultSet res = await(con.rxQuery(SQL.SQL_ALL_PAGES)); List<String> pages = res.getResults() .stream() .map(json -> json.getString(0)) .sorted() .collect(Collectors.toList()); boolean canCreatePage = await(user.rxIsAuthorised("create")); return new Template("templates/index.ftl") .set("title", "Wiki home") .set("pages", pages) .set("canCreatePage", canCreatePage) .set("username", getUserName()) .set("backup_gist_url", flash.get("backup_gist_url")); }); }
@Override public void handle(RoutingContext context) { // If the protected resource uses OAuth 2.0 client credentials to // authenticate to the introspection endpoint and its credentials are // invalid, the authorization server responds with an HTTP 401 User authenticatedUser = context.user(); if (authenticatedUser == null || ! (authenticatedUser.getDelegate() instanceof Client)) { throw new InvalidClientException(); } introspectionService .introspect(createRequest(context)) .doOnSuccess(introspectionResponse -> context.response() .putHeader(HttpHeaders.CACHE_CONTROL, "no-store") .putHeader(HttpHeaders.PRAGMA, "no-cache") .putHeader(HttpHeaders.CONTENT_TYPE, MediaType.APPLICATION_JSON) .end(Json.encodePrettily(introspectionResponse))) .subscribe(); }
@Path("/save") @POST public Single<Response> save(@FormParam("id") String id, @FormParam("title") String title, @FormParam("markdown") String markdown, @FormParam("newPage") String newPage){ return fiber(() -> { boolean isNewPage = "yes".equals(newPage); String requiredPermission = isNewPage ? "create" : "update"; if(!await(user.rxIsAuthorised(requiredPermission))) throw new AuthorizationException("Not authorized"); io.reactivex.Single<Integer> query; if(isNewPage) query = dao.insert(new Pages().setName(title).setContent(markdown)); else query = dao.update(new Pages().setId(Integer.valueOf(id)).setContent(markdown).setName(title)); await(query); URI location = Router.getURI(WikiResource::renderPage, title); return Response.seeOther(location).build(); }); }
@Override public void handle(RoutingContext context) { // If the protected resource uses OAuth 2.0 client credentials to // authenticate to the introspection endpoint and its credentials are // invalid, the authorization server responds with an HTTP 401 User authenticatedUser = context.user(); if (authenticatedUser == null || ! (authenticatedUser.getDelegate() instanceof Client)) { throw new InvalidClientException(); } introspectionService .introspect(createRequest(context)) .doOnSuccess(introspectionResponse -> context.response() .putHeader(HttpHeaders.CACHE_CONTROL, "no-store") .putHeader(HttpHeaders.PRAGMA, "no-cache") .putHeader(HttpHeaders.CONTENT_TYPE, MediaType.APPLICATION_JSON) .end(Json.encodePrettily(introspectionResponse))) .subscribe(); }
if (authenticatedUser == null || ! (authenticatedUser.getDelegate() instanceof Client)) { throw new InvalidClientException();