/** * Creates a new HTTP authorization {@link Service} decorator using the specified * {@link Authorizer}s. * * @param authorizers the array of {@link Authorizer}s. */ @SafeVarargs public static Function<Service<HttpRequest, HttpResponse>, HttpAuthService> newDecorator(Authorizer<HttpRequest>... authorizers) { return newDecorator(ImmutableList.copyOf(requireNonNull(authorizers, "authorizers"))); }
/** * Returns a newly-created {@link HttpAuthService} based on the {@link Authorizer}s added to this builder. */ public HttpAuthService build(Service<HttpRequest, HttpResponse> delegate) { return new HttpAuthService(requireNonNull(delegate, "delegate"), authorizer(), successHandler, failureHandler); }
@Override public HttpResponse serve(ServiceRequestContext ctx, HttpRequest req) throws Exception { return HttpResponse.from(AuthorizerUtil.authorize(authorizer, ctx, req).handleAsync((result, cause) -> { try { if (cause == null) { if (result != null) { return result ? successHandler.authSucceeded(delegate(), ctx, req) : failureHandler.authFailed(delegate(), ctx, req, null); } cause = AuthorizerUtil.newNullResultException(authorizer); } return failureHandler.authFailed(delegate(), ctx, req, cause); } catch (Exception e) { return Exceptions.throwUnsafely(e); } }, ctx.contextAwareEventLoop())); } }
private void configureThriftService(ServerBuilder sb, ProjectManager pm, CommandExecutor executor, WatchService watchService, MetadataService mds) { final CentralDogmaServiceImpl service = new CentralDogmaServiceImpl(pm, executor, watchService, mds); Service<HttpRequest, HttpResponse> thriftService = ThriftCallService.of(service) .decorate(CentralDogmaTimeoutScheduler::new) .decorate(CentralDogmaExceptionTranslator::new) .decorate(THttpService.newDecorator()); if (cfg.isCsrfTokenRequiredForThrift()) { thriftService = thriftService.decorate(HttpAuthService.newDecorator(new CsrfTokenAuthorizer())); } else { thriftService = thriftService.decorate(TokenlessClientLogger::new); } // Enable content compression for API responses. thriftService = thriftService.decorate(contentEncodingDecorator()); sb.service("/cd/thrift/v1", thriftService); }
/** * Returns a newly-created decorator that decorates a {@link Service} with a new {@link HttpAuthService} * based on the {@link Authorizer}s added to this builder. */ public Function<Service<HttpRequest, HttpResponse>, HttpAuthService> newDecorator() { final Authorizer<HttpRequest> authorizer = authorizer(); final AuthSuccessHandler<HttpRequest, HttpResponse> successHandler = this.successHandler; final AuthFailureHandler<HttpRequest, HttpResponse> failureHandler = this.failureHandler; return service -> new HttpAuthService(service, authorizer, successHandler, failureHandler); }
private void configureThriftService(ServerBuilder sb, ProjectManager pm, CommandExecutor executor, WatchService watchService, MetadataService mds) { final CentralDogmaServiceImpl service = new CentralDogmaServiceImpl(pm, executor, watchService, mds); Service<HttpRequest, HttpResponse> thriftService = ThriftCallService.of(service) .decorate(CentralDogmaTimeoutScheduler::new) .decorate(CentralDogmaExceptionTranslator::new) .decorate(THttpService.newDecorator()); if (cfg.isCsrfTokenRequiredForThrift()) { thriftService = thriftService.decorate(HttpAuthService.newDecorator(new CsrfTokenAuthorizer())); } else { thriftService = thriftService.decorate(TokenlessClientLogger::new); } // Enable content compression for API responses. thriftService = thriftService.decorate(contentEncodingDecorator()); sb.service("/cd/thrift/v1", thriftService); }
decorator = MetadataServiceInjector .newDecorator(mds) .andThen(HttpAuthService.newDecorator(new CsrfTokenAuthorizer()));
private void configureThriftService(ServerBuilder sb, ProjectManager pm, CommandExecutor executor, WatchService watchService, MetadataService mds) { final CentralDogmaServiceImpl service = new CentralDogmaServiceImpl(pm, executor, watchService, mds); Service<HttpRequest, HttpResponse> thriftService = ThriftCallService.of(service) .decorate(CentralDogmaTimeoutScheduler::new) .decorate(CentralDogmaExceptionTranslator::new) .decorate(THttpService.newDecorator()); if (cfg.isCsrfTokenRequiredForThrift()) { thriftService = thriftService.decorate(HttpAuthService.newDecorator(new CsrfTokenAuthorizer())); } else { thriftService = thriftService.decorate(TokenlessClientLogger::new); } // Enable content compression for API responses. thriftService = thriftService.decorate(contentEncodingDecorator()); sb.service("/cd/thrift/v1", thriftService); }
decorator = MetadataServiceInjector .newDecorator(mds) .andThen(HttpAuthService.newDecorator(new CsrfTokenAuthorizer()));
.andThen(HttpAuthService.newDecorator(ata, sta)); } else { .andThen(HttpAuthService.newDecorator( new CsrfTokenAuthorizer()));
MetadataServiceInjector.newDecorator(mds).andThen(HttpAuthService.newDecorator( new ApplicationTokenAuthorizer(mds::findTokenBySecret))); sb.annotatedService(new Object() {