private AuthenticationResponse validateSignature(SecurityEnvironment env, HttpSignature httpSignature, InboundClientDefinition clientDefinition) { // validate algorithm Optional<String> validationResult = httpSignature.validate(env, clientDefinition, inboundRequiredHeaders.headers(env.method(), env.headers())); if (validationResult.isPresent()) { return AuthenticationResponse.failed(validationResult.get()); } Principal principal = Principal.builder() .name(clientDefinition.principalName()) .addAttribute(ATTRIB_NAME_KEY_ID, clientDefinition.keyId()) .build(); Subject subject = Subject.builder() .principal(principal) .build(); if (clientDefinition.subjectType() == SubjectType.USER) { return AuthenticationResponse.success(subject); } else { return AuthenticationResponse.successService(subject); } }
private Principal buildPrincipal(Jwt jwt) { String subject = jwt.subject() .orElseThrow(() -> new JwtException("JWT does not contain subject claim, cannot create principal.")); String name = jwt.preferredUsername() .orElse(subject); Principal.Builder builder = Principal.builder(); builder.name(name) .id(subject); jwt.payloadClaims() .forEach((key, jsonValue) -> builder.addAttribute(key, JwtUtil.toObject(jsonValue))); jwt.email().ifPresent(value -> builder.addAttribute("email", value)); jwt.emailVerified().ifPresent(value -> builder.addAttribute("email_verified", value)); jwt.locale().ifPresent(value -> builder.addAttribute("locale", value)); jwt.familyName().ifPresent(value -> builder.addAttribute("family_name", value)); jwt.givenName().ifPresent(value -> builder.addAttribute("given_name", value)); jwt.fullName().ifPresent(value -> builder.addAttribute("full_name", value)); return builder.build(); } }
Principal buildPrincipal(Jwt jwt) { String subject = jwt.subject() .orElseThrow(() -> new JwtException("JWT does not contain subject claim, cannot create principal.")); String name = jwt.preferredUsername() .orElse(subject); Principal.Builder builder = Principal.builder(); builder.name(name) .id(subject); jwt.payloadClaims() .forEach((key, jsonValue) -> builder.addAttribute(key, JwtUtil.toObject(jsonValue))); jwt.email().ifPresent(value -> builder.addAttribute("email", value)); jwt.emailVerified().ifPresent(value -> builder.addAttribute("email_verified", value)); jwt.locale().ifPresent(value -> builder.addAttribute("locale", value)); jwt.familyName().ifPresent(value -> builder.addAttribute("family_name", value)); jwt.givenName().ifPresent(value -> builder.addAttribute("given_name", value)); jwt.fullName().ifPresent(value -> builder.addAttribute("full_name", value)); return builder.build(); }
.name("<ANONYMOUS>") .addAttribute("anonymous", true) .build();
private Subject buildSubject(String accessToken, GoogleIdToken.Payload payload) { TokenCredential.Builder builder = TokenCredential.builder(); builder.issueTime(toInstant(payload.getIssuedAtTimeSeconds())); builder.expTime(toInstant(payload.getExpirationTimeSeconds())); builder.issuer(payload.getIssuer()); builder.token(accessToken); builder.addToken(GoogleIdToken.Payload.class, payload); String email = payload.getEmail(); String userId = payload.getSubject(); Principal principal = Principal.builder() .id(userId) .name((null == email) ? userId : email) .addAttribute("fullName", payload.get("name")) .addAttribute("emailVerified", payload.getEmailVerified()) .addAttribute("locale", payload.get("locale")) .addAttribute("familyName", payload.get("family_name")) .addAttribute("givenName", payload.get("given_name")) .addAttribute("pictureUrl", payload.get("picture")) .build(); return Subject.builder() .principal(principal) .addPublicCredential(TokenCredential.class, builder.build()) .build(); }
Principal buildPrincipal(Jwt jwt) { String subject = jwt.subject() .orElseThrow(() -> new JwtException("JWT does not contain subject claim, cannot create principal.")); String name = jwt.preferredUsername() .orElse(subject); Principal.Builder builder = Principal.builder(); builder.name(name) .id(subject); jwt.payloadClaims() .forEach((key, jsonValue) -> builder.addAttribute(key, JwtUtil.toObject(jsonValue))); jwt.email().ifPresent(value -> builder.addAttribute("email", value)); jwt.emailVerified().ifPresent(value -> builder.addAttribute("email_verified", value)); jwt.locale().ifPresent(value -> builder.addAttribute("locale", value)); jwt.familyName().ifPresent(value -> builder.addAttribute("family_name", value)); jwt.givenName().ifPresent(value -> builder.addAttribute("given_name", value)); jwt.fullName().ifPresent(value -> builder.addAttribute("full_name", value)); return builder.build(); }
private Subject buildSubject(UserStore.User user) { Subject.Builder builder = Subject.builder() .principal(Principal.builder() .name(user.login()) .build()) .addPrivateCredential(UserStore.User.class, user); user.roles() .forEach(role -> builder.addGrant(Role.create(role))); return builder.build(); }
/** * Creates a fluent API builder to build new instances of this class. * * @return a builder instance */ static Builder builder() { return new Builder(); }
HelidonPrincipal(Builder builder) { this.name = builder.name(); this.id = builder.id(); BasicAttributes container = BasicAttributes.create(builder.properties()); container.put("name", name); container.put("id", id); this.properties = container; }
private Subject buildSubject(UserStore.User user) { Subject.Builder builder = Subject.builder() .principal(Principal.builder() .name(user.login()) .build()) .addPrivateCredential(UserStore.User.class, user); user.roles() .forEach(role -> builder.addGrant(Role.create(role))); return builder.build(); }