@Override public void parseCredentials(RoutingContext context, Handler<AsyncResult<JsonObject>> handler) { Session session = context.session(); if (session != null) { // Now redirect to the login url - we'll get redirected back here after successful login session.put(returnURLParam, context.request().uri()); handler.handle(Future.failedFuture(new HttpStatusException(302, loginRedirectURL))); } else { handler.handle(Future.failedFuture("No session - did you forget to include a SessionHandler?")); } } }
final int statusCode = ((HttpStatusException) exception).getStatusCode(); final String payload = ((HttpStatusException) exception).getPayload();
@SuppressWarnings("unchecked") @Test public void testCredentialsValidationErrorPropagation() throws Exception { Handler<RoutingContext> handler = rc -> { fail("should not get here"); rc.response().end("Welcome to the protected resource!"); }; Throwable rootCause = new IllegalArgumentException("validation of credentials failed"); AuthProvider authProvider = mock(AuthProvider.class); doAnswer(invocation -> { final Handler<AsyncResult<User>> resultHandler = invocation.getArgument(1); resultHandler.handle(Future.failedFuture(rootCause)); return null; }).when(authProvider).authenticate(any(JsonObject.class), any(Handler.class)); router.route("/protected/*").handler(newAuthHandler(authProvider, exception -> { assertTrue(exception instanceof HttpStatusException); assertEquals(rootCause, ((HttpStatusException) exception).getCause()); })); router.route("/protected/somepage").handler(handler); testRequest(HttpMethod.GET, "/protected/somepage", 401, "Unauthorized"); } }
if (res.cause() instanceof HttpStatusException) { final HttpStatusException exception = (HttpStatusException) res.cause(); switch (exception.getStatusCode()) { case 302: case 400:
} else if (ctx.failure() instanceof HttpStatusException) { final HttpStatusException e = (HttpStatusException) ctx.failure(); sendError(ctx.response(), e.getStatusCode(), e.getMessage()); } else { sendError(ctx.response(), HttpURLConnection.HTTP_INTERNAL_ERROR, ctx.failure().getMessage());
if (res.cause() instanceof HttpStatusException) { final HttpStatusException exception = (HttpStatusException) res.cause(); switch (exception.getStatusCode()) { case 302: case 400:
} else if (ctx.failure() instanceof HttpStatusException) { final HttpStatusException e = (HttpStatusException) ctx.failure(); sendError(ctx.response(), e.getStatusCode(), e.getMessage()); } else { sendError(ctx.response(), HttpURLConnection.HTTP_INTERNAL_ERROR, ctx.failure().getMessage());
payload = null; } else { statusCode = ((HttpStatusException) exception).getStatusCode(); payload = ((HttpStatusException) exception).getPayload();
log.warn("The callback route is shaded by the OAuth2AuthHandler, ensure the callback route is added BEFORE the OAuth2AuthHandler route!"); handler.handle(Future.failedFuture(new HttpStatusException(500, "Infinite redirect loop [oauth2 callback]"))); } else { handler.handle(Future.failedFuture(new HttpStatusException(302, authURI(context.request().uri())))); handler.handle(Future.failedFuture(new HttpStatusException(401, decodeToken.cause().getMessage()))); return;
if (res.cause() instanceof HttpStatusException) { final HttpStatusException exception = (HttpStatusException) res.cause(); switch (exception.getStatusCode()) { case 302: case 400:
@SuppressWarnings("unchecked") @Test public void testCredentialsValidationErrorPropagation() throws Exception { Handler<RoutingContext> handler = rc -> { fail("should not get here"); rc.response().end("Welcome to the protected resource!"); }; Throwable rootCause = new IllegalArgumentException("validation of credentials failed"); AuthProvider authProvider = mock(AuthProvider.class); doAnswer(invocation -> { final Handler<AsyncResult<User>> resultHandler = invocation.getArgument(1); resultHandler.handle(Future.failedFuture(rootCause)); return null; }).when(authProvider).authenticate(any(JsonObject.class), any(Handler.class)); router.route("/protected/*").handler(newAuthHandler(authProvider, exception -> { assertTrue(exception instanceof HttpStatusException); assertEquals(rootCause, ((HttpStatusException) exception).getCause()); })); router.route("/protected/somepage").handler(handler); testRequest(HttpMethod.GET, "/protected/somepage", 401, "Unauthorized"); } }
final int statusCode = ((HttpStatusException) exception).getStatusCode(); final String payload = ((HttpStatusException) exception).getPayload();
processException(ctx, new HttpStatusException(401, authN.cause()));
/** * Override process exception to handle custom OAuth 2.0 invalid client exception * @param ctx routing context * @param exception exception thrown */ @Override protected void processException(RoutingContext ctx, Throwable exception) { if (exception != null) { if (exception instanceof HttpStatusException) { final int statusCode = ((HttpStatusException) exception).getStatusCode(); if (statusCode == 401) { // client authentication has failed return invalid client exception ctx.fail(new InvalidClientException("Client authentication failed due to unknown or invalid client")); return; } } } super.processException(ctx, exception); }
final String payload; if (exception instanceof HttpStatusException) { statusCode = ((HttpStatusException) exception).getStatusCode(); payload = ((HttpStatusException) exception).getPayload(); } else { statusCode = ((ServiceInvocationException) exception).getErrorCode();
@Override public void parseCredentials(RoutingContext context, Handler<AsyncResult<JsonObject>> handler) { parseAuthorization(context, true, parseAuthorization -> { if (parseAuthorization.failed()) { handler.handle(Future.failedFuture(parseAuthorization.cause())); return; } // Authorization header could be null as we mark it as optional final String token = parseAuthorization.result(); if (token == null) { context.next(); } else { // attempt to decode the token and handle it as a user ((OAuth2Auth) authProvider).decodeToken(token, decodeToken -> { if (decodeToken.failed()) { handler.handle(Future.failedFuture(new HttpStatusException(401, decodeToken.cause().getMessage()))); return; } context.setUser(decodeToken.result()); // continue handler.handle(Future.succeededFuture()); }); } }); }
/** * Override process exception to handle custom OAuth 2.0 invalid client exception * @param ctx routing context * @param exception exception thrown */ @Override protected void processException(RoutingContext ctx, Throwable exception) { if (exception != null) { if (exception instanceof HttpStatusException) { final int statusCode = ((HttpStatusException) exception).getStatusCode(); if (statusCode == 401) { // client authentication has failed return invalid client exception ctx.fail(new InvalidClientException("Client authentication failed due to unknown or invalid client")); return; } } } super.processException(ctx, exception); }
@Override public void parseCredentials(RoutingContext context, Handler<AsyncResult<JsonObject>> handler) { Session session = context.session(); if (session != null) { // Now redirect to the login url - we'll get redirected back here after successful login session.put(returnURLParam, context.request().uri()); handler.handle(Future.failedFuture(new HttpStatusException(302, loginRedirectURL))); } else { handler.handle(Future.failedFuture("No session - did you forget to include a SessionHandler?")); } } }
log.warn("The callback route is shaded by the OAuth2AuthHandler, ensure the callback route is added BEFORE the OAuth2AuthHandler route!"); handler.handle(Future.failedFuture(new HttpStatusException(500, "Infinite redirect loop [oauth2 callback]"))); } else { handler.handle(Future.failedFuture(new HttpStatusException(302, authURI(context.request().uri())))); handler.handle(Future.failedFuture(new HttpStatusException(401, decodeToken.cause().getMessage()))); return;
@Override public void parseCredentials(RoutingContext context, Handler<AsyncResult<JsonObject>> handler) { Session session = context.session(); if (session != null) { try { // Save current request in session - we'll get redirected back here after successful login HttpServerRequest request = context.request(); session.put(returnURLParam, UriBuilderRequest.resolveProxyRequest( new io.vertx.reactivex.core.http.HttpServerRequest(request), request.path(), request.params().entries().stream().collect(Collectors.toMap(Map.Entry::getKey, Map.Entry::getValue)))); // Now redirect to the login url String uri = UriBuilderRequest.resolveProxyRequest( new io.vertx.reactivex.core.http.HttpServerRequest(request), loginRedirectURL, Collections.singletonMap(OAuth2Constants.CLIENT_ID, request.getParam(OAuth2Constants.CLIENT_ID))); handler.handle(Future.failedFuture(new HttpStatusException(302, uri))); } catch (Exception e) { logger.warn("Failed to decode login redirect url", e); handler.handle(Future.failedFuture(new HttpStatusException(302, loginRedirectURL))); } } else { handler.handle(Future.failedFuture("No session - did you forget to include a SessionHandler?")); } } }