private String getUserName() { AccessToken tok = (AccessToken) user.getDelegate(); return tok.accessToken().getString("preferred_username"); }
boolean canCreate = await(user.rxIsAuthorised("create")); boolean canUpdate = await(user.rxIsAuthorised("update")); boolean canDelete = await(user.rxIsAuthorised("delete")); JsonArray permissions = new JsonArray(); if(canCreate)
private String getUserName() { return user.principal().getString("username"); }
@Override public void setUser(User user) { // System.err.println("setUser: "+user); ResteasyProviderFactory.pushContext(io.vertx.reactivex.ext.auth.User.class, io.vertx.reactivex.ext.auth.User.newInstance(user)); delegate.setUser(user); }
@Override public void setUser(User user) { // System.err.println("setUser: "+user); ResteasyProviderFactory.pushContext(io.vertx.reactivex.ext.auth.User.class, io.vertx.reactivex.ext.auth.User.newInstance(user)); delegate.setUser(user); }
if (authenticatedUser == null || !(authenticatedUser.getDelegate() instanceof io.gravitee.am.gateway.handler.vertx.auth.user.User)) { io.gravitee.am.model.User endUser = ((io.gravitee.am.gateway.handler.vertx.auth.user.User) authenticatedUser.getDelegate()).getUser(); Date loggedAt = endUser.getLoggedAt(); if (loggedAt == null) {
boolean canCreate = await(user.rxIsAuthorised("create")); boolean canUpdate = await(user.rxIsAuthorised("update")); boolean canDelete = await(user.rxIsAuthorised("delete")); JsonArray permissions = new JsonArray(); if(canCreate)
.append("username", user.principal().getValue("username")) .append("timestamp", timestamp) .append("comment", content);
if (authenticatedUser == null || !(authenticatedUser.getDelegate() instanceof io.gravitee.am.gateway.handler.vertx.auth.user.User)) { io.gravitee.am.model.User endUser = ((io.gravitee.am.gateway.handler.vertx.auth.user.User) authenticatedUser.getDelegate()).getUser(); Date loggedAt = endUser.getLoggedAt(); if (loggedAt == null) {
@Path("/save") @POST public Single<Response> save(@FormParam("id") String id, @FormParam("title") String title, @FormParam("markdown") String markdown, @FormParam("newPage") String newPage){ return fiber((con) -> { boolean isNewPage = "yes".equals(newPage); String requiredPermission = isNewPage ? "create" : "update"; if(!await(user.rxIsAuthorised(requiredPermission))) throw new AuthorizationException("Not authorized"); String sql = isNewPage ? SQL.SQL_CREATE_PAGE : SQL.SQL_SAVE_PAGE; JsonArray params = new JsonArray(); if (isNewPage) { params.add(title).add(markdown); } else { params.add(markdown).add(id); } await(con.rxUpdateWithParams(sql, params)); URI location = Router.getURI(WikiResource::renderPage, title); return Response.seeOther(location).build(); }); }
@Override public void handle(RoutingContext context) { // The authorization server first validates the client credentials (in // case of a confidential client) and then verifies whether the token // was issued to the client making the revocation request. If this // validation fails, the request is refused and the client is informed // of the error by the authorization server as described below. User authenticatedUser = context.user(); if (authenticatedUser == null || ! (authenticatedUser.getDelegate() instanceof Client)) { throw new InvalidClientException("Invalid client"); } Client client = (Client) authenticatedUser.getDelegate(); revocationTokenService .revoke(createRequest(context), client.getClient()) .subscribe(() -> context.response().setStatusCode(200).end(), error -> context.fail(error)); }
@GET public Single<Template> index(){ return fiber(() -> { List<Pages> res = await(dao.findAll()); List<String> pages = res .stream() .map(page -> page.getName()) .sorted() .collect(Collectors.toList()); boolean canCreatePage = await(user.rxIsAuthorised("create")); return new Template("templates/index.ftl") .set("title", "Wiki home") .set("pages", pages) .set("canCreatePage", canCreatePage) .set("username", getUserName()) .set("backup_gist_url", flash.get("backup_gist_url")); }); }
@Override public void handle(RoutingContext context) { // The authorization server first validates the client credentials (in // case of a confidential client) and then verifies whether the token // was issued to the client making the revocation request. If this // validation fails, the request is refused and the client is informed // of the error by the authorization server as described below. User authenticatedUser = context.user(); if (authenticatedUser == null || ! (authenticatedUser.getDelegate() instanceof Client)) { throw new InvalidClientException("Invalid client"); } Client client = (Client) authenticatedUser.getDelegate(); revocationTokenService .revoke(createRequest(context), client.getClient()) .subscribe(() -> context.response().setStatusCode(200).end(), error -> context.fail(error)); }
@GET public Single<Template> index(){ return fiber((con) -> { ResultSet res = await(con.rxQuery(SQL.SQL_ALL_PAGES)); List<String> pages = res.getResults() .stream() .map(json -> json.getString(0)) .sorted() .collect(Collectors.toList()); boolean canCreatePage = await(user.rxIsAuthorised("create")); return new Template("templates/index.ftl") .set("title", "Wiki home") .set("pages", pages) .set("canCreatePage", canCreatePage) .set("username", getUserName()) .set("backup_gist_url", flash.get("backup_gist_url")); }); }
if (authenticatedUser == null || ! (authenticatedUser.getDelegate() instanceof io.gravitee.am.gateway.handler.vertx.auth.user.User)) { throw new AccessDeniedException(); io.gravitee.am.model.User endUser = ((io.gravitee.am.gateway.handler.vertx.auth.user.User) authenticatedUser.getDelegate()).getUser();
@Path("/save") @POST public Single<Response> save(@FormParam("id") String id, @FormParam("title") String title, @FormParam("markdown") String markdown, @FormParam("newPage") String newPage){ return fiber(() -> { boolean isNewPage = "yes".equals(newPage); String requiredPermission = isNewPage ? "create" : "update"; if(!await(user.rxIsAuthorised(requiredPermission))) throw new AuthorizationException("Not authorized"); io.reactivex.Single<Integer> query; if(isNewPage) query = dao.insert(new Pages().setName(title).setContent(markdown)); else query = dao.update(new Pages().setId(Integer.valueOf(id)).setContent(markdown).setName(title)); await(query); URI location = Router.getURI(WikiResource::renderPage, title); return Response.seeOther(location).build(); }); }
if (authenticatedUser == null || ! (authenticatedUser.getDelegate() instanceof io.gravitee.am.gateway.handler.vertx.auth.user.User)) { throw new AccessDeniedException(); io.gravitee.am.model.User endUser = ((io.gravitee.am.gateway.handler.vertx.auth.user.User) authenticatedUser.getDelegate()).getUser();
rawContent = res.get().getContent(); if(newPage && !await(user.rxIsAuthorised("create"))) throw new AuthorizationException("Not authorized"); boolean canUpdate = await(user.rxIsAuthorised("update")); boolean canDelete = await(user.rxIsAuthorised("delete")); return new Template("templates/page.ftl") .set("username", getUserName())
if (authenticatedUser == null || ! (authenticatedUser.getDelegate() instanceof io.gravitee.am.gateway.handler.vertx.auth.user.User)) { throw new AccessDeniedException(); io.gravitee.am.model.User endUser = ((io.gravitee.am.gateway.handler.vertx.auth.user.User) authenticatedUser.getDelegate()).getUser();
rawContent = row.getString(1); if(newPage && !await(user.rxIsAuthorised("create"))) throw new AuthorizationException("Not authorized"); boolean canUpdate = await(user.rxIsAuthorised("update")); boolean canDelete = await(user.rxIsAuthorised("delete")); return new Template("templates/page.ftl") .set("username", getUserName())