/** * Fails the context with the error code determined from an exception. * <p> * This method invokes {@link AuthHandlerTools#processException(RoutingContext, Throwable, String)}. * * @param ctx The routing context. * @param exception The cause of failure to process the request. */ @Override protected void processException(final RoutingContext ctx, final Throwable exception) { if (ctx.response().ended()) { return; } AuthHandlerTools.processException(ctx, exception, authenticateHeader(ctx)); }
@Override public void parseCredentials(final RoutingContext context, final Handler<AsyncResult<JsonObject>> handler) { parseAuthorization(context, false, parseAuthorization -> { if (parseAuthorization.failed()) { handler.handle(Future.failedFuture(parseAuthorization.cause())); return; } final String suser; final String spass; try { // decode the payload final String decoded = new String(Base64.getDecoder().decode(parseAuthorization.result())); final int colonIdx = decoded.indexOf(":"); if (colonIdx != -1) { suser = decoded.substring(0, colonIdx); spass = decoded.substring(colonIdx + 1); } else { suser = decoded; spass = null; } } catch (RuntimeException e) { // IllegalArgumentException includes PatternSyntaxException context.fail(e); return; } handler.handle(Future.succeededFuture(new JsonObject().put("username", suser).put("password", spass))); }); }
@Override protected void addRoutes(final Router router) { if (getConfig().isAuthenticationRequired()) { final ChainAuthHandler authHandler = new HonoChainAuthHandler(); authHandler.append(new X509AuthHandler( Optional.ofNullable(clientCertAuthProvider).orElse( new X509AuthProvider(getCredentialsServiceClient(), getConfig())), getTenantServiceClient(), tracer)); authHandler.append(new HonoBasicAuthHandler( Optional.ofNullable(usernamePasswordAuthProvider).orElse( new UsernamePasswordAuthProvider(getCredentialsServiceClient(), getConfig())), getConfig().getRealm())); addTelemetryApiRoutes(router, authHandler); addEventApiRoutes(router, authHandler); addCommandResponseRoutes(router, authHandler); } else { LOG.warn("device authentication has been disabled"); LOG.warn("any device may publish data on behalf of all other devices"); addTelemetryApiRoutes(router, null); addEventApiRoutes(router, null); addCommandResponseRoutes(router, null); } }
@Override protected void addRoutes(final Router router) { if (getConfig().isAuthenticationRequired()) { final ChainAuthHandler authHandler = ChainAuthHandler.create(); authHandler.append(new X509AuthHandler( new TenantServiceBasedX509Authentication(getTenantServiceClient(), tracer), Optional.ofNullable(clientCertAuthProvider).orElse( new X509AuthProvider(getCredentialsServiceClient(), getConfig(), tracer)))); authHandler.append(new HonoBasicAuthHandler( Optional.ofNullable(usernamePasswordAuthProvider).orElse( new UsernamePasswordAuthProvider(getCredentialsServiceClient(), getConfig(), tracer)), getConfig().getRealm(), tracer)); addTelemetryApiRoutes(router, authHandler); addEventApiRoutes(router, authHandler); addCommandResponseRoutes(router, authHandler); } else { LOG.warn("device authentication has been disabled"); LOG.warn("any device may publish data on behalf of all other devices"); addTelemetryApiRoutes(router, null); addEventApiRoutes(router, null); addCommandResponseRoutes(router, null); } }