public static void checkUnauthorized(boolean condition, String message, Object... args) { if (!condition) { unauthorized(message, args); } }
private SingularityUserPermissionsResponse verify(String authHeaderValue) { try { return permissionsCache.get(authHeaderValue); } catch (Throwable t) { throw WebExceptions.unauthorized(String.format("Exception while verifying token: %s", t.getMessage())); } }
private String extractAuthHeader(ContainerRequestContext context) { final String authHeaderValue = context.getHeaderString(HttpHeaders.AUTHORIZATION); if (Strings.isNullOrEmpty(authHeaderValue)) { throw WebExceptions.unauthorized("No Authorization header present, please log in first"); } else { return authHeaderValue; } }
@Override public Optional<SingularityUser> getUser(ContainerRequestContext context) { final Optional<String> maybeUserId = Optional.ofNullable(Strings.emptyToNull(context.getUriInfo().getQueryParameters().getFirst("user"))); if (!maybeUserId.isPresent()) { throw WebExceptions.unauthorized("(QueryParam) No user specified"); } return authDatastore.getUser(maybeUserId.get()); } }
@Override public Optional<SingularityUser> getUser(ContainerRequestContext context) { final Optional<String> maybeUsername = getUserId(context); if (!maybeUsername.isPresent()) { throw WebExceptions.unauthorized("(HeaderPassthrough) Could not determine username from header"); } LOG.trace("(HeaderPassthrough) Found user {}", maybeUsername.get()); return authDatastore.getUser(maybeUsername.get()); } }
throw WebExceptions.unauthorized(String.format("Unable to authenticate using methods: %s", unauthorizedExceptionMessages)); } else { throw WebExceptions.unauthorized(String.format("Unable to authenticate user using methods: %s", authenticators.stream().map(SingularityAuthenticator::getClass).collect(Collectors.toList())));
throw WebExceptions.unauthorized(String.format("Unable to authenticate using methods: %s", unauthorizedExceptionMessages)); } else { throw WebExceptions.unauthorized(String.format("Unable to authenticate user using methods: %s", authenticators.stream().map(SingularityAuthenticator::getClass).collect(Collectors.toList())));
private SingularityUserPermissionsResponse verifyUncached(String authHeaderValue) { try { Response response = asyncHttpClient.prepareGet(webhookAuthConfiguration.getAuthVerificationUrl()) .addHeader("Authorization", authHeaderValue) .execute() .get(); if (response.getStatusCode() > 299) { throw WebExceptions.unauthorized(String.format("Got status code %d when verifying jwt", response.getStatusCode())); } else { String responseBody = response.getResponseBody(); SingularityUserPermissionsResponse permissionsResponse = objectMapper.readValue(responseBody, SingularityUserPermissionsResponse.class); if (!permissionsResponse.getUser().isPresent()) { throw WebExceptions.unauthorized(String.format("No user present in response %s", permissionsResponse)); } if (!permissionsResponse.getUser().get().isAuthenticated()) { throw WebExceptions.unauthorized(String.format("User not authenticated (response: %s)", permissionsResponse)); } permissionsCache.put(authHeaderValue, permissionsResponse); return permissionsResponse; } } catch (Throwable t) { throw new RuntimeException(t); } } }
public static void checkUnauthorized(boolean condition, String message, Object... args) { if (!condition) { unauthorized(message, args); } }
private SingularityUserPermissionsResponse verify(String authHeaderValue) { try { return permissionsCache.get(authHeaderValue); } catch (Throwable t) { throw WebExceptions.unauthorized(String.format("Exception while verifying token: %s", t.getMessage())); } }
private String extractAuthHeader(ContainerRequestContext context) { final String authHeaderValue = context.getHeaderString(HttpHeaders.AUTHORIZATION); if (Strings.isNullOrEmpty(authHeaderValue)) { throw WebExceptions.unauthorized("No Authorization header present, please log in first"); } else { return authHeaderValue; } }
@Override public Optional<SingularityUser> getUser(ContainerRequestContext context) { final Optional<String> maybeUserId = Optional.ofNullable(Strings.emptyToNull(context.getUriInfo().getQueryParameters().getFirst("user"))); if (!maybeUserId.isPresent()) { throw WebExceptions.unauthorized("(QueryParam) No user specified"); } return authDatastore.getUser(maybeUserId.get()); } }
@Override public Optional<SingularityUser> getUser(ContainerRequestContext context) { final Optional<String> maybeUsername = getUserId(context); if (!maybeUsername.isPresent()) { throw WebExceptions.unauthorized("(HeaderPassthrough) Could not determine username from header"); } LOG.trace("(HeaderPassthrough) Found user {}", maybeUsername.get()); return authDatastore.getUser(maybeUsername.get()); } }
throw WebExceptions.unauthorized(String.format("Unable to authenticate using methods: %s", unauthorizedExceptionMessages)); } else { throw WebExceptions.unauthorized(String.format("Unable to authenticate user using methods: %s", authenticators.stream().map(SingularityAuthenticator::getClass).collect(Collectors.toList())));
throw WebExceptions.unauthorized(String.format("Unable to authenticate using methods: %s", unauthorizedExceptionMessages)); } else { throw WebExceptions.unauthorized(String.format("Unable to authenticate user using methods: %s", authenticators.stream().map(SingularityAuthenticator::getClass).collect(Collectors.toList())));
private SingularityUserPermissionsResponse verifyUncached(String authHeaderValue) { try { Response response = asyncHttpClient.prepareGet(webhookAuthConfiguration.getAuthVerificationUrl()) .addHeader("Authorization", authHeaderValue) .execute() .get(); if (response.getStatusCode() > 299) { throw WebExceptions.unauthorized(String.format("Got status code %d when verifying jwt", response.getStatusCode())); } else { String responseBody = response.getResponseBody(); SingularityUserPermissionsResponse permissionsResponse = objectMapper.readValue(responseBody, SingularityUserPermissionsResponse.class); if (!permissionsResponse.getUser().isPresent()) { throw WebExceptions.unauthorized(String.format("No user present in response %s", permissionsResponse)); } if (!permissionsResponse.getUser().get().isAuthenticated()) { throw WebExceptions.unauthorized(String.format("User not authenticated (response: %s)", permissionsResponse)); } permissionsCache.put(authHeaderValue, permissionsResponse); return permissionsResponse; } } catch (Throwable t) { throw new RuntimeException(t); } } }