@Override protected OutboundSecurityResponse syncOutbound(ProviderRequest providerRequest, SecurityEnvironment outboundEnv, EndpointConfig outboundEndpointConfig) { return providerRequest.securityContext() .user() .flatMap(subject -> subject.publicCredential(TokenCredential.class)) .map(token -> outboundSecurity(providerRequest, outboundEnv, outboundEndpointConfig, token)) .orElse(OutboundSecurityResponse.abstain()); }
private OutboundSecurityResponse outboundSecurity(ProviderRequest providerRequest, SecurityEnvironment outboundEnv, EndpointConfig outboundEndpointConfig, TokenCredential token) { if (!token.getIssuer().map(issuer -> issuer.endsWith(".google.com")).orElse(false)) { // not our token :( return OutboundSecurityResponse.abstain(); } Map<String, List<String>> headers = new TreeMap<>(String.CASE_INSENSITIVE_ORDER); headers.putAll(outboundEnv.headers()); tokenHandler.header(headers, token.token()); return OutboundSecurityResponse.withHeaders(headers); }
@Override protected OutboundSecurityResponse syncOutbound(ProviderRequest providerRequest, SecurityEnvironment outboundEnv, EndpointConfig outboundEndpointConfig) { Optional<Subject> toPropagate; if (subjectType == SubjectType.USER) { toPropagate = providerRequest.securityContext().user(); } else { toPropagate = providerRequest.securityContext().service(); } return toPropagate .map(Subject::principal) .map(Principal::id) .map(id -> { Map<String, List<String>> headers = new HashMap<>(); outboundTokenHandler.header(headers, id); return OutboundSecurityResponse.withHeaders(headers); }) .orElse(OutboundSecurityResponse.abstain()); }
.completedFuture(new OutboundCall(OutboundSecurityResponse.abstain(), providerRequest, outboundEnv,
@Override protected OutboundSecurityResponse syncOutbound(ProviderRequest providerRequest, SecurityEnvironment outboundEnv, EndpointConfig outboundEndpointConfig) { Optional<Subject> toPropagate; if (subjectType == SubjectType.USER) { toPropagate = providerRequest.getContext().getUser(); } else { toPropagate = providerRequest.getContext().getService(); } return toPropagate .map(Subject::getPrincipal) .map(Principal::getId) .map(id -> { Map<String, List<String>> headers = new HashMap<>(); outboundTokenHandler.setHeader(headers, id); return OutboundSecurityResponse.withHeaders(headers); }) .orElse(OutboundSecurityResponse.abstain()); }
@Override protected OutboundSecurityResponse syncOutbound(ProviderRequest providerRequest, SecurityEnvironment outboundEnv, EndpointConfig outboundEndpointConfig) { Optional<Subject> toPropagate; if (subjectType == SubjectType.USER) { toPropagate = providerRequest.securityContext().user(); } else { toPropagate = providerRequest.securityContext().service(); } return toPropagate .map(Subject::principal) .map(Principal::id) .map(id -> { Map<String, List<String>> headers = new HashMap<>(); outboundTokenHandler.header(headers, id); return OutboundSecurityResponse.withHeaders(headers); }) .orElse(OutboundSecurityResponse.abstain()); }