AccessToken user = (AccessToken) ctx.user();
@Override public User user() { return inner.user(); }
@Override public User user() { return decoratedContext.user(); }
if (ctx.user() == null) { ctx.fail(403); } else {
@Override public void writeToBuffer(Buffer buffer) { // try to get the user from the context otherwise fall back to any cached version User user = context != null ? context.user() : this.user; if (user instanceof ClusterSerializable) { buffer.appendByte((byte)1); String className = user.getClass().getName(); if (className == null) { throw new IllegalStateException("Cannot serialize " + user.getClass().getName()); } byte[] bytes = className.getBytes(StandardCharsets.UTF_8); buffer.appendInt(bytes.length); buffer.appendBytes(bytes); ClusterSerializable cs = (ClusterSerializable)user; cs.writeToBuffer(buffer); } else { buffer.appendByte((byte)0); } }
SockJSSession(Vertx vertx, LocalMap<String, SockJSSession> sessions, RoutingContext rc, String id, long timeout, long heartbeatInterval, Handler<SockJSSocket> sockHandler) { super(vertx, rc.session(), rc.user()); this.sessions = sessions; this.id = id; this.timeout = timeout; this.sockHandler = sockHandler; context = vertx.getOrCreateContext(); pendingReads = new InboundBuffer<>(context); // Start a heartbeat heartbeatID = vertx.setPeriodic(heartbeatInterval, tid -> { if (listener != null) { listener.sendFrame("h"); } }); }
private void addLoginHandler(Router router, AuthProvider authProvider) { router.route("/eventbus/*").handler(rc -> { // we need to be logged in if (rc.user() == null) { JsonObject authInfo = new JsonObject().put("username", "tim").put("password", "delicious:sausages"); authProvider.authenticate(authInfo, res -> { if (res.succeeded()) { rc.setUser(res.result()); rc.next(); } else { rc.fail(res.cause()); } }); } }); }
RawWebSocketTransport(Vertx vertx, Router router, Handler<SockJSSocket> sockHandler) { String wsRE = "/websocket"; router.get(wsRE).handler(rc -> { ServerWebSocket ws = rc.request().upgrade(); SockJSSocket sock = new RawWSSockJSSocket(vertx, rc.session(), rc.user(), ws); sockHandler.handle(sock); }); router.get(wsRE).handler(rc -> rc.response().setStatusCode(400).end("Can \"Upgrade\" only to \"WebSocket\".")); router.get(wsRE).handler(rc -> rc.response().putHeader("Allow", "GET").setStatusCode(405).end()); }
private void testLoginFail(boolean badUser) throws Exception { doLoginFail(badUser, rc -> { Session sess = rc.session(); assertNotNull(sess); assertEquals(sessionCookie.get().substring(18, 54), sess.id()); assertNotNull(rc.user()); rc.response().end("Welcome to the protected resource!"); }); }
@Test public void testLogin() throws Exception { Handler<RoutingContext> handler = rc -> { assertNotNull(rc.user()); assertEquals("paulo", rc.user().principal().getString("sub")); rc.response().end("Welcome to the protected resource!"); }; router.route("/protected/*").handler(JWTAuthHandler.create(authProvider)); router.route("/protected/somepage").handler(handler); testRequest(HttpMethod.GET, "/protected/somepage", null, resp -> { }, 401, "Unauthorized", null); // Now try again with credentials testRequest(HttpMethod.GET, "/protected/somepage", req -> req.putHeader("Authorization", "Bearer " + authProvider.generateToken(new JsonObject().put("sub", "paulo"), new JWTOptions())), 200, "OK", "Welcome to the protected resource!"); }
assertNotNull(rc.user()); rc.response().end("Welcome to the protected resource!"); });
@Test public void testLogin() throws Exception { doLogin(rc -> { Session sess = rc.session(); assertNotNull(sess); assertEquals(sessionCookie.get().substring(18, 50), sess.id()); assertNotNull(rc.user()); rc.response().end("Welcome to the protected resource!"); }); // And request it again testRequest(HttpMethod.GET, "/protected/somepage", req -> req.putHeader("cookie", sessionCookie.get()), resp -> { }, 200, "OK", "Welcome to the protected resource!"); // Now logout router.route("/logout").handler(rc -> { rc.clearUser(); rc.response().end("logged out"); }); testRequest(HttpMethod.GET, "/logout", req -> req.putHeader("cookie", sessionCookie.get()), resp -> { }, 200, "OK", "logged out"); testRequest(HttpMethod.GET, "/protected/somepage", req -> req.putHeader("cookie", sessionCookie.get()), resp -> { String location = resp.headers().get("location"); assertNotNull(location); assertEquals("/loginpage", location); }, 302, "Found", null); }
private void doLogin(String realm) throws Exception { Handler<RoutingContext> handler = rc -> { assertNotNull(rc.user()); assertEquals("tim", rc.user().principal().getString("username")); rc.response().end("Welcome to the protected resource!"); }; JsonObject authConfig = new JsonObject().put("properties_path", "classpath:login/loginusers.properties"); AuthProvider authProvider = ShiroAuth.create(vertx, new ShiroAuthOptions().setType(ShiroAuthRealmType.PROPERTIES).setConfig(authConfig)); router.route("/protected/*").handler(BasicAuthHandler.create(authProvider, realm)); router.route("/protected/somepage").handler(handler); testRequest(HttpMethod.GET, "/protected/somepage", null, resp -> { String wwwAuth = resp.headers().get("WWW-Authenticate"); assertNotNull(wwwAuth); assertEquals("Basic realm=\"" + realm + "\"", wwwAuth); }, 401, "Unauthorized", null); // Now try again with credentials testRequest(HttpMethod.GET, "/protected/somepage", req -> req.putHeader("Authorization", "Basic dGltOmRlbGljaW91czpzYXVzYWdlcw=="), resp -> { String wwwAuth = resp.headers().get("WWW-Authenticate"); assertNull(wwwAuth); }, 200, "OK", "Welcome to the protected resource!"); }
assertNotNull(rc.user()); rc.response().end("Welcome to the protected resource!"); });
if (rc.user() == null) { JsonObject authInfo = new JsonObject().put("username", username).put("password", "delicious:sausages"); authProvider.authenticate(authInfo, res -> {
@Test public void testBearerOnly() throws Exception { // lets mock a oauth2 server using code auth code flow OAuth2Auth oauth2 = OAuth2Auth.create(vertx, OAuth2FlowType.AUTH_CODE, new OAuth2ClientOptions().setClientID("client-id")); OAuth2AuthHandler oauth2Handler = OAuth2AuthHandler.create(oauth2); // protect everything under /protected router.route("/protected/*").handler(oauth2Handler); // mount some handler under the protected zone router.route("/protected/somepage").handler(rc -> { assertNotNull(rc.user()); rc.response().end("Welcome to the protected resource!"); }); testRequest(HttpMethod.GET, "/protected/somepage", 401, "Unauthorized"); // Now try again with fake credentials testRequest(HttpMethod.GET, "/protected/somepage", req -> req.putHeader("Authorization", "Bearer 4adc339e0"), 401, "Unauthorized", "Unauthorized"); }