router.route("/api/*").handler(JWTAuthHandler.create(jwt, "/api/newToken"));
router.route("/api/protected").handler(JWTAuthHandler.create(jwt)); router.route("/api/protected/defcon1").handler(JWTAuthHandler.create(jwt).addAuthority("defcon1")); router.route("/api/protected/defcon2").handler(JWTAuthHandler.create(jwt).addAuthority("defcon2")); router.route("/api/protected/defcon3").handler(JWTAuthHandler.create(jwt).addAuthority("defcon3"));
}); router.route("/api/protected*").handler(JWTAuthHandler.create(jwt));
@Test public void testLogin() throws Exception { Handler<RoutingContext> handler = rc -> { assertNotNull(rc.user()); assertEquals("paulo", rc.user().principal().getString("sub")); rc.response().end("Welcome to the protected resource!"); }; router.route("/protected/*").handler(JWTAuthHandler.create(authProvider)); router.route("/protected/somepage").handler(handler); testRequest(HttpMethod.GET, "/protected/somepage", null, resp -> { }, 401, "Unauthorized", null); // Now try again with credentials testRequest(HttpMethod.GET, "/protected/somepage", req -> req.putHeader("Authorization", "Bearer " + authProvider.generateToken(new JsonObject().put("sub", "paulo"), new JWTOptions())), 200, "OK", "Welcome to the protected resource!"); }
@Test public void testLoginFail() throws Exception { Handler<RoutingContext> handler = rc -> { fail("should not get here"); rc.response().end("Welcome to the protected resource!"); }; router.route("/protected/*").handler(JWTAuthHandler.create(authProvider)); router.route("/protected/somepage").handler(handler); testRequest(HttpMethod.GET, "/protected/somepage", null, 401, "Unauthorized", null); // Now try again with bad token final String token = authProvider.generateToken(new JsonObject().put("sub", "paulo"), new JWTOptions()); testRequest(HttpMethod.GET, "/protected/somepage", req -> req.putHeader("Authorization", "Bearer x" + token), 401, "Unauthorized", null); testRequest(HttpMethod.GET, "/protected/somepage", req -> req.putHeader("Authorization", "Basic " + token), 401, "Unauthorized", null); } }
@Override public void setUp() throws Exception { super.setUp(); JsonObject authConfig = new JsonObject().put("properties_path", "classpath:login/loginusers.properties"); AuthProvider authProvider = ShiroAuth.create(vertx, new ShiroAuthOptions().setType(ShiroAuthRealmType.PROPERTIES).setConfig(authConfig)); // create a chain chain = ChainAuthHandler.create(); chain .append(JWTAuthHandler.create(null)) .append(BasicAuthHandler.create(authProvider)) .append(RedirectAuthHandler.create(authProvider)); router.route().handler(SessionHandler.create(LocalSessionStore.create(vertx))); router.route().handler(chain); router.route().handler(ctx -> ctx.response().end()); }
/** * Create a JWT auth handler * @param authProvider the auth provider to use. * @param skip * @return the auth handler */ public static io.vertx.rxjava.ext.web.handler.JWTAuthHandler create(io.vertx.rxjava.ext.auth.jwt.JWTAuth authProvider, String skip) { io.vertx.rxjava.ext.web.handler.JWTAuthHandler ret = io.vertx.rxjava.ext.web.handler.JWTAuthHandler.newInstance(io.vertx.ext.web.handler.JWTAuthHandler.create(authProvider.getDelegate(), skip)); return ret; }
/** * Create a JWT auth handler * @param authProvider the auth provider to use. * @param skip * @return the auth handler */ public static io.vertx.rxjava.ext.web.handler.JWTAuthHandler create(io.vertx.rxjava.ext.auth.jwt.JWTAuth authProvider, String skip) { io.vertx.rxjava.ext.web.handler.JWTAuthHandler ret = io.vertx.rxjava.ext.web.handler.JWTAuthHandler.newInstance(io.vertx.ext.web.handler.JWTAuthHandler.create(authProvider.getDelegate(), skip)); return ret; }
/** * Create a JWT auth handler * @param authProvider the auth provider to use * @return the auth handler */ public static io.vertx.rxjava.ext.web.handler.JWTAuthHandler create(io.vertx.rxjava.ext.auth.jwt.JWTAuth authProvider) { io.vertx.rxjava.ext.web.handler.JWTAuthHandler ret = io.vertx.rxjava.ext.web.handler.JWTAuthHandler.newInstance(io.vertx.ext.web.handler.JWTAuthHandler.create(authProvider.getDelegate())); return ret; }
/** * Create a JWT auth handler * @param authProvider the auth provider to use * @return the auth handler */ public static io.vertx.rxjava.ext.web.handler.JWTAuthHandler create(io.vertx.rxjava.ext.auth.jwt.JWTAuth authProvider) { io.vertx.rxjava.ext.web.handler.JWTAuthHandler ret = io.vertx.rxjava.ext.web.handler.JWTAuthHandler.newInstance(io.vertx.ext.web.handler.JWTAuthHandler.create(authProvider.getDelegate())); return ret; }
@Test public void testLogin() throws Exception { Handler<RoutingContext> handler = rc -> { assertNotNull(rc.user()); assertEquals("paulo", rc.user().principal().getString("sub")); rc.response().end("Welcome to the protected resource!"); }; router.route("/protected/*").handler(JWTAuthHandler.create(authProvider)); router.route("/protected/somepage").handler(handler); testRequest(HttpMethod.GET, "/protected/somepage", null, resp -> { }, 401, "Unauthorized", null); // Now try again with credentials testRequest(HttpMethod.GET, "/protected/somepage", req -> req.putHeader("Authorization", "Bearer " + authProvider.generateToken(new JsonObject().put("sub", "paulo"), new JWTOptions())), 200, "OK", "Welcome to the protected resource!"); }
@Test public void testLoginFail() throws Exception { Handler<RoutingContext> handler = rc -> { fail("should not get here"); rc.response().end("Welcome to the protected resource!"); }; router.route("/protected/*").handler(JWTAuthHandler.create(authProvider)); router.route("/protected/somepage").handler(handler); testRequest(HttpMethod.GET, "/protected/somepage", null, 401, "Unauthorized", null); // Now try again with bad token final String token = authProvider.generateToken(new JsonObject().put("sub", "paulo"), new JWTOptions()); testRequest(HttpMethod.GET, "/protected/somepage", req -> req.putHeader("Authorization", "Bearer x" + token), 401, "Unauthorized", null); testRequest(HttpMethod.GET, "/protected/somepage", req -> req.putHeader("Authorization", "Basic " + token), 401, "Unauthorized", null); } }
@Override public void setUp() throws Exception { super.setUp(); JsonObject authConfig = new JsonObject().put("properties_path", "classpath:login/loginusers.properties"); AuthProvider authProvider = ShiroAuth.create(vertx, new ShiroAuthOptions().setType(ShiroAuthRealmType.PROPERTIES).setConfig(authConfig)); // create a chain chain = ChainAuthHandler.create(); chain .append(JWTAuthHandler.create(null)) .append(BasicAuthHandler.create(authProvider)) .append(RedirectAuthHandler.create(authProvider)); router.route().handler(SessionHandler.create(LocalSessionStore.create(vertx))); router.route().handler(chain); router.route().handler(ctx -> ctx.response().end()); }