@Override protected AuthProvider setupAuthenticationRoutes() { AppGlobals globals = AppGlobals.get(); AuthProvider auth = ShiroAuth.create(globals.getVertx(), new ShiroAuthOptions() .setType(ShiroAuthRealmType.PROPERTIES) .setConfig(new JsonObject() .put("properties_path", globals.getConfig().getString("security_definitions")))); globals.getRouter().route().handler(UserSessionHandler.create(auth)); JsonObject keyStoreOptions = new JsonObject().put("keyStore", globals.getConfig().getJsonObject("keystore")); // attempt to load a Key file JWTAuth jwtAuth = JWTAuth.create(globals.getVertx(), new JWTAuthOptions(keyStoreOptions)); JWTAuthHandler jwtAuthHandler = JWTAuthHandler.create(jwtAuth); globals.setGlobal(JWTAuth.class, jwtAuth); globals.getRouter().route().handler(context -> { // only filter if we have a header, otherwise it will try to force auth, regardless if whether // we want auth if(context.request().getHeader(HttpHeaders.AUTHORIZATION) != null) jwtAuthHandler.handle(context); else context.next(); }); return auth; }
@Override protected AuthProvider setupAuthenticationRoutes() { JsonObject keycloackConfig = AppGlobals.get().getConfig().getJsonObject("keycloack"); OAuth2Auth authWeb = KeycloakAuth.create(AppGlobals.get().getVertx(), keycloackConfig); OAuth2Auth authApi = KeycloakAuth.create(AppGlobals.get().getVertx(), OAuth2FlowType.PASSWORD, keycloackConfig); // FIXME: URL OAuth2AuthHandler authHandler = OAuth2AuthHandler.create((OAuth2Auth) authWeb, "http://localhost:9000/callback"); Router router = AppGlobals.get().getRouter(); // FIXME: crazy!! AuthProvider authProvider = AuthProvider.newInstance(authWeb.getDelegate()); router.route().handler(UserSessionHandler.create(authProvider)); authHandler.setupCallback(router.get("/callback")); JWTAuth jwtAuth = JWTAuth.create(AppGlobals.get().getVertx(), new JWTAuthOptions(new JsonObject() .put("keyStore", AppGlobals.get().getConfig().getJsonObject("keystore")))); AppGlobals.get().setGlobal(JWTAuth.class, jwtAuth); JWTAuthHandler jwtAuthHandler = JWTAuthHandler.create(jwtAuth, "/wiki/api/token"); // FIXME: just use different routers router.route().handler(ctx -> { if(!ctx.request().uri().startsWith("/wiki/api/")) authHandler.handle(ctx); else jwtAuthHandler.handle(ctx); }); return AuthProvider.newInstance(authApi.getDelegate()); }
UserSessionHandler userSessionHandler = UserSessionHandler.create(userAuthProvider);
UserSessionHandler userSessionHandler = UserSessionHandler.create(userAuthProvider);
router.route().handler(UserSessionHandler.create(authProvider));