@Override public boolean configure(final FeatureContext featureContext) { final UserRepository userRepo = CDI.current().select(UserRepository.class).get(); final Authenticator<String, User> authenticator = new GoogleAuthenticator( authConfig.getClientId(), userRepo, authConfig.getHostedDomain() ); final Authenticator<String, User> cachingAuthenticator = new CachingAuthenticator<>( metricRegistry, authenticator, authConfig.getAuthenticationCachePolicy() ); featureContext.register(new AuthDynamicFeature( new OAuthCredentialAuthFilter.Builder<User>() .setAuthenticator(cachingAuthenticator) .setPrefix("Bearer") .buildAuthFilter())); featureContext.register(new AuthValueFactoryProvider.Binder<>(User.class)); return true; }
private static void setupLdapAuth(LdapConfiguration ldapConfiguration, Environment environment) { final LdapAuthenticator ldapAuthenticator = new LdapAuthenticator(ldapConfiguration); final ResourceAuthenticator canAuthenticate = new ResourceAuthenticator( new LdapCanAuthenticate(ldapConfiguration)); final CachingAuthenticator<BasicCredentials, BasicCredentials> cachingAuthenticator = new CachingAuthenticator<>( environment.metrics(), TenacityAuthenticator.wrap( new ResourceAuthenticator(ldapAuthenticator), BreakerboxDependencyKey.BRKRBX_LDAP_AUTH), ldapConfiguration.getCachePolicy() ); environment.healthChecks().register("ldap-auth", new LdapHealthCheck<>(TenacityAuthenticator .wrap(canAuthenticate, BreakerboxDependencyKey.BRKRBX_LDAP_AUTH))); environment.jersey().register(new BasicAuthProvider<>(cachingAuthenticator, "breakerbox")); }
private static void setupLdapAuth(LdapConfiguration ldapConfiguration, Environment environment) { final LdapAuthenticator ldapAuthenticator = new LdapAuthenticator(ldapConfiguration); final CachingAuthenticator<BasicCredentials, User> cachingAuthenticator = new CachingAuthenticator<>( environment.metrics(), TenacityAuthenticator.wrap( new ResourceAuthenticator(ldapAuthenticator), BreakerboxDependencyKey.BRKRBX_LDAP_AUTH), ldapConfiguration.getCachePolicy() ); environment.jersey().register(new AuthDynamicFeature( new BasicCredentialAuthFilter.Builder<User>() .setAuthenticator(cachingAuthenticator) .setRealm("breakerbox") .buildAuthFilter())); environment.jersey().register(new AuthValueFactoryProvider.Binder<>(User.class)); }
@Override public void run(ExampleAppConfiguration configuration, Environment environment) throws Exception { final LdapConfiguration ldapConfiguration = configuration.getLdapConfiguration(); Authenticator<BasicCredentials, User> ldapAuthenticator = new CachingAuthenticator<>( environment.metrics(), new ResourceAuthenticator(new LdapAuthenticator(ldapConfiguration)), ldapConfiguration.getCachePolicy()); environment.jersey().register(new AuthDynamicFeature( new BasicCredentialAuthFilter.Builder<User>() .setAuthenticator(ldapAuthenticator) .setRealm("LDAP") .buildAuthFilter())); environment.jersey().register(new AuthValueFactoryProvider.Binder<>(User.class)); environment.healthChecks().register("ldap", new LdapHealthCheck<>( new ResourceAuthenticator(new LdapCanAuthenticate(ldapConfiguration)))); }
private void registerAuthorizationProviders(final AugmentedConfiguration augmentedConfiguration, final Environment environment) { final UserDao userDao = injector.getInstance(UserDao.class); final BasicAuthenticator basicAuthenticator = new BasicAuthenticator(userDao); final CachingAuthenticator cachingAuthenticator = new CachingAuthenticator(environment.metrics(), basicAuthenticator, augmentedConfiguration.getAuthCacheBuilder()); final Binder authBinder = AuthFactory.binder(new BasicAuthFactory(cachingAuthenticator, "Basic auth", User.class)); environment.jersey().register(authBinder); }
private void setupAuthentication(ApiServerConfig cfg, Environment env) throws Exception { final Client client = new RestClientBuilder(env, cfg).build(getName()); // Health check for oauth2 server presence final OAuth2HealthCheck healthCheck = new OAuth2HealthCheck(cfg.getOauth2Config(), client); env.healthChecks().register("Oauth2 server", healthCheck); // Setting up the oauth2 authenticator CookieEncrypter cookieEncrypter = new CookieEncrypter(cfg.getOauth2Config().getCookieSecretKey()); boolean https = ((DefaultServerFactory)cfg.getServerFactory()).getApplicationConnectors().get(0) instanceof HttpsConnectorFactory; cookieEncrypter.setSecureFlag(https); OAuth2Authenticator authenticator = new OAuth2Authenticator(cfg.getOauth2Config(), client); // Using cache authenticator CachingAuthenticator<OAuth2Credentials, User> cachingAuthenticator = new CachingAuthenticator<OAuth2Credentials, User>(env.metrics(), authenticator, cfg.getCacheSpec()); final OAuth2AuthFilter<User> oAuth2AuthFilter = new OAuth2AuthFilter.Builder<OAuth2Credentials, User, OAuth2AuthFilter<User>, CachingAuthenticator<OAuth2Credentials, User>>() .setAuthenticator(cachingAuthenticator) .setCookieEncrypter(cookieEncrypter) .build(); env.jersey().register(new AuthDynamicFeature(oAuth2AuthFilter)); env.jersey().register(RolesAllowedDynamicFeature.class); env.jersey().register(new AuthValueFactoryProvider.Binder<User>(User.class)); // Register the oauth2 resource that handles client authentication final OAuth2Resource or = new OAuth2Resource(client, cfg.getOauth2Config(), cookieEncrypter); env.jersey().register(or); }
@Test public void testCreateCachingAuthentiator() throws AuthenticationException { AllowedPeerConfiguration config = new AllowedPeerConfiguration(); config.setCredentialFile("peers/test-peers.properties"); config.setCachePolicy(CacheBuilderSpec.parse("maximumSize=100, expireAfterAccess=10m")); CachingAuthenticator<BasicCredentials, Peer> cachingAuthenticator = config.createCachingAuthenticator(new MetricRegistry()); assertTrue(cachingAuthenticator.authenticate(new BasicCredentials("foo", "bar")).isPresent()); }
private BasicAuthFactory<String> createBasicAuthFactory(AuthConfiguration config, MetricRegistry metrics) { Authenticator<BasicCredentials, String> authenticator = createAuthenticator(config); Optional<String> cacheSpec = config.getCacheSpec(); if (cacheSpec.isPresent()) { CacheBuilderSpec spec = CacheBuilderSpec.parse(cacheSpec.get()); authenticator = new CachingAuthenticator<>(metrics, authenticator, spec); } return new BasicAuthFactory<>(authenticator, config.getRealm(), String.class); }
/** * example of registering cache authenticator * * @param e */ private void registerCacheAuthenticator(Environment e) { CachingAuthenticator<BasicCredentials, Boolean> authenticator = new CachingAuthenticator<BasicCredentials, Boolean>( e.metrics(), new DefaultAuthenticator(), CacheBuilderSpec.parse("maximumSize=100, expireAfterAccess=30m") ); e.jersey().register(new BasicAuthProvider<Boolean>(authenticator, "Cached restfull API authentication")); }
/** * @param metrics A metrics registry * @return The Authenticator you'd get by calling {@code createAuthenticator} directly, but wrapped in the Dropwizard * CachingAuthenticator proxy with this configuration object's {@code cachePolicy} applied to it. */ public CachingAuthenticator<BasicCredentials, Peer> createCachingAuthenticator(MetricRegistry metrics) { Preconditions.checkNotNull(this.cachePolicy, "Illegal call to createCachingAuthenticator() when the configuration " + "object's cachePolicy attribute is null"); return new CachingAuthenticator<>(metrics, createAuthenticator(), this.cachePolicy); }
