Java Code Examples for io.quarkus.security.identity.SecurityIdentity#isAnonymous()

The following examples show how to use io.quarkus.security.identity.SecurityIdentity#isAnonymous() . You can vote up the ones you like or vote down the ones you don't like, and go to the original project or source file by following the links above each example. You may check out the related API usage on the sidebar.
Example 1
Source File: PrincipalNameFromParameterObjectSecurityCheck.java    From quarkus with Apache License 2.0 6 votes vote down vote up 
@Override
public void apply(SecurityIdentity identity, Method method, Object[] parameters) {
    if (index > parameters.length - 1) {
        throw genericNotApplicableException(method);
    }
    Object parameterValue = parameters[index];
    if (!expectedParameterClass.equals(parameterValue.getClass())) {
        throw genericNotApplicableException(method);
    }

    String parameterValueStr = getStringValue(parameterValue);

    if (identity.isAnonymous()) {
        throw new UnauthorizedException();
    }

    String name = identity.getPrincipal().getName();
    if (!name.equals(parameterValueStr)) {
        throw new ForbiddenException();
    }
}
Example 2
Source File: QuarkusAuthMechanism.java    From quarkus with Apache License 2.0 6 votes vote down vote up 
@Override
public AuthenticationMechanismOutcome authenticate(HttpServerExchange exchange, SecurityContext securityContext) {
    VertxHttpExchange delegate = (VertxHttpExchange) exchange.getDelegate();
    RoutingContext context = (RoutingContext) delegate.getContext();
    try {
        SecurityIdentity identity = QuarkusHttpUser.getSecurityIdentityBlocking(context, null);
        if (identity != null && !identity.isAnonymous()) {
            //associate the identity
            securityContext.authenticationComplete(new QuarkusUndertowAccount(identity), "Quarkus",
                    false);
            return AuthenticationMechanismOutcome.AUTHENTICATED;
        }
        return AuthenticationMechanismOutcome.NOT_ATTEMPTED;
    } catch (AuthenticationFailedException e) {
        return AuthenticationMechanismOutcome.NOT_AUTHENTICATED;
    }
}
Example 3
Source File: RolesAllowedCheck.java    From quarkus with Apache License 2.0 5 votes vote down vote up 
@Override
public void apply(SecurityIdentity identity, Method method, Object[] parameters) {
    for (String role : allowedRoles) {
        if (identity.hasRole(role) || ("**".equals(role) && !identity.isAnonymous())) {
            return;
        }
    }
    if (identity.isAnonymous()) {
        throw new UnauthorizedException();
    } else {
        throw new ForbiddenException();
    }
}
Example 4
Source File: DenyAllCheck.java    From quarkus with Apache License 2.0 5 votes vote down vote up 
@Override
public void apply(SecurityIdentity identity, Method method, Object[] parameters) {
    if (identity.isAnonymous()) {
        throw new UnauthorizedException();
    } else {
        throw new ForbiddenException();
    }
}
Example 5
Source File: QuarkusResteasySecurityContext.java    From quarkus with Apache License 2.0 5 votes vote down vote up 
@Override
public boolean isUserInRole(String role) {
    SecurityIdentity user = CurrentIdentityAssociation.current();
    if (role.equals("**")) {
        return !user.isAnonymous();
    }
    return user.hasRole(role);
}
Example 6
Source File: PrincipalNameFromParameterSecurityCheck.java    From quarkus with Apache License 2.0 5 votes vote down vote up 
@Override
public void apply(SecurityIdentity identity, Method method, Object[] parameters) {
    if (index > parameters.length - 1) {
        throw genericNotApplicableException(method);
    }
    Object parameterValue = parameters[index];
    if (!(parameterValue instanceof String)) {
        throw genericNotApplicableException(method);
    }
    String parameterValueStr = (String) parameterValue;

    if (identity.isAnonymous()) {
        throw new UnauthorizedException();
    }

    String name = identity.getPrincipal().getName();
    if (checkType == CheckType.EQ) {
        if (!name.equals(parameterValueStr)) {
            throw new ForbiddenException();
        }
    } else if (checkType == CheckType.NEQ) {
        if (name.equals(parameterValueStr)) {
            throw new ForbiddenException();
        }
    }

}
Example 7
Source File: AbstractBeanMethodSecurityCheck.java    From quarkus with Apache License 2.0 5 votes vote down vote up 
@Override
public void apply(SecurityIdentity identity, Method method, Object[] parameters) {
    if (check(identity, parameters)) {
        return;
    }
    if (identity.isAnonymous()) {
        throw new UnauthorizedException();
    } else {
        throw new ForbiddenException();
    }
}
Example 8
Source File: AuthenticatedCheck.java    From quarkus with Apache License 2.0 4 votes vote down vote up 
@Override
public void apply(SecurityIdentity identity, Method method, Object[] parameters) {
    if (identity.isAnonymous()) {
        throw new UnauthorizedException();
    }
}
Example 9
Source File: HttpAuthorizer.java    From quarkus with Apache License 2.0 4 votes vote down vote up 
private void doPermissionCheck(RoutingContext routingContext,
        Uni<SecurityIdentity> identity, int index,
        SecurityIdentity augmentedIdentity,
        List<HttpSecurityPolicy> permissionCheckers) {
    if (index == permissionCheckers.size()) {
        QuarkusHttpUser currentUser = (QuarkusHttpUser) routingContext.user();
        if (augmentedIdentity != null) {
            if (!augmentedIdentity.isAnonymous()
                    && (currentUser == null || currentUser.getSecurityIdentity() != augmentedIdentity)) {
                routingContext.setUser(new QuarkusHttpUser(augmentedIdentity));
                routingContext.put(QuarkusHttpUser.DEFERRED_IDENTITY_KEY, Uni.createFrom().item(augmentedIdentity));
            }
        }
        routingContext.next();
        return;
    }
    //get the current checker
    HttpSecurityPolicy res = permissionCheckers.get(index);
    res.checkPermission(routingContext, identity, CONTEXT)
            .subscribe().with(new Consumer<HttpSecurityPolicy.CheckResult>() {
                @Override
                public void accept(HttpSecurityPolicy.CheckResult checkResult) {
                    if (!checkResult.isPermitted()) {
                        doDeny(identity, routingContext);
                    } else {
                        if (checkResult.getAugmentedIdentity() != null) {
                            doPermissionCheck(routingContext, Uni.createFrom().item(checkResult.getAugmentedIdentity()),
                                    index + 1, checkResult.getAugmentedIdentity(), permissionCheckers);
                        } else {
                            //attempt to run the next checker
                            doPermissionCheck(routingContext, identity, index + 1, augmentedIdentity, permissionCheckers);
                        }
                    }
                }
            }, new Consumer<Throwable>() {
                @Override
                public void accept(Throwable throwable) {
                    routingContext.fail(throwable);
                }
            });
}
Example 10
Source File: AnonymousCheck.java    From quarkus with Apache License 2.0 4 votes vote down vote up 
@Override
public void apply(SecurityIdentity identity, Method method, Object[] parameters) {
    if (!identity.isAnonymous()) {
        throw new ForbiddenException();
    }
}