Refactored auth code

pokki-deploy · pokki-deploy · commit 147e989413d9 · 2019-01-04T02:09:42.000+05:30
diff --git a/config-layers/common/in/erail/common/FrameworkConfiguration.properties b/config-layers/common/in/erail/common/FrameworkConfiguration.properties
@@ -3,4 +3,3 @@ $class=in.erail.common.FrameworkConfiguration
 $scope=GLOBAL
 
 redisClient=/io/vertx/redis/RedisClient
-oAuth2Auth=/io/vertx/ext/auth/oauth2/OAuth2Auth
diff --git a/config-layers/common/in/erail/route/LoadUserFromAccessTokenRouteBuilder.properties b/config-layers/common/in/erail/route/LoadUserFromAccessTokenRouteBuilder.properties
@@ -2,5 +2,5 @@
 $class=in.erail.route.LoadUserFromAccessTokenRouteBuillder
 
 vertx=/io/vertx/core/Vertx
+authProvider=/io/vertx/ext/auth/jwt/JWTAuth
 log=true
-userProvider=/in/erail/user/UserProvider
diff --git a/config-layers/common/in/erail/user/UserProvider.properties b/config-layers/common/in/erail/user/UserProvider.properties
diff --git a/config-layers/common/io/vertx/ext/auth/jwt/JWTAuth.properties b/config-layers/common/io/vertx/ext/auth/jwt/JWTAuth.properties
@@ -0,0 +1,8 @@
+#/io/vertx/ext/auth/jwt/JWTAuth
+$class=io.vertx.reactivex.ext.auth.jwt.JWTAuth
+$instanceFactory=/in/erail/factory/MethodInstanceFactory
+$factory.class=io.vertx.reactivex.ext.auth.jwt.JWTAuth
+$factory.method.name=create
+$factory.param.values=/io/vertx/core/Vertx,/io/vertx/ext/auth/jwt/JWTAuthOptions
+$factory.param.type=io.vertx.reactivex.core.Vertx,io.vertx.ext.auth.jwt.JWTAuthOptions
+$factory.enable=true
diff --git a/config-layers/common/io/vertx/ext/auth/jwt/JWTAuthOptions.properties b/config-layers/common/io/vertx/ext/auth/jwt/JWTAuthOptions.properties
@@ -0,0 +1,5 @@
+#/io/vertx/ext/auth/jwt/JWTAuthOptions
+$class=io.vertx.ext.auth.jwt.JWTAuthOptions
+$instanceFactory=/in/erail/factory/ParameterConstructorInstanceFactory
+$constructor.param.values=jwtAuthOptionsConfig.json
+$constructor.param.type=io.vertx.core.json.JsonObject
diff --git a/config-layers/common/io/vertx/ext/auth/jwt/jwtAuthOptionsConfig.json b/config-layers/common/io/vertx/ext/auth/jwt/jwtAuthOptionsConfig.json
@@ -0,0 +1,10 @@
+{
+    "pubSecKeys" : [
+        {
+            "algorithm" : "RS256",
+            "publicKey" : "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr1MjI2WAw06VK8biQPC+0mVOkI4ZRt+327fxwrxyuu32AMPKznPCsKtRaI/Xma3+Yi09Dt99agkfUfw/rPr3N0Vcgzd1muhqZOe6vfWqmPCUUB263EkSa1GIx4pLZ3CfvAc3f24Y00CS+S0gjCIr7lwLelcL9Hu9eZg5sTEfzKB/3+yUJ875aYRGWXdM7DnNzODXKa9kc1EqWjwprX0UZwoo3OycgmYS+DyI/MHPcdWbilsjsw77ISFeBZ7OZ+hFJ/baABenAnsTwqbyvWlC6TS3GCXTeH10+0RGWvjJAZEPX0PEt626iMTqP61XEh8kpOROU/xmLWTKHz3EAcX+4QIDAQAB",
+            "secretKey" : "MIIEvgIBADANBgkqhkiG9w0BAQEFAASCBKgwggSkAgEAAoIBAQCvUyMjZYDDTpUrxuJA8L7SZU6QjhlG37fbt/HCvHK67fYAw8rOc8Kwq1Foj9eZrf5iLT0O331qCR9R/D+s+vc3RVyDN3Wa6Gpk57q99aqY8JRQHbrcSRJrUYjHiktncJ+8Bzd/bhjTQJL5LSCMIivuXAt6Vwv0e715mDmxMR/MoH/f7JQnzvlphEZZd0zsOc3M4Ncpr2RzUSpaPCmtfRRnCijc7JyCZhL4PIj8wc9x1ZuKWyOzDvshIV4Fns5n6EUn9toAF6cCexPCpvK9aULpNLcYJdN4fXT7REZa+MkBkQ9fQ8S3rbqIxOo/rVcSHySk5E5T/GYtZMofPcQBxf7hAgMBAAECggEAGOlXNNBXW2jvCSlZPKD4fCyo3SFTth5ToYShdWoRYz4sli87wdnw7+lnx9Oobs2qN4j2BAb9avOg36VX5txCBDh2zK40p64eb/f9MMCXXOPSLxAKXQKE+3q6VJ/x1uDJ0Y209QZPwLSMLZub5E12sIejmd6EdFigs4ZNrD+upQRs6laM3EJdOqrHfArh18dJQoJcq3VfCCw1p+iPOJSVC6TS6Qp8nR/Qq2h5/5DnUj68RMg6jBLuaq+2vAvS/PXkUV5L0rJT11CoPzxusDDSJl7tkxI9Uzz7RfyZFzibxAmrUIxfqFIhQq+EnycYfKuTRDIZjYXvoKqatLhKtgkXgQKBgQDa2SGZJj6HmR25B4+xmJqpf9B1cM4yz4nOUy7xA80V5DRg/qol+T3SDjPXvoinR+fdgpqUBCxVyQHRWs05fDW/xkBXxalODlNSBWwhFBO2dvbdz3xWLDZJmm6rhgo7GZplTWEL6lxxNTwiKdkCLgW2CHkDpKxPy3x3P/50fM98MwKBgQDNFohdBKoiuG2H2qML27pifgJUJXg33YgUN3xPgR2V0UyVV7u1qq9aHiBL2oO+gp1Jz1N+aQQ6FVDGZ+Okg6VKPZKEZnfYP7AgUAPkqxtsI3oAYGt1OtcLoGXns+U8LxJkuwV3IilvdkMVGQa0rXHYn8pdK149yd+nWCCJL/cEmwKBgQCsL0fzAhcSgtLS4HMbDPEqyQhPTli9u3I2JlZ5hD8YqTrY0aU3SVltaoU5ioxj6Pwx2O8b5Aip2gOXHzT2tJZpc2buZ/MkGbtOfjur7urvlbv3mqa9+f0gfePzCfwEsck7SN1BDbx7yaGtU3WM9H7D0Pi9eBOmmHguLuhZ6FUq5wKBgEbjm/zzCM/5ibqkwyjtKW6z+aAWV4iP5WJ/j1N34L8RWnRgn/x6ZCQ1N5qgjFtEkJObu1N9fz2IcqQx8sjBzFduEv/63z/7O6jfn4jh8Bef56LLsTkTPpPBPJgrYXg9GRGCZ7A3ObVSXnuja+L19N0Y1nz/6ZJX/hu85Xol/y8zAoGBAJQw/0mEww+c2YOcNiTyPOWrJ6YYtVDoi2noESgQzfcRx2YbFjkVYK1ig+rk6oMBGQt2hTCXqv7f7HWtfJ39DZ8+nIWqMEt87O7YW1A/Lmq7nFpqqGA3W5o2w+bCaMqHypL1RZo3fwNK3dXGlWOC419oXmR0yMmpjnGH3f2MFa41"
+        }
+
+    ]
+}
diff --git a/src/main/java/in/erail/common/FrameworkConfiguration.java b/src/main/java/in/erail/common/FrameworkConfiguration.java
@@ -1,6 +1,5 @@
 package in.erail.common;
 
-import io.vertx.reactivex.ext.auth.oauth2.OAuth2Auth;
 import io.vertx.reactivex.redis.RedisClient;
 import java.util.Optional;
 
@@ -11,7 +10,6 @@
 public class FrameworkConfiguration {
   
   private RedisClient mRedisClient;
-  private OAuth2Auth mOAuth2Auth;
 
   public RedisClient getRedisClient() {
     return mRedisClient;
@@ -21,20 +19,8 @@ public void setRedisClient(RedisClient pRedisClient) {
     this.mRedisClient = pRedisClient;
   }
 
-  public OAuth2Auth getOAuth2Auth() {
-    return mOAuth2Auth;
-  }
-
-  public void setOAuth2Auth(OAuth2Auth pOAuth2Auth) {
-    this.mOAuth2Auth = pOAuth2Auth;
-  }
-  
-
   public boolean isRedisEnable(){
     return Optional.ofNullable(getRedisClient()).isPresent();
   }
   
-  public boolean isOAuth2AuthEnable(){
-    return Optional.ofNullable(getOAuth2Auth()).isPresent();
-  }
 }
diff --git a/src/main/java/in/erail/route/LoadUserFromAccessTokenRouteBuillder.java b/src/main/java/in/erail/route/LoadUserFromAccessTokenRouteBuillder.java
@@ -2,8 +2,8 @@
 
 import com.google.common.base.Strings;
 import com.google.common.net.HttpHeaders;
-import in.erail.user.UserProvider;
 import io.vertx.core.json.JsonObject;
+import io.vertx.reactivex.ext.auth.AuthProvider;
 import io.vertx.reactivex.ext.web.Router;
 import io.vertx.reactivex.ext.web.RoutingContext;
 import java.util.regex.Matcher;
@@ -16,7 +16,7 @@
 public class LoadUserFromAccessTokenRouteBuillder extends AbstractRouterBuilderImpl {
 
   private final Pattern AUTH_TOKEN = Pattern.compile("^Bearer\\s(?<token>.*)");
-  private UserProvider mUserProvider;
+  private AuthProvider mAuthProvider;
 
   @Override
   public Router getRouter(Router pRouter) {
@@ -29,14 +29,15 @@ public void handle(RoutingContext pRoutingContext) {
     if (pRoutingContext.user() == null) {
       String access_token = pRoutingContext.request().getHeader(HttpHeaders.AUTHORIZATION);
       if (!Strings.isNullOrEmpty(access_token)) {
-        Matcher token = AUTH_TOKEN.matcher(access_token);
-        if (token.find()) {
-          JsonObject accessToken = new JsonObject().put("access_token", token.group("token"));
+        Matcher tokenRegex = AUTH_TOKEN.matcher(access_token);
+        if (tokenRegex.find()) {
+          String token = tokenRegex.group("token");
+          JsonObject authInfo = new JsonObject()
+                  .put("access_token", token)
+                  .put("token_type", "Bearer")
+                  .put("jwt", token);
           try {
-            pRoutingContext
-                    .setUser(getUserProvider()
-                            .getUser(accessToken)
-                            .blockingGet());
+            pRoutingContext.setUser(getAuthProvider().rxAuthenticate(authInfo).blockingGet());
           } catch (RuntimeException e) {
             getLog().error(e);
             pRoutingContext.fail(401);
@@ -50,12 +51,12 @@ public void handle(RoutingContext pRoutingContext) {
     pRoutingContext.next();
   }
 
-  public UserProvider getUserProvider() {
-    return mUserProvider;
+  public AuthProvider getAuthProvider() {
+    return mAuthProvider;
   }
 
-  public void setUserProvider(UserProvider pUserProvider) {
-    this.mUserProvider = pUserProvider;
+  public void setAuthProvider(AuthProvider pAuthProvider) {
+    this.mAuthProvider = pAuthProvider;
   }
 
 }
diff --git a/src/main/java/in/erail/route/OpenAPI3RouteBuilder.java b/src/main/java/in/erail/route/OpenAPI3RouteBuilder.java
@@ -37,7 +37,6 @@
  */
 public class OpenAPI3RouteBuilder extends AbstractRouterBuilderImpl {
 
-  private static final String AUTHORIZATION_PREFIX = "realm";
   private static final String FAIL_SUFFIX = ".fail";
   private RESTService[] mServices;
   private File mOpenAPI3File;
@@ -233,14 +232,14 @@ public Router getRouter(Router pRouter) {
                       .forEach((service) -> {
                         getLog().debug(() -> "Adding OpenAPI service handle:" + service.getOperationId());
                         apiFactory.addHandlerByOperationId(service.getOperationId(), (routingContext) -> {
-                          if (isSecurityEnable()) {
+                          if (isSecurityEnable() && service.isSecure()) {
 
                             if (routingContext.user() == null) {
                               routingContext.fail(401);
                               return;
                             }
 
-                            routingContext.user().isAuthorized(AUTHORIZATION_PREFIX + ":" + service.getOperationId(), (event) -> {
+                            routingContext.user().isAuthorized(service.getAuthority(), (event) -> {
                               boolean authSuccess = event.succeeded() ? event.result() : false;
                               if (authSuccess) {
                                 process(routingContext, service.getServiceUniqueId());
diff --git a/src/main/java/in/erail/service/RESTService.java b/src/main/java/in/erail/service/RESTService.java
@@ -1,6 +1,5 @@
 package in.erail.service;
 
-
 import in.erail.model.RequestEvent;
 import in.erail.model.ResponseEvent;
 import io.reactivex.Maybe;
@@ -10,7 +9,14 @@
  * @author vinay
  */
 public interface RESTService {
+
   String getOperationId();
+
   String getServiceUniqueId();
+
   Maybe<ResponseEvent> process(RequestEvent pRequest);
+
+  String getAuthority();
+  
+  boolean isSecure();
 }
diff --git a/src/main/java/in/erail/service/RESTServiceImpl.java b/src/main/java/in/erail/service/RESTServiceImpl.java
@@ -29,6 +29,8 @@ public abstract class RESTServiceImpl implements RESTService {
   private Logger mLog;
   private Scheduler mScheduler = Schedulers.io();
   private ResponseEvent mDefaultResponseEvent = DEFAULT_REPONSE_EVENT;
+  private boolean secure = false;
+  private String authority;
 
   @StartService
   public void start() {
@@ -124,4 +126,21 @@ public void setDefaultResponseEvent(ResponseEvent pDefaultResponseEvent) {
     this.mDefaultResponseEvent = pDefaultResponseEvent;
   }
 
+  @Override
+  public boolean isSecure() {
+    return secure;
+  }
+
+  public void setSecure(boolean pSecure) {
+    this.secure = pSecure;
+  }
+
+  @Override
+  public String getAuthority() {
+    return authority;
+  }
+
+  public void setAuthority(String pAuthority) {
+    this.authority = pAuthority;
+  }
 }
diff --git a/src/main/java/in/erail/user/UserProvider.java b/src/main/java/in/erail/user/UserProvider.java
diff --git a/src/main/java/in/erail/user/oauth2/OAuth2AuthUserProvider.java b/src/main/java/in/erail/user/oauth2/OAuth2AuthUserProvider.java
diff --git a/src/test/java/in/erail/test/TestConstants.java b/src/test/java/in/erail/test/TestConstants.java
@@ -8,8 +8,13 @@
  */
 public class TestConstants {
 
-  public static final String ACCESS_TOKEN = "Bearer eyJhbGciOiJSUzI1NiIsInR5cCIgOiAiSldUIiwia2lkIiA6ICI3UU0zSVNoWkstZWtwaXlfODRXR2ZweThRZFhHa3NfVDNBUjNwVDBfOHBrIn0.eyJqdGkiOiJlNTI2YTNiMC04MDIwLTRiYTktOGFmZi02YzBmYTZkYjhhNGUiLCJleHAiOjE1MTAwNzc2MjIsIm5iZiI6MCwiaWF0IjoxNTEwMDc3MzIyLCJpc3MiOiJodHRwczovL29wZW5pZC5lcmFpbC5pbi9hdXRoL3JlYWxtcy9BUElHYXRld2F5IiwiYXVkIjoidGVzdF9lcmFpbF9pbiIsInN1YiI6ImNhMjUwN2Y3LTc0N2QtNGY5Ny04YTFkLTI4NGZmODQ1YWVhNCIsInR5cCI6IkJlYXJlciIsImF6cCI6InRlc3RfZXJhaWxfaW4iLCJub25jZSI6Im56QTJNamRmZmYiLCJhdXRoX3RpbWUiOjE1MTAwNzcyNTIsInNlc3Npb25fc3RhdGUiOiIyYjExNjEzOC1hMDdiLTQ3MjQtYTkzZi02NzM0YzRjMWM0ODIiLCJhY3IiOiIwIiwiYWxsb3dlZC1vcmlnaW5zIjpbXSwicmVhbG1fYWNjZXNzIjp7InJvbGVzIjpbIkFQSV9WMV9UQVNLX1NFUlZJQ0UiLCJBUElfVjFfQlJPQURDQVNUX1NFUlZJQ0UiLCJ1bWFfYXV0aG9yaXphdGlvbiJdfSwicmVzb3VyY2VfYWNjZXNzIjp7ImFjY291bnQiOnsicm9sZXMiOlsibWFuYWdlLWFjY291bnQiLCJtYW5hZ2UtYWNjb3VudC1saW5rcyIsInZpZXctcHJvZmlsZSJdfX0sInByZWZlcnJlZF91c2VybmFtZSI6ImFnZW50MSJ9.XrdyqCOaSNq2egPRXr8FdKHm3EqTnXTna37AK7JPeT_FDZSWDTsHvtW20hsW1lmq_7WoGFyt5SLFG_RTSA0GvfelArMDDwLhGIAM6UYEX3sNGvgHR0g3PQuiK-ACfYXdvrzWmJUANe0xxJBRa54Xpe7CkJg98qcDDP9-qvtmRgku6SGnFb9HBmkCiYs-D2G8Ems7TwDgxsFf4NVm2q5zPXmduJW4GFHCmBZK-8HwetmC4o8VORf0_lKhn-xF1Cw97qYkD4vzajQE9uW6hOiJYXZgWtp7D1lx79ts4_yMdppCdzMylv7lZppU6gezACdJwTyYQ1xBl9IZcEnv4qBEvg";
-
+  public static final String ACCESS_TOKEN = "Bearer eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJwZXJtaXNza"
+          + "W9ucyI6W10sImlhdCI6MTU0NjIxNzI2Mywic3ViIjoidGVzdHVzZXIifQ.LKd5wNfsmNWIGh6j5rl0xvr"
+          + "MdII7_doX6pF-qs0qvf7aIffbUpKoGAA36EQHU04D5WyikbciI7PseIw9YakV2yiIK798dD8Av4u4D5P2"
+          + "-1UGMa9dmD0jR_G15C2LsiSRLx-njJI_qmq5Iuu1ud4QKL67-tah40I_HcZWrAgywuZ143Fw0f5rf4wHs"
+          + "unx7Cm_c5UykvNjMZbxo_Ati6py3hsvydZq6f1CfMU0mPST9Lq4FwzdPe_sglt9F5rTB95oIYxVkPakzz"
+          + "nVcgDojkuGbFXcPTFLtwMxDXOD0tm8dwWYxKqokFRpQcl7ni0AiJfn1VeuCxG8QjCmtK_ti818pg";
+  
   public static class Service {
 
     public static class Broadcast {

Original file line number	Diff line number	Diff line change
`@@ -3,4 +3,3 @@ $class=in.erail.common.FrameworkConfiguration`
`3`	`3`	`$scope=GLOBAL`
`4`	`4`
`5`	`5`	`redisClient=/io/vertx/redis/RedisClient`
`6`		`-oAuth2Auth=/io/vertx/ext/auth/oauth2/OAuth2Auth`