Package org.candlepin.resteasy.interceptor

Source Code of org.candlepin.resteasy.interceptor.TrustedUserAuth

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
/**
* Copyright (c) 2009 - 2012 Red Hat, Inc.
*
* This software is licensed to you under the GNU General Public License,
* version 2 (GPLv2). There is NO WARRANTY for this software, express or
* implied, including the implied warranties of MERCHANTABILITY or FITNESS
* FOR A PARTICULAR PURPOSE. You should have received a copy of GPLv2
* along with this software; if not, see
* http://www.gnu.org/licenses/old-licenses/gpl-2.0.txt.
*
* Red Hat trademarks are not licensed under GPLv2. No permission is
* granted to use or replicate Red Hat trademarks that are incorporated
* in this software or its documentation.
*/
package org.candlepin.resteasy.interceptor;

import org.candlepin.auth.Principal;
import org.candlepin.auth.TrustedUserPrincipal;
import org.candlepin.service.UserServiceAdapter;

import com.google.inject.Inject;
import com.google.inject.Injector;

import org.jboss.resteasy.spi.HttpRequest;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/**
* This auth form allows for a consumer id to be passed in a clear http header.
* This should be used only if the environment is known to be secure
*/
class TrustedUserAuth extends UserAuth {

    public static final String USER_HEADER = "cp-user";
    public static final String LOOKUP_PERMISSIONS_HEADER = "cp-lookup-permissions";

    private static Logger log = LoggerFactory.getLogger(TrustedUserAuth.class);

    @Inject
    TrustedUserAuth(UserServiceAdapter userServiceAdaper, Injector injector) {
        super(userServiceAdaper, injector);
    }

    public Principal getPrincipal(HttpRequest request) {

        String username = AuthUtil.getHeader(request, USER_HEADER);
        if (username == null || username.isEmpty()) {
            // Nothing we can do here:
            log.debug("No username header provided, returning null principal.");
            return null;
        }

        // Check if we should ask the user service for this user and their permissions:
        String lookupPermsHeader = AuthUtil.getHeader(request,  LOOKUP_PERMISSIONS_HEADER);
        if (lookupPermsHeader != null && lookupPermsHeader.equals("true")) {
            log.debug("Looking up user permissions from user service.");
            return createPrincipal(username);
        }

        log.debug("Returning full trusted user principal.");
        return new TrustedUserPrincipal(username);
    }
}
TOP

Related Classes of org.candlepin.resteasy.interceptor.TrustedUserAuth

  • org.candlepin.auth.TrustedUserPrincipal
    • TOP
    Copyright © 2018 www.massapi.com. All rights reserved.
    All source code are property of their respective owners. Java is a trademark of Sun Microsystems, Inc and owned by ORACLE Inc. Contact coftware#gmail.com.