This repository has been archived by the owner on May 9, 2019. It is now read-only.
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
- Loading branch information
Showing
13 changed files
with
382 additions
and
47 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
25 changes: 25 additions & 0 deletions
25
security/src/main/java/com/example/auction/security/ClientSecurity.java
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,25 @@ | ||
package com.example.auction.security; | ||
|
||
import com.lightbend.lagom.javadsl.api.security.ServicePrincipal; | ||
import com.lightbend.lagom.javadsl.api.transport.RequestHeader; | ||
|
||
import java.util.Optional; | ||
import java.util.UUID; | ||
import java.util.function.Function; | ||
|
||
public class ClientSecurity { | ||
|
||
/** | ||
* Authenticate a client request. | ||
*/ | ||
public static final Function<RequestHeader, RequestHeader> authenticate(UUID userId) { | ||
return request -> { | ||
Optional<ServicePrincipal> service = request.principal() | ||
.filter(p -> p instanceof ServicePrincipal) | ||
.map(p -> (ServicePrincipal) p); | ||
|
||
return request.withPrincipal(UserPrincipal.of(userId, service)); | ||
}; | ||
} | ||
|
||
} |
54 changes: 54 additions & 0 deletions
54
security/src/main/java/com/example/auction/security/SecurityHeaderFilter.java
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,54 @@ | ||
package com.example.auction.security; | ||
|
||
import com.lightbend.lagom.javadsl.api.security.ServicePrincipal; | ||
import com.lightbend.lagom.javadsl.api.security.UserAgentHeaderFilter; | ||
import com.lightbend.lagom.javadsl.api.transport.HeaderFilter; | ||
import com.lightbend.lagom.javadsl.api.transport.RequestHeader; | ||
import com.lightbend.lagom.javadsl.api.transport.ResponseHeader; | ||
|
||
import java.security.Principal; | ||
import java.util.Optional; | ||
import java.util.UUID; | ||
|
||
public final class SecurityHeaderFilter implements HeaderFilter { | ||
|
||
private SecurityHeaderFilter() {} | ||
|
||
public static final HeaderFilter INSTANCE = HeaderFilter.composite(new SecurityHeaderFilter(), new UserAgentHeaderFilter()); | ||
|
||
@Override | ||
public RequestHeader transformClientRequest(RequestHeader request) { | ||
if (request.principal().isPresent()) { | ||
Principal principal = request.principal().get(); | ||
if (principal instanceof UserPrincipal) { | ||
return request.withHeader("User-Id", ((UserPrincipal) principal).getUserId().toString()); | ||
} | ||
} | ||
return request; | ||
} | ||
|
||
@Override | ||
public RequestHeader transformServerRequest(RequestHeader request) { | ||
Optional<String> userId = request.getHeader("User-Id"); | ||
if (userId.isPresent()) { | ||
Optional<ServicePrincipal> service = request.principal() | ||
.filter(p -> p instanceof ServicePrincipal) | ||
.map(p -> (ServicePrincipal) p); | ||
|
||
UUID userUuid = UUID.fromString(userId.get()); | ||
|
||
return request.withPrincipal(UserPrincipal.of(userUuid, service)); | ||
} | ||
return request; | ||
} | ||
|
||
@Override | ||
public ResponseHeader transformServerResponse(ResponseHeader response, RequestHeader request) { | ||
return response; | ||
} | ||
|
||
@Override | ||
public ResponseHeader transformClientResponse(ResponseHeader response, RequestHeader request) { | ||
return response; | ||
} | ||
} |
Oops, something went wrong.