a sample to work with drop wizard 0.9 auth framework

README.md

@@ -1,8 +1,17 @@
 # dropwizard-immutable-bean
 example of an error with jackson
 
-I had a problem with Jackson and immutable beans. 
+I had a problem with Jackson and immutable beans.
 
 Full discussion can be followed at https://mail.google.com/mail/u/0/?zx=khfzn67sm1i#label/dropwizard/150e3ec1e93ad69d
 
 It is solved. See the code sample.
+
+
+# Auth sample
+
+Have a look at the classes under the auth package.
+
+To check auth
+`curl http://localhost:9000` expected response is `Can't touch this...`
+`curl http://localhost:9000 --user abc:abc` expected response is `You got permission!`

pom.xml

@@ -25,6 +25,11 @@
             <artifactId>dropwizard-configuration</artifactId>
             <version>${dropwizard.version}</version>
         </dependency>
+        <dependency>
+            <groupId>io.dropwizard</groupId>
+            <artifactId>dropwizard-auth</artifactId>
+            <version>${dropwizard.version}</version>
+        </dependency>
 
         <dependency>
             <groupId>io.dropwizard</groupId>

src/main/java/ca/rasul/MyApplication.java

@@ -1,8 +1,18 @@
 package ca.rasul;
 
+import ca.rasul.auth.BasicAuthenticator;
+import ca.rasul.auth.UnAuthorizedResourceHandler;
+import ca.rasul.auth.UserAuthorizer;
+import ca.rasul.models.User;
 import ca.rasul.resources.MessageResource;
 import io.dropwizard.Application;
+import io.dropwizard.auth.AuthDynamicFeature;
+import io.dropwizard.auth.AuthFilter;
+import io.dropwizard.auth.AuthValueFactoryProvider;
+import io.dropwizard.auth.UnauthorizedHandler;
+import io.dropwizard.auth.basic.BasicCredentialAuthFilter;
 import io.dropwizard.setup.Environment;
+import org.glassfish.jersey.server.filter.RolesAllowedDynamicFeature;
 
 /**
  * @author Nasir Rasul {@literal nasir@rasul.ca}
@@ -11,9 +21,26 @@ public class MyApplication extends Application<MyConfiguration> {
     @Override
     public void run(MyConfiguration myConfiguration, Environment environment) throws Exception {
         environment.jersey().register(MessageResource.class);
+        registerAuthRelated(environment);
     }
 
+    private void registerAuthRelated(Environment environment) {
+        UnauthorizedHandler unauthorizedHandler = new UnAuthorizedResourceHandler();
+        AuthFilter basicAuthFilter = new BasicCredentialAuthFilter.Builder<User>()
+                .setAuthenticator(new BasicAuthenticator())
+                .setAuthorizer(new UserAuthorizer())
+                .setRealm("shire")
+                .setUnauthorizedHandler(unauthorizedHandler)
+                .setPrefix("Basic")
+                .buildAuthFilter();
 
+        environment.jersey().register(new AuthDynamicFeature(basicAuthFilter));
+        environment.jersey().register(RolesAllowedDynamicFeature.class);
+        environment.jersey().register(new AuthValueFactoryProvider.Binder(User.class));
+
+        environment.jersey().register(unauthorizedHandler);
+
+    }
     public static void main (String args[]) throws Exception {
         new MyApplication().run(args);
     }

src/main/java/ca/rasul/auth/BasicAuthenticator.java

@@ -0,0 +1,19 @@
+package ca.rasul.auth;
+
+import ca.rasul.models.User;
+import com.google.common.base.Optional;
+import io.dropwizard.auth.AuthenticationException;
+import io.dropwizard.auth.Authenticator;
+import io.dropwizard.auth.basic.BasicCredentials;
+
+/**
+ * @author Nasir Rasul {@literal nasir@rasul.ca}
+ * */
+public class BasicAuthenticator<C, P> implements Authenticator<BasicCredentials, User> {
+    @Override
+    public Optional<User> authenticate(BasicCredentials credentials) throws AuthenticationException {
+        //do no authentication yet. Let all users through
+        return Optional.fromNullable(new User(credentials.getUsername(), credentials.getPassword()));
+    }
+}
+

src/main/java/ca/rasul/auth/UnauthorizedResourceHandler.java

@@ -0,0 +1,29 @@
+package ca.rasul.auth;
+
+import io.dropwizard.auth.UnauthorizedHandler;
+
+import javax.servlet.http.HttpServletRequest;
+import javax.ws.rs.core.Context;
+import javax.ws.rs.core.MediaType;
+import javax.ws.rs.core.Response;
+
+/**
+ * @author Nasir Rasul {@literal nasir@rasul.ca}
+ */
+public class UnAuthorizedResourceHandler implements UnauthorizedHandler {
+
+    @Context
+    private HttpServletRequest request;
+
+    @Override
+    public Response buildResponse(String prefix, String realm) {
+        Response.Status unauthorized = Response.Status.UNAUTHORIZED;
+        return Response.status(unauthorized).type(MediaType.APPLICATION_JSON_TYPE).entity("Can't touch this...").build();
+    }
+
+    @Context
+    public void setRequest(HttpServletRequest request) {
+        this.request = request;
+    }
+}
+

src/main/java/ca/rasul/auth/UserAuthorizer.java

@@ -0,0 +1,21 @@
+package ca.rasul.auth;
+
+import ca.rasul.models.User;
+import io.dropwizard.auth.Authorizer;
+
+/**
+ * @author Nasir Rasul {@literal nasir@rasul.ca}
+ */
+public class UserAuthorizer<P> implements Authorizer<User>{
+    /**
+     * Decides if access is granted for the given principal in the given role.
+     *
+     * @param principal a {@link Principal} object, representing a user
+     * @param role      a user role
+     * @return {@code true}, if the access is granted, {@code false otherwise}
+     */
+    @Override
+    public boolean authorize(User principal, String role) {
+        return true;
+    }
+}

src/main/java/ca/rasul/modes/Message.java → src/main/java/ca/rasul/models/Message.java

@@ -1,4 +1,4 @@
-package ca.rasul.modes;
+package ca.rasul.models;
 
 import com.fasterxml.jackson.annotation.JsonCreator;
 

src/main/java/ca/rasul/models/User.java

@@ -0,0 +1,47 @@
+package ca.rasul.models;
+
+import javax.security.auth.Subject;
+import java.security.Principal;
+
+/**
+ * @author Nasir Rasul {@literal nasir@rasul.ca}
+ */
+public class User implements Principal {
+    private final String username;
+    private final String password;
+
+    public User(final String username, final String password) {
+        this.username = username;
+        this.password = password;
+    }
+
+    /**
+     * Returns the name of this principal.
+     *
+     * @return the name of this principal.
+     */
+    @Override
+    public String getName() {
+        return username;
+    }
+
+    /**
+     * Returns true if the specified subject is implied by this principal.
+     * <p>
+     * <p>The default implementation of this method returns true if
+     * {@code subject} is non-null and contains at least one principal that
+     * is equal to this principal.
+     * <p>
+     * <p>Subclasses may override this with a different implementation, if
+     * necessary.
+     *
+     * @param subject the {@code Subject}
+     * @return true if {@code subject} is non-null and is
+     * implied by this principal, or false otherwise.
+     * @since 1.8
+     */
+    @Override
+    public boolean implies(final Subject subject) {
+        return true;
+    }
+}

src/main/java/ca/rasul/resources/MessageResource.java

@@ -1,6 +1,8 @@
 package ca.rasul.resources;
 
-import ca.rasul.modes.Message;
+import ca.rasul.models.Message;
+import ca.rasul.models.User;
+import io.dropwizard.auth.Auth;
 
 import javax.ws.rs.*;
 import javax.ws.rs.core.MediaType;
@@ -17,4 +19,9 @@ public class MessageResource {
     public Response message(@HeaderParam("Accept-Language") @DefaultValue("en-US") String language, @BeanParam Message message){
         return Response.ok().language("en").entity(new Message("Message is "+message.getMessage())).build();
     }
+
+    @GET
+    public Response hello(@Auth User user){
+        return Response.ok().entity("You got permission!").build();
+    }
 }

src/test/java/ca/rasul/resources/MessageResourceTest.java

@@ -2,7 +2,7 @@
 
 import ca.rasul.MyApplication;
 import ca.rasul.MyConfiguration;
-import ca.rasul.modes.Message;
+import ca.rasul.models.Message;
 import com.fasterxml.jackson.databind.ObjectMapper;
 import io.dropwizard.client.JerseyClientBuilder;
 import io.dropwizard.testing.junit.DropwizardAppRule;