Skip to content

Commit 4e171f6

Browse files
ruhan1ruhan1
committed
Add CustomClientRequestFilter
1 parent 4db1e43 commit 4e171f6

File tree

2 files changed

+56
-0
lines changed

2 files changed

+56
-0
lines changed

pom.xml

Lines changed: 4 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -82,6 +82,10 @@
8282
<groupId>io.quarkus</groupId>
8383
<artifactId>quarkus-security</artifactId>
8484
</dependency>
85+
<dependency>
86+
<groupId>io.quarkus</groupId>
87+
<artifactId>quarkus-oidc-client-filter</artifactId>
88+
</dependency>
8589
<dependency>
8690
<groupId>com.fasterxml.jackson.dataformat</groupId>
8791
<artifactId>jackson-dataformat-yaml</artifactId>

src/main/java/org/commonjava/indy/service/security/jaxrs/CustomClientRequestFilter.java

Lines changed: 52 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,52 @@
1+
/**
2+
* Copyright (C) 2022 Red Hat, Inc. (https://github.com/Commonjava/indy-security)
3+
*
4+
* Licensed under the Apache License, Version 2.0 (the "License");
5+
* you may not use this file except in compliance with the License.
6+
* You may obtain a copy of the License at
7+
*
8+
* http://www.apache.org/licenses/LICENSE-2.0
9+
*
10+
* Unless required by applicable law or agreed to in writing, software
11+
* distributed under the License is distributed on an "AS IS" BASIS,
12+
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13+
* See the License for the specific language governing permissions and
14+
* limitations under the License.
15+
*/
16+
package org.commonjava.indy.service.security.jaxrs;
17+
18+
import io.quarkus.oidc.client.filter.runtime.AbstractOidcClientRequestFilter;
19+
import jakarta.annotation.Priority;
20+
import jakarta.ws.rs.Priorities;
21+
import jakarta.ws.rs.client.ClientRequestContext;
22+
import jakarta.ws.rs.ext.Provider;
23+
import org.eclipse.microprofile.config.inject.ConfigProperty;
24+
25+
import java.io.IOException;
26+
import java.util.Arrays;
27+
import java.util.List;
28+
29+
@Provider
30+
@Priority(Priorities.AUTHENTICATION)
31+
public class CustomClientRequestFilter
32+
extends AbstractOidcClientRequestFilter
33+
{
34+
@ConfigProperty(name = "indy_security.enabled")
35+
boolean securityEnabled;
36+
37+
private static final List<String> nonAuthMethods = Arrays.asList("GET", "HEAD"); // skip auth for GET/HEAD requests
38+
39+
@Override
40+
public void filter(ClientRequestContext requestContext) throws IOException
41+
{
42+
if ( securityEnabled )
43+
{
44+
String method = requestContext.getMethod().toUpperCase();
45+
if ( nonAuthMethods.contains(method) )
46+
{
47+
return;
48+
}
49+
super.filter( requestContext );
50+
}
51+
}
52+
}

0 commit comments

Comments
 (0)