OAuth2 Vertx 3 Bearer Token start

BearerAuthHandler.groovy

import io.vertx.core.http.HttpHeaders
import io.vertx.core.http.HttpServerRequest
import io.vertx.core.json.JsonObject
import io.vertx.ext.apex.RoutingContext
import io.vertx.ext.apex.handler.impl.AuthHandlerImpl
import io.vertx.ext.auth.AuthProvider;

class BearerAuthHandler extends AuthHandlerImpl {

	public BearerAuthHandler(AuthProvider authProvider) {
		super(authProvider);
	}

	@Override
	void handle(RoutingContext context) {

		HttpServerRequest request = context.request()
		String authorization = request.headers().get(HttpHeaders.AUTHORIZATION)

		if (authorization == null) {
			context.fail(401)
		} else {
			String token
			String scheme

			try {
				String[] parts = authorization.split(" ")
				scheme = parts[0]
				token = parts[1]
			} catch (ArrayIndexOutOfBoundsException e) {
				context.fail(401)
				return
			} catch (IllegalArgumentException | NullPointerException e) {
				// IllegalArgumentException includes PatternSyntaxException
				context.fail(e)
				return
			}

			if (scheme.equalsIgnoreCase("bearer")) {
				JsonObject creds = new JsonObject()
				creds.put("token", token)

				authProvider.login(null, creds, { res ->
					if (res.succeeded()) {
						context.next()
					} else {
						context.fail(401)
					}
				})

			} else {
				context.fail(401)
			}
		}

	}
}

OAuthIntrospectionProvider.groovy

import io.netty.handler.codec.http.HttpHeaders
import io.vertx.core.AsyncResult
import io.vertx.core.Future
import io.vertx.core.Handler
import io.vertx.core.http.HttpClient
import io.vertx.core.json.JsonObject
import io.vertx.ext.auth.AuthProvider

class OAuthIntrospectionProvider implements AuthProvider {

	HttpClient httpClient

	public OAuthIntrospectionProvider(HttpClient httpClient) {
		this.httpClient = httpClient
	}

	@Override
	void login(JsonObject principal, JsonObject credentials, Handler<AsyncResult<Void>> resultHandler) {

		def request = httpClient.post(8180, "localhost", "/oauth/introspect ", { response ->
			response.exceptionHandler({ ex ->
				resultHandler.handle(Future.failedFuture(ex))
			})

			response.bodyHandler({ body ->
				def obj = new JsonObject(body.toString())
				def active = obj.getBoolean("active")
				if (active) {
					//TODO set user identity
					resultHandler.handle(Future.succeededFuture())
				} else {
					resultHandler.handle(Future.failedFuture("Token not Active"))

				}
			})
		})

		//TODO Set client id and secret from config
		String base64key = Base64.getEncoder().encodeToString("clientapp:123456".getBytes())
		request.putHeader(HttpHeaders.Names.AUTHORIZATION, "Basic " + base64key);
		request.putHeader(HttpHeaders.Names.CONTENT_TYPE, "application/x-www-form-urlencoded")
		request.end("token=" + credentials.getString("token"))

	}

	@Override
	void hasRole(JsonObject principal, String role, Handler<AsyncResult<Boolean>> resultHandler) {
		resultHandler.handle(Future.failedFuture("Not Yet Supported by AuthProvider"))
	}

	@Override
	void hasPermission(JsonObject principal, String permission, Handler<AsyncResult<Boolean>> resultHandler) {
		resultHandler.handle(Future.failedFuture("Not Yet Supported by AuthProvider"))
	}

}