-
-
Save girirajsharma/9f227c7fe3d238d832be to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
//HttpSecurityConfigExtension.java | |
package org.picketlink.http.internal; | |
import java.lang.annotation.Annotation; | |
import java.lang.reflect.Field; | |
import javax.enterprise.event.Observes; | |
import javax.enterprise.inject.spi.AnnotatedType; | |
import javax.enterprise.inject.spi.Extension; | |
import javax.enterprise.inject.spi.ProcessAnnotatedType; | |
import org.jboss.logging.Logger; | |
import org.picketlink.config.SecurityConfigurationBuilder; | |
import org.picketlink.config.http.AuthenticationConfigurationBuilder; | |
import org.picketlink.config.http.AuthorizationConfigurationBuilder; | |
import org.picketlink.config.http.BasicAuthenticationConfigurationBuilder; | |
import org.picketlink.config.http.DigestAuthenticationConfigurationBuilder; | |
import org.picketlink.config.http.FormAuthenticationConfigurationBuilder; | |
import org.picketlink.config.http.HttpSecurityBuilder; | |
import org.picketlink.config.http.PathConfigurationBuilder; | |
import org.picketlink.config.http.TokenAuthenticationConfigurationBuilder; | |
import org.picketlink.config.http.X509AuthenticationConfigurationBuilder; | |
import org.picketlink.config.http.annotations.AllPaths; | |
import org.picketlink.config.http.annotations.AllowedGroups; | |
import org.picketlink.config.http.annotations.AllowedRealms; | |
import org.picketlink.config.http.annotations.AllowedRoles; | |
import org.picketlink.config.http.annotations.Authc; | |
import org.picketlink.config.http.annotations.Authz; | |
import org.picketlink.config.http.annotations.Basic; | |
import org.picketlink.config.http.annotations.Digest; | |
import org.picketlink.config.http.annotations.Expressions; | |
import org.picketlink.config.http.annotations.Form; | |
import org.picketlink.config.http.annotations.Path; | |
import org.picketlink.config.http.annotations.PathGroup; | |
import org.picketlink.config.http.annotations.Permissive; | |
import org.picketlink.config.http.annotations.HttpSecurity; | |
import org.picketlink.config.http.annotations.Restrictive; | |
import org.picketlink.config.http.annotations.Token; | |
import org.picketlink.config.http.annotations.X509; | |
public class HttpSecurityConfigExtension implements Extension { | |
private transient Logger log = Logger.getLogger(HttpSecurityConfigExtension.class); | |
public static SecurityConfigurationBuilder builder = new SecurityConfigurationBuilder(); | |
public static HttpSecurityBuilder httpSecurityBuilder = builder.http(); | |
private static PathConfigurationBuilder pathConfigurationBuilder; | |
private static AuthenticationConfigurationBuilder authenticationConfigurationBuilder; | |
private static FormAuthenticationConfigurationBuilder formAuthenticationConfigurationBuilder; | |
private static BasicAuthenticationConfigurationBuilder basicAuthenticationConfigurationBuilder; | |
private static DigestAuthenticationConfigurationBuilder digestAuthenticationConfigurationBuilder; | |
private static TokenAuthenticationConfigurationBuilder tokenAuthenticationConfigurationBuilder; | |
private static X509AuthenticationConfigurationBuilder x509AuthenticationConfigurationBuilder; | |
private static AuthorizationConfigurationBuilder authorizationConfigurationBuilder; | |
public <T> void processAnnotatedType(@Observes ProcessAnnotatedType<T> event) { | |
AnnotatedType<T> tp = event.getAnnotatedType(); | |
if (tp.isAnnotationPresent(HttpSecurity.class)) { | |
if (!tp.getJavaClass().isInterface()) { | |
log.warn("ViewConfig annotation should only be applied to interfaces, and [" + tp.getJavaClass() | |
+ "] is not an interface."); | |
} else { | |
for (Class<?> clazz : tp.getJavaClass().getClasses()) { | |
for (Field enumm : clazz.getFields()) { | |
System.out.println("\n" + enumm + "\n"); | |
HttpSecurityConfigExtension.pathConfigurationBuilder = null; | |
HttpSecurityConfigExtension.authenticationConfigurationBuilder = null; | |
HttpSecurityConfigExtension.authorizationConfigurationBuilder = null; | |
HttpSecurityConfigExtension.formAuthenticationConfigurationBuilder = null; | |
HttpSecurityConfigExtension.basicAuthenticationConfigurationBuilder = null; | |
HttpSecurityConfigExtension.digestAuthenticationConfigurationBuilder = null; | |
HttpSecurityConfigExtension.tokenAuthenticationConfigurationBuilder = null; | |
HttpSecurityConfigExtension.x509AuthenticationConfigurationBuilder = null; | |
for (Annotation a : enumm.getAnnotations()) { | |
if (a.annotationType() == Permissive.class) { | |
HttpSecurityConfigExtension.httpSecurityBuilder = HttpSecurityConfigExtension.httpSecurityBuilder.permissive(); | |
} else if (a.annotationType() == Restrictive.class) { | |
HttpSecurityConfigExtension.httpSecurityBuilder = HttpSecurityConfigExtension.httpSecurityBuilder.restrictive(); | |
} else if (a.annotationType() == AllPaths.class) { | |
HttpSecurityConfigExtension.pathConfigurationBuilder = HttpSecurityConfigExtension.httpSecurityBuilder.allPaths(); | |
} else if (a.annotationType() == Path.class) { | |
Path path = (Path) a; | |
String pathName = path.pathName(); | |
String pathGroup = path.pathGroup(); | |
if (pathName != null && !pathName.isEmpty() && pathGroup != null && !pathGroup.isEmpty()) { | |
HttpSecurityConfigExtension.pathConfigurationBuilder = HttpSecurityConfigExtension.httpSecurityBuilder.path(pathName, pathGroup); | |
} else { | |
HttpSecurityConfigExtension.pathConfigurationBuilder = HttpSecurityConfigExtension.httpSecurityBuilder.path(pathName); | |
} | |
} else if (a.annotationType() == PathGroup.class) { | |
PathGroup pathGroup = (PathGroup) a; | |
String groupName = pathGroup.pathGroupName(); | |
if (groupName != null && !groupName.isEmpty()) { | |
HttpSecurityConfigExtension.pathConfigurationBuilder = HttpSecurityConfigExtension.httpSecurityBuilder.pathGroup(groupName); | |
} | |
} | |
// else if (a.annotationType() == Logout.class) { | |
// SecurityConfigExtension.logoutConfigurationBuilder = | |
// SecurityConfigExtension.pathConfigurationBuilder.logout(); | |
// | |
// } else if (a.annotationType() == Redirect.class) { | |
// Redirect redirect = (Redirect) a; | |
// String redirectURI = redirect.redirectTo(); | |
// if(SecurityConfigExtension.logoutConfigurationBuilder == null) { | |
// SecurityConfigExtension.logoutConfigurationBuilder = | |
// SecurityConfigExtension.pathConfigurationBuilder.redirectTo(redirectUrl); | |
// } else { | |
// | |
// } | |
// } | |
else if (a.annotationType() == Authc.class) { | |
if (HttpSecurityConfigExtension.authorizationConfigurationBuilder == null) { | |
HttpSecurityConfigExtension.authenticationConfigurationBuilder = HttpSecurityConfigExtension.pathConfigurationBuilder.authc(); | |
} else { | |
HttpSecurityConfigExtension.authenticationConfigurationBuilder = HttpSecurityConfigExtension.authorizationConfigurationBuilder.authc(); | |
} | |
} else if (a.annotationType() == Form.class) { | |
HttpSecurityConfigExtension.formAuthenticationConfigurationBuilder = HttpSecurityConfigExtension.authenticationConfigurationBuilder.form(); | |
Form form = (Form) a; | |
String restoreOriginalRequest = form.restoreOriginalRequest(); | |
String loginPage = form.loginPage(); | |
String errorPage = form.errorPage(); | |
if (loginPage != null && !loginPage.isEmpty()) { | |
HttpSecurityConfigExtension.formAuthenticationConfigurationBuilder = | |
HttpSecurityConfigExtension.formAuthenticationConfigurationBuilder.loginPage(loginPage); | |
} | |
if (errorPage != null && !errorPage.isEmpty()) { | |
HttpSecurityConfigExtension.formAuthenticationConfigurationBuilder = | |
HttpSecurityConfigExtension.formAuthenticationConfigurationBuilder.errorPage(errorPage); | |
} | |
if (restoreOriginalRequest != null && restoreOriginalRequest.equals("yes")) { | |
HttpSecurityConfigExtension.formAuthenticationConfigurationBuilder = | |
HttpSecurityConfigExtension.formAuthenticationConfigurationBuilder.restoreOriginalRequest(); | |
} | |
} else if (a.annotationType() == Basic.class) { | |
HttpSecurityConfigExtension.basicAuthenticationConfigurationBuilder = HttpSecurityConfigExtension.authenticationConfigurationBuilder.basic(); | |
Basic basic = (Basic) a; | |
String realmName = basic.realmName(); | |
if (realmName != null && !realmName.isEmpty()) { | |
HttpSecurityConfigExtension.basicAuthenticationConfigurationBuilder = | |
HttpSecurityConfigExtension.basicAuthenticationConfigurationBuilder.realmName(realmName); | |
} | |
} else if (a.annotationType() == Digest.class) { | |
HttpSecurityConfigExtension.digestAuthenticationConfigurationBuilder = HttpSecurityConfigExtension.authenticationConfigurationBuilder.digest(); | |
Digest digest = (Digest) a; | |
String realmName = digest.realmName(); | |
if (realmName != null && !realmName.isEmpty()) { | |
HttpSecurityConfigExtension.digestAuthenticationConfigurationBuilder = | |
HttpSecurityConfigExtension.digestAuthenticationConfigurationBuilder.realmName(realmName); | |
} | |
} else if (a.annotationType() == X509.class) { | |
HttpSecurityConfigExtension.x509AuthenticationConfigurationBuilder = HttpSecurityConfigExtension.authenticationConfigurationBuilder.x509(); | |
X509 x509 = (X509) a; | |
String subjectRegex = x509.subjectRegex(); | |
if (subjectRegex != null && !subjectRegex.isEmpty()) { | |
HttpSecurityConfigExtension.x509AuthenticationConfigurationBuilder = | |
HttpSecurityConfigExtension.x509AuthenticationConfigurationBuilder.subjectRegex(subjectRegex); | |
} | |
} else if (a.annotationType() == Token.class) { | |
HttpSecurityConfigExtension.tokenAuthenticationConfigurationBuilder = HttpSecurityConfigExtension.authenticationConfigurationBuilder.token(); | |
} else if (a.annotationType() == Authz.class) { | |
if (HttpSecurityConfigExtension.authenticationConfigurationBuilder == null) { | |
HttpSecurityConfigExtension.authorizationConfigurationBuilder = HttpSecurityConfigExtension.pathConfigurationBuilder.authz(); | |
} else if (HttpSecurityConfigExtension.formAuthenticationConfigurationBuilder != null) { | |
HttpSecurityConfigExtension.authorizationConfigurationBuilder = HttpSecurityConfigExtension.formAuthenticationConfigurationBuilder.authz(); | |
} else if (HttpSecurityConfigExtension.digestAuthenticationConfigurationBuilder != null) { | |
HttpSecurityConfigExtension.authorizationConfigurationBuilder = HttpSecurityConfigExtension.digestAuthenticationConfigurationBuilder.authz(); | |
} else if (HttpSecurityConfigExtension.basicAuthenticationConfigurationBuilder != null) { | |
HttpSecurityConfigExtension.authorizationConfigurationBuilder = HttpSecurityConfigExtension.basicAuthenticationConfigurationBuilder.authz(); | |
} else if (HttpSecurityConfigExtension.tokenAuthenticationConfigurationBuilder != null) { | |
HttpSecurityConfigExtension.authorizationConfigurationBuilder = HttpSecurityConfigExtension.tokenAuthenticationConfigurationBuilder.authz(); | |
} else if (HttpSecurityConfigExtension.x509AuthenticationConfigurationBuilder != null) { | |
HttpSecurityConfigExtension.authorizationConfigurationBuilder = HttpSecurityConfigExtension.x509AuthenticationConfigurationBuilder.authz(); | |
} | |
} else if (a.annotationType() == AllowedRoles.class) { | |
AllowedRoles role = (AllowedRoles) a; | |
String[] roles = role.roles(); | |
if (roles != null && roles.length > 0) { | |
HttpSecurityConfigExtension.authorizationConfigurationBuilder = HttpSecurityConfigExtension.authorizationConfigurationBuilder.role(roles); | |
} | |
} else if (a.annotationType() == AllowedGroups.class) { | |
AllowedGroups group = (AllowedGroups) a; | |
String[] groups = group.groups(); | |
if (groups != null && groups.length > 0) { | |
HttpSecurityConfigExtension.authorizationConfigurationBuilder = HttpSecurityConfigExtension.authorizationConfigurationBuilder.group(groups); | |
} | |
} else if (a.annotationType() == AllowedRealms.class) { | |
AllowedRealms realm = (AllowedRealms) a; | |
String[] realms = realm.realms(); | |
if (realms != null && realms.length > 0) { | |
HttpSecurityConfigExtension.authorizationConfigurationBuilder = HttpSecurityConfigExtension.authorizationConfigurationBuilder.realm(realms); | |
} | |
} else if (a.annotationType() == Expressions.class) { | |
Expressions exp = (Expressions) a; | |
String[] expressions = exp.expressions(); | |
if (expressions != null && expressions.length > 0) { | |
HttpSecurityConfigExtension.authorizationConfigurationBuilder = | |
HttpSecurityConfigExtension.authorizationConfigurationBuilder.expression(expressions); | |
} | |
} | |
} | |
} | |
} | |
} | |
} | |
} | |
} | |
//MyHttpSecurityConfig.java | |
package org.picketlink.http.test.annotation; | |
import org.picketlink.config.http.annotations.AllowedGroups; | |
import org.picketlink.config.http.annotations.AllowedRealms; | |
import org.picketlink.config.http.annotations.AllowedRoles; | |
import org.picketlink.config.http.annotations.Authc; | |
import org.picketlink.config.http.annotations.Authz; | |
import org.picketlink.config.http.annotations.Expressions; | |
import org.picketlink.config.http.annotations.Form; | |
import org.picketlink.config.http.annotations.HttpSecurity; | |
import org.picketlink.config.http.annotations.Path; | |
@HttpSecurity | |
public interface MyHttpSecurityConfig { | |
public enum secure { | |
@Path(pathGroup = "/*", pathName = "") | |
@Authc | |
@Form(errorPage = "/error.html", loginPage = "/login.html", restoreOriginalRequest = "") | |
@Authz | |
@AllowedRoles(roles = { "roleA", "roleB" }) | |
@AllowedGroups(groups = { "groupA" }) | |
@AllowedRealms(realms = { "realmA" }) | |
@Expressions(expressions = { "#{identity.isLoggedIn()}" }) | |
Admin; | |
} | |
} | |
//AnnotationBasedConfigTestCase.java | |
package org.picketlink.http.test.annotation; | |
import static org.junit.Assert.*; | |
import javax.enterprise.event.Observes; | |
import org.junit.Ignore; | |
import org.junit.Test; | |
import org.picketlink.config.SecurityConfigurationBuilder; | |
import org.picketlink.config.http.HttpSecurityConfiguration; | |
import org.picketlink.event.SecurityConfigurationEvent; | |
import org.picketlink.http.internal.HttpSecurityConfigExtension; | |
import org.picketlink.test.weld.Deployment; | |
@Deployment( | |
beans = { AnnotationBasedConfigTestCase.SecurityConfiguration.class, MyHttpSecurityConfig.class }, | |
excludeBeansFromPackage = "org.picketlink.http.test") | |
public class AnnotationBasedConfigTestCase { | |
@Test | |
@Ignore | |
public void testHttpAnnotation() { | |
HttpSecurityConfiguration configuration = HttpSecurityConfigExtension.httpSecurityBuilder.build().getHttpSecurityConfiguration(); | |
assertEquals(1, configuration.getPaths().size()); | |
} | |
public static class SecurityConfiguration { | |
public void configureHttpSecurity(@Observes SecurityConfigurationEvent event) { | |
SecurityConfigurationBuilder builder = event.getBuilder(); | |
builder | |
.http() | |
.path("/xyz") | |
.authc() | |
.form(); | |
} | |
} | |
} | |
//StackTrace | |
Tests run: 2, Failures: 0, Errors: 0, Skipped: 0, Time elapsed: 2.268 sec - in org.picketlink.http.test.authorization.GroupBasedAuthorizationTestCase | |
Running org.picketlink.http.test.annotation.AnnotationBasedConfigTestCase | |
Tests run: 1, Failures: 0, Errors: 1, Skipped: 0, Time elapsed: 0.106 sec <<< FAILURE! - in org.picketlink.http.test.annotation.AnnotationBasedConfigTestCase | |
testHttpAnnotation(org.picketlink.http.test.annotation.AnnotationBasedConfigTestCase) Time elapsed: 0.023 sec <<< ERROR! | |
org.picketlink.config.http.HttpSecurityConfigurationException: No URI configuration is defined. You must provide at least one URI to protect. | |
at org.picketlink.config.http.HttpSecurityConfiguration.validate(HttpSecurityConfiguration.java:86) | |
at org.picketlink.config.http.HttpSecurityConfiguration.<init>(HttpSecurityConfiguration.java:67) | |
at org.picketlink.config.http.HttpSecurityBuilder.create(HttpSecurityBuilder.java:135) | |
at org.picketlink.config.SecurityConfigurationBuilder.create(SecurityConfigurationBuilder.java:111) | |
at org.picketlink.config.SecurityConfigurationBuilder.build(SecurityConfigurationBuilder.java:97) | |
at org.picketlink.config.AbstractSecurityConfigurationBuilder.build(AbstractSecurityConfigurationBuilder.java:53) | |
at org.picketlink.http.test.annotation.AnnotationBasedConfigTestCase.testHttpAnnotation(AnnotationBasedConfigTestCase.java:44) | |
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) | |
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:57) | |
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) | |
at java.lang.reflect.Method.invoke(Method.java:606) | |
at org.junit.runners.model.FrameworkMethod$1.runReflectiveCall(FrameworkMethod.java:45) | |
at org.junit.internal.runners.model.ReflectiveCallable.run(ReflectiveCallable.java:15) | |
at org.junit.runners.model.FrameworkMethod.invokeExplosively(FrameworkMethod.java:42) | |
at org.junit.internal.runners.statements.InvokeMethod.evaluate(InvokeMethod.java:20) | |
at org.junit.runners.ParentRunner.runLeaf(ParentRunner.java:263) | |
at org.junit.runners.BlockJUnit4ClassRunner.runChild(BlockJUnit4ClassRunner.java:68) | |
at org.junit.runners.BlockJUnit4ClassRunner.runChild(BlockJUnit4ClassRunner.java:47) | |
at org.junit.runners.ParentRunner$3.run(ParentRunner.java:231) | |
at org.junit.runners.ParentRunner$1.schedule(ParentRunner.java:60) | |
at org.junit.runners.ParentRunner.runChildren(ParentRunner.java:229) | |
at org.junit.runners.ParentRunner.access$000(ParentRunner.java:50) | |
at org.junit.runners.ParentRunner$2.evaluate(ParentRunner.java:222) | |
at org.junit.runners.ParentRunner.run(ParentRunner.java:300) | |
at org.apache.maven.surefire.junit4.JUnit4Provider.execute(JUnit4Provider.java:264) | |
at org.apache.maven.surefire.junit4.JUnit4Provider.executeTestSet(JUnit4Provider.java:153) | |
at org.apache.maven.surefire.junit4.JUnit4Provider.invoke(JUnit4Provider.java:124) | |
at org.apache.maven.surefire.booter.ForkedBooter.invokeProviderInSameClassLoader(ForkedBooter.java:200) | |
at org.apache.maven.surefire.booter.ForkedBooter.runSuitesInProcess(ForkedBooter.java:153) | |
at org.apache.maven.surefire.booter.ForkedBooter.main(ForkedBooter.java:103) |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment