Java Code Examples for io.vertx.reactivex.ext.web.RoutingContext#next()
The following examples show how to use
io.vertx.reactivex.ext.web.RoutingContext#next() .
You can vote up the ones you like or vote down the ones you don't like,
and go to the original project or source file by following the links above each example. You may check out the related API usage on the sidebar.
Example 1
| Source File: AuthorizationRequestParseParametersHandler.java From graviteeio-access-management with Apache License 2.0 | 6 votes |
|
@Override
public void handle(RoutingContext context) {
// proceed prompt parameter
parsePromptParameter(context);
// proceed pkce parameter
parsePKCEParameter(context);
// proceed max_age parameter
parseMaxAgeParameter(context);
// proceed claims parameter
parseClaimsParameter(context);
context.next();
}
Example 2
| Source File: LoginErrorHandler.java From graviteeio-access-management with Apache License 2.0 | 6 votes |
|
@Override
public void handle(RoutingContext context) {
final HttpServerRequest request = context.request();
final String error = request.getParam(ERROR_PARAM);
final String errorCode = request.getParam(ERROR_CODE_PARAM);
final String errorDescription = request.getParam(ERROR_DESCRIPTION_PARAM);
// no error to handle, continue
if (error == null) {
context.next();
return;
}
// put error data in context
Map<String, Object> errorContext = new HashMap<>();
errorContext.put(ERROR_CODE_CONTEXT_KEY, errorCode);
errorContext.put(ERROR_DESCRIPTION_CONTEXT_KEY, errorDescription);
context.put(ERROR_CONTEXT_KEY, errorContext);
context.next();
}
Example 3
| Source File: AuthorizationRequestValidateParametersHandler.java From graviteeio-access-management with Apache License 2.0 | 6 votes |
|
@Override
public void handle(RoutingContext context) {
final String redirectUri = context.request().getParam(Parameters.REDIRECT_URI);
final String responseType = context.request().getParam(Parameters.RESPONSE_TYPE);
Client client = context.get(CLIENT_CONTEXT_KEY);
// Additional check
try {
checkGrantTypes(client);
checkResponseType(responseType, client);
checkRedirectUri(redirectUri, client);
context.next();
} catch (Exception ex) {
context.fail(ex);
}
}
Example 4
| Source File: AuthorizationRequestParseRequiredParametersHandler.java From graviteeio-access-management with Apache License 2.0 | 6 votes |
|
@Override
public void handle(RoutingContext context) {
// proceed request parameters
parseRequestParameters(context);
// proceed response type parameter
parseResponseTypeParameter(context);
// proceed response mode parameter
parseResponseModeParameter(context);
// proceed client_id parameter
parseClientIdParameter(context);
// proceed nonce parameter
parseNonceParameter(context);
context.next();
}
Example 5
| Source File: DynamicClientAccessTokenHandler.java From graviteeio-access-management with Apache License 2.0 | 6 votes |
|
@Override
public void handle(RoutingContext context) {
final JWT token = context.get(OAuth2AuthHandler.TOKEN_CONTEXT_KEY);
final Client client = context.get(OAuth2AuthHandler.CLIENT_CONTEXT_KEY);
if (token.hasScope(Scope.DCR_ADMIN.getKey())) {
context.next();
return;
}
// if not dcr admin, access token must match client registration token
final String rawToken = context.get(OAuth2AuthHandler.RAW_TOKEN_CONTEXT_KEY);
if (rawToken == null || !rawToken.equals(client.getRegistrationAccessToken())) {
context.fail(new ClientRegistrationForbiddenException("Non matching registration_access_token"));
return;
}
// registration token sub must match the client_id parameter
final String clientIdPathParameter = context.request().getParam(Parameters.CLIENT_ID);
if (!isRequestPathClientIdMatching(token, clientIdPathParameter)) {
context.fail(new ClientRegistrationForbiddenException("Not allowed to access to : " + clientIdPathParameter));
return;
}
context.next();
}
Example 6
| Source File: PasswordPolicyRequestParseHandler.java From graviteeio-access-management with Apache License 2.0 | 6 votes |
|
@Override
public void handle(RoutingContext context) {
if (!passwordValidator.validate(context.request().getParam(PASSWORD_PARAM))) {
Map<String, String> parameters = new HashMap<>();
if (context.request().getParam(CLIENT_ID_PARAM) != null) {
parameters.put(CLIENT_ID_PARAM, context.request().getParam(CLIENT_ID_PARAM));
}
if (context.request().getParam(TOKEN_PARAM) != null) {
parameters.put(TOKEN_PARAM, context.request().getParam(TOKEN_PARAM));
}
parameters.put(WARNING_PARAM, "invalid_password_value");
redirectToPage(context, parameters);
} else {
context.next();
}
}
Example 7
| Source File: SSOSessionHandler.java From graviteeio-access-management with Apache License 2.0 | 6 votes |
|
@Override
public void handle(RoutingContext context) {
// if no user in context, continue
if (context.user() == null) {
context.next();
return;
}
authorizeUser(context, h -> {
if (h.failed()) {
Throwable cause = h.cause();
LOGGER.debug("An error occurs while checking SSO Session upon the current user : {}", context.user().principal(), cause);
if (cause instanceof AccountDisabledException) {
// user has been disabled, invalidate session
context.clearUser();
context.session().destroy();
} else if (cause instanceof InvalidRequestException) {
context.fail(new HttpStatusException(403, "Invalid request for the current SSO context"));
return;
}
}
context.next();
});
}
Example 8
| Source File: DynamicClientRegistrationHandler.java From graviteeio-access-management with Apache License 2.0 | 6 votes |
|
@Override
public void handle(RoutingContext context) {
//Do not apply security check if open dynamic client registration is enabled.
if(domain.isOpenDynamicClientRegistrationEnabled()) {
LOGGER.debug("Open Dynamic client registration is enabled - no security will be performed.");
context.next();
return;
}
//1st check if dynamic client registration is enabled.
if(!domain.isDynamicClientRegistrationEnabled()) {
LOGGER.debug("Dynamic client registration is disabled");
context.fail(new ClientRegistrationForbiddenException());
return;
}
this.oAuth2AuthHandler.handle(context);
}
Example 9
| Source File: PublicApiVerticle.java From vertx-in-action with MIT License | 5 votes |
|
private void checkUser(RoutingContext ctx) {
String subject = ctx.user().principal().getString("sub");
if (!ctx.pathParam("username").equals(subject)) {
sendStatusCode(ctx, 403);
} else {
ctx.next();
}
}
Example 10
| Source File: TokenRequestParseHandler.java From graviteeio-access-management with Apache License 2.0 | 5 votes |
|
@Override
public void handle(RoutingContext context) {
// proceed request parameters
parseRequestParameters(context);
// proceed grant_type parameter
parseGrantTypeParameter(context);
context.next();
}
Example 11
| Source File: DynamicClientAccessHandler.java From graviteeio-access-management with Apache License 2.0 | 5 votes |
|
@Override
public void handle(RoutingContext context) {
//1st check if dynamic client registration is enabled.
if(!domain.isDynamicClientRegistrationEnabled()) {
context.fail(new ClientRegistrationForbiddenException());
return;
}
context.next();
}
Example 12
| Source File: DynamicClientRegistrationTemplateHandler.java From graviteeio-access-management with Apache License 2.0 | 5 votes |
|
@Override
public void handle(RoutingContext context) {
//Only allow access if dcr & template are enabled
if(domain.isDynamicClientRegistrationEnabled() && domain.isDynamicClientRegistrationTemplateEnabled()) {
context.next();
return;
}
//Else fail...
context.fail(new ClientRegistrationForbiddenException());
}
Example 13
| Source File: TransactionHandler.java From graviteeio-access-management with Apache License 2.0 | 5 votes |
|
@Override
public void handle(RoutingContext context) {
String transactionId = context.request().headers().get(transactionHeader);
if (transactionId == null) {
transactionId = UUID.toString(UUID.random());
context.request().headers().set(transactionHeader, transactionId);
}
context.response().headers().set(transactionHeader,transactionId);
context.next();
}
Example 14
| Source File: UserBodyRequestParseHandler.java From graviteeio-access-management with Apache License 2.0 | 5 votes |
|
@Override
public void handle(RoutingContext context) {
HttpServerRequest req = context.request();
if (req.method() != HttpMethod.POST) {
context.fail(405); // Must be a POST
} else {
if (!req.isExpectMultipart()) {
throw new IllegalStateException("Form body not parsed - do you forget to include a BodyHandler?");
}
// check required parameters
MultiMap params = req.formAttributes();
Optional<String> missingParameter = requiredParams.stream().filter(param -> {
String paramValue = params.get(param);
if (paramValue == null) {
logger.warn("No {} provided in form - did you forget to include a BodyHandler?", param);
return true;
}
return false;
}).findFirst();
if (missingParameter.isPresent()) {
redirectToPage(context, Collections.singletonMap(ERROR_PARAM, "missing_required_parameters"));
} else {
context.next();
}
}
}
Example 15
| Source File: LoginRequestParseHandler.java From graviteeio-access-management with Apache License 2.0 | 5 votes |
|
@Override
public void handle(RoutingContext context) {
Session session = context.session();
if (session == null || session.get(RedirectAuthHandler.DEFAULT_RETURN_URL_PARAM) == null) {
throw new InvalidRequestException("User cannot log in directly from the login page");
}
context.next();
}
Example 16
| Source File: LoginCallbackOpenIDConnectFlowHandler.java From graviteeio-access-management with Apache License 2.0 | 5 votes |
|
@Override
public void handle(RoutingContext context) {
final String providerId = context.request().getParam(PROVIDER_PARAMETER);
final AuthenticationProvider authenticationProvider = context.get(PROVIDER_PARAMETER);
// identity provider type is not OpenID Connect or the implicit flow is not used, continue
if (!canHandle(authenticationProvider)) {
context.next();
return;
}
// if method is post, the OpenID Connect implicit flow response hash url must be present, add it to the execution context
if (context.request().method().equals(HttpMethod.POST)) {
final String hashValue = context.request().getParam(HASH_VALUE_PARAMETER);
if (hashValue == null) {
context.fail(new InternalAuthenticationServiceException("No URL hash value found"));
return;
}
// decode hash value and put data in the execution context
Map<String, String> hashValues = getParams(hashValue.substring(1)); // remove # symbol
hashValues.forEach((k, v) -> context.put(k, v));
context.next();
return;
}
// implicit flow, we need to retrieve hash url from the browser to get access_token, id_token, ...
engine.render(Collections.singletonMap("providerId", providerId), "login_callback", res -> {
if (res.succeeded()) {
context.response().putHeader(HttpHeaders.CONTENT_TYPE, MediaType.TEXT_HTML);
context.response().end(res.result());
} else {
logger.error("Unable to render login callback page", res.cause());
context.fail(res.cause());
}
});
}
Example 17
| Source File: UserProfileApiVerticle.java From vertx-in-action with MIT License | 5 votes |
|
private void validateRegistration(RoutingContext ctx) {
JsonObject body = jsonBody(ctx);
if (anyRegistrationFieldIsMissing(body) || anyRegistrationFieldIsWrong(body)) {
ctx.fail(400);
} else {
ctx.next();
}
}
Example 18
| Source File: AuthorizationRequestParseRequestObjectHandler.java From graviteeio-access-management with Apache License 2.0 | 4 votes |
|
@Override
public void handle(RoutingContext context) {
// Even if a scope parameter is present in the Request Object value, a scope parameter MUST always be passed
// using the OAuth 2.0 request syntax containing the openid scope value to indicate to the underlying OAuth 2.0
// logic that this is an OpenID Connect request.
String scope = context.request().getParam(io.gravitee.am.common.oauth2.Parameters.SCOPE);
HashSet<String> scopes = scope != null && !scope.isEmpty() ? new HashSet<>(Arrays.asList(scope.split("\\s+"))) : null;
if (scopes == null || !scopes.contains(Scope.OPENID.getKey())) {
context.next();
return;
}
// if there is no request or request_uri parameters, continue
if ((context.request().getParam(Parameters.REQUEST) == null || context.request().getParam(Parameters.REQUEST).isEmpty())
&& ((context.request().getParam(Parameters.REQUEST_URI) == null || context.request().getParam(Parameters.REQUEST_URI).isEmpty()))) {
context.next();
return;
}
// check request object parameters
checkRequestObjectParameters(context);
// Proceed request and request_uri parameters
Maybe<JWT> requestObject = null;
if (context.request().getParam(Parameters.REQUEST) != null) {
requestObject = handleRequestObjectValue(context);
} else if (context.request().getParam(Parameters.REQUEST_URI) != null) {
requestObject = handleRequestObjectURI(context);
}
requestObject
.subscribe(
jwt -> {
try {
// Check OAuth2 parameters
checkOAuthParameters(context, jwt);
overrideRequestParameters(context, jwt);
context.next();
} catch (Exception ex) {
context.fail(ex);
}
},
context::fail,
() -> context.next());
}
Example 19
| Source File: UserTokenRequestParseHandler.java From graviteeio-access-management with Apache License 2.0 | 4 votes |
|
@Override
public void handle(RoutingContext context) {
String token = context.request().getParam(TOKEN_PARAM);
String error = context.request().getParam(ERROR_PARAM);
String success = context.request().getParam(SUCCESS_PARAM);
String warning = context.request().getParam(WARNING_PARAM);
// user action completed, continue
if (success != null) {
context.next();
return;
}
// user has been redirected due to warning, continue
if (warning != null && token == null) {
context.next();
return;
}
// user has been redirected due to errors, continue
if (error != null) {
context.next();
return;
}
// missing required token param
// redirect user error message
if (token == null) {
redirectToPage(context, Collections.singletonMap("error","token_missing"));
return;
}
parseToken(token, handler -> {
if (handler.failed()) {
redirectToPage(context, Collections.singletonMap("error","invalid_token"));
return;
}
// put user and client in context
UserToken userToken = handler.result();
context.put("user", userToken.getUser());
context.put("client", userToken.getClient());
context.next();
});
}
Example 20
| Source File: AuthorizationRequestEndUserConsentHandler.java From graviteeio-access-management with Apache License 2.0 | 4 votes |
|
@Override
public void handle(RoutingContext routingContext) {
final Session session = routingContext.session();
final HttpServerRequest request = routingContext.request();
final Client client = routingContext.get(CLIENT_CONTEXT_KEY);
final io.gravitee.am.model.User user = routingContext.user() != null ? ((User) routingContext.user().getDelegate()).getUser() : null;
final AuthorizationRequest authorizationRequest = session.get(OAuth2Constants.AUTHORIZATION_REQUEST);
final Set<String> requestedConsent = authorizationRequest.getScopes();
// no consent to check, continue
if (requestedConsent == null || requestedConsent.isEmpty()) {
routingContext.next();
return;
}
// check if user is already set its consent
if (session.get(USER_CONSENT_COMPLETED_CONTEXT_KEY) != null && session.get(USER_CONSENT_COMPLETED_CONTEXT_KEY).equals(true)) {
if (authorizationRequest.isApproved()) {
routingContext.next();
return;
}
// if prompt=none and the Client does not have pre-configured consent for the requested Claims, throw interaction_required exception
// https://openid.net/specs/openid-connect-core-1_0.html#AuthRequest
String prompt = request.params().get(Parameters.PROMPT);
if (prompt != null && Arrays.asList(prompt.split("\\s+")).contains("none")) {
routingContext.fail(new InteractionRequiredException("Interaction required"));
} else {
routingContext.fail(new AccessDeniedException("User denied access"));
}
return;
}
// application has forced to prompt consent screen to the user
// go to the user consent page
if (request.params().contains(Parameters.PROMPT)
&& request.params().get(Parameters.PROMPT).contains("consent")) {
session.put(REQUESTED_CONSENT_CONTEXT_KEY, requestedConsent);
redirectToConsentPage(request);
return;
}
// check if application has enabled skip consent option
if (skipConsent(requestedConsent, client)) {
authorizationRequest.setApproved(true);
routingContext.next();
return;
}
// check user consent
checkUserConsent(client, user, h -> {
if (h.failed()) {
routingContext.fail(h.cause());
return;
}
Set<String> approvedConsent = h.result();
// user approved consent, continue
if (approvedConsent.containsAll(requestedConsent)) {
authorizationRequest.setApproved(true);
routingContext.next();
return;
}
// else go to the user consent page
Set<String> requiredConsent = requestedConsent.stream().filter(requestedScope -> !approvedConsent.contains(requestedScope)).collect(Collectors.toSet());
session.put(REQUESTED_CONSENT_CONTEXT_KEY, requiredConsent);
redirectToConsentPage(request);
});
}
