From c871366c2e59758bf6ec2a15fe601a53920744e2 Mon Sep 17 00:00:00 2001 From: Rui Han Date: Wed, 8 May 2024 15:15:26 +0800 Subject: [PATCH] Apply indy-security CustomClientRequestFilter (#149) --- .../client/storage/StorageService.java | 3 + .../util/CustomClientRequestFilter.java | 59 ------------------- 2 files changed, 3 insertions(+), 59 deletions(-) delete mode 100644 src/main/java/org/commonjava/indy/service/repository/client/util/CustomClientRequestFilter.java diff --git a/src/main/java/org/commonjava/indy/service/repository/client/storage/StorageService.java b/src/main/java/org/commonjava/indy/service/repository/client/storage/StorageService.java index f7f0a4b..48c7e45 100644 --- a/src/main/java/org/commonjava/indy/service/repository/client/storage/StorageService.java +++ b/src/main/java/org/commonjava/indy/service/repository/client/storage/StorageService.java @@ -15,6 +15,8 @@ */ package org.commonjava.indy.service.repository.client.storage; +import org.commonjava.indy.service.security.jaxrs.CustomClientRequestFilter; +import org.eclipse.microprofile.rest.client.annotation.RegisterProvider; import org.eclipse.microprofile.rest.client.inject.RegisterRestClient; import jakarta.ws.rs.DELETE; @@ -24,6 +26,7 @@ @Path("/api/storage") @RegisterRestClient(configKey="storage-service-api") +@RegisterProvider(CustomClientRequestFilter.class) public interface StorageService { @DELETE diff --git a/src/main/java/org/commonjava/indy/service/repository/client/util/CustomClientRequestFilter.java b/src/main/java/org/commonjava/indy/service/repository/client/util/CustomClientRequestFilter.java deleted file mode 100644 index 0e8cc7a..0000000 --- a/src/main/java/org/commonjava/indy/service/repository/client/util/CustomClientRequestFilter.java +++ /dev/null @@ -1,59 +0,0 @@ -/** - * Copyright (C) 2022-2023 Red Hat, Inc. (https://github.com/Commonjava/indy-repository-service) - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ -package org.commonjava.indy.service.repository.client.util; - -import io.quarkus.oidc.client.OidcClient; -import io.quarkus.oidc.client.Tokens; -import org.eclipse.microprofile.config.inject.ConfigProperty; -import org.slf4j.Logger; -import org.slf4j.LoggerFactory; - -import jakarta.annotation.Priority; -import jakarta.inject.Inject; -import jakarta.ws.rs.Priorities; -import jakarta.ws.rs.client.ClientRequestContext; -import jakarta.ws.rs.client.ClientRequestFilter; -import jakarta.ws.rs.core.HttpHeaders; -import jakarta.ws.rs.ext.Provider; - -@Provider -@Priority(Priorities.AUTHENTICATION) -public class CustomClientRequestFilter implements ClientRequestFilter -{ - private final Logger logger = LoggerFactory.getLogger( getClass() ); - - @Inject - OidcClient client; - - private volatile Tokens tokens; - - @ConfigProperty(name = "indy_security.enabled") - boolean securityEnabled; - - @Override - public void filter( ClientRequestContext requestContext ) - { - if ( securityEnabled ) - { - if ( tokens == null || tokens.isAccessTokenExpired() ) - { - logger.debug("Security enabled, get oidc Tokens"); - tokens = client.getTokens().await().indefinitely(); - } - requestContext.getHeaders().add(HttpHeaders.AUTHORIZATION, "Bearer " + tokens.getAccessToken()); - } - } -}