@Override
public FilterDirector authenticate(HttpServletRequest request) {
final FilterDirector filterDirector = new FilterDirectorImpl();
filterDirector.setResponseStatus(HttpStatusCode.UNAUTHORIZED);
filterDirector.setFilterAction(FilterAction.RETURN);
final String authToken = request.getHeader(CommonHttpHeader.AUTH_TOKEN.toString());
final ExtractorResult<Object> account = keyedRegexExtractor.extract(request.getRequestURI());
CachableUserInfo user = null;
if ((!StringUtilities.isBlank(authToken) && account != null)) {
user = checkUserCache(account.getResult(), authToken);
if (user == null) {
try {
user = authenticationService.validateToken(account.getResult(), authToken);
cacheUserInfo(user);
} catch (Exception ex) {
LOG.error("Failure in auth: " + ex.getMessage(), ex);
filterDirector.setResponseStatus(HttpStatusCode.INTERNAL_SERVER_ERROR);
}
}
}
Groups groups = null;
if (user != null) {
groups = authenticationService.getGroups(user.getUserId());
}
final AuthenticationHeaderManager headerManager =
new AuthenticationHeaderManager(
authToken,
user,
delegatable,
filterDirector,
account == null ? "" : account.getResult(),
groups,
request);
headerManager.setFilterDirectorValues();
return filterDirector;
}
@Before
public void beforeAny() {
request = mock(HttpServletRequest.class);
response = mock(ReadableHttpServletResponse.class);
osauthConfig = new OpenstackAuth();
osauthConfig.setDelegable(delegable());
osauthConfig.setTenanted(isTenanted());
keyedRegexExtractor = new KeyedRegexExtractor();
final ClientMapping mapping = new ClientMapping();
mapping.setIdRegex("/start/([^/]*)/");
final ClientMapping mapping2 = new ClientMapping();
mapping2.setIdRegex(".*\\?.*username=(.+)");
osauthConfig.getClientMapping().add(mapping);
osauthConfig.getClientMapping().add(mapping2);
keyedRegexExtractor.addPattern(mapping.getIdRegex());
keyedRegexExtractor.addPattern(mapping2.getIdRegex());
final OpenStackIdentityService openStackIdentityService = new OpenStackIdentityService();
openStackIdentityService.setUri("http://some.auth.endpoint");
osauthConfig.setIdentityService(openStackIdentityService);
authService = mock(AuthenticationService.class);
whiteListRegexPatterns = new ArrayList<Pattern>();
whiteListRegexPatterns.add(Pattern.compile("/v1.0/application\\.wadl"));
final ServiceAdminRoles serviceAdminRoles = new ServiceAdminRoles();
serviceAdminRoles.getRole().add("12345");
endpointsConfiguration =
new EndpointsConfiguration("json", AUTH_USER_CACHE_TTL, new Integer("1000"));
Configurables configurables =
new Configurables(
delegable(),
"http://some.auth.endpoint",
keyedRegexExtractor,
isTenanted(),
AUTH_GROUP_CACHE_TTL,
AUTH_TOKEN_CACHE_TTL,
AUTH_USER_CACHE_TTL,
AUTH_CACHE_OFFSET,
requestGroups(),
endpointsConfiguration,
serviceAdminRoles.getRole(),
new ArrayList<String>());
handler =
new OpenStackAuthenticationHandler(
configurables,
authService,
null,
null,
null,
null,
new UriMatcher(whiteListRegexPatterns));
// Handler with cache
store = mock(Datastore.class);
AuthTokenCache cache = new AuthTokenCache(store, AUTH_TOKEN_CACHE_PREFIX);
AuthGroupCache grpCache = new AuthGroupCache(store, AUTH_GROUP_CACHE_PREFIX);
AuthUserCache usrCache = new AuthUserCache(store, AUTH_USER_CACHE_PREFIX);
EndpointsCache endpointsCache = new EndpointsCache(store, ENDPOINTS_CACHE_PREFIX);
handlerWithCache =
new OpenStackAuthenticationHandler(
configurables,
authService,
cache,
grpCache,
usrCache,
endpointsCache,
new UriMatcher(whiteListRegexPatterns));
}
private ExtractorResult<String> extractAccountIdentification(HttpServletRequest request) {
StringBuilder accountString = new StringBuilder(request.getRequestURI());
return keyedRegexExtractor.extract(accountString.toString());
}
