Authentication¶
Example of dropwizard authentication usage with guice.
Simple auth¶
Using dropwizard oauth example as basement. Other auth types are configured in similar way.
@Provider
public class OAuthDynamicFeature extends AuthDynamicFeature {
@Inject
public OAuthDynamicFeature(OAuthAuthenticator authenticator,
UserAuthorizer authorizer,
Environment environment) {
super(new OAuthCredentialAuthFilter.Builder<User>()
.setAuthenticator(authenticator)
.setAuthorizer(authorizer)
.setPrefix("Bearer")
.buildAuthFilter());
environment.jersey().register(RolesAllowedDynamicFeature.class);
environment.jersey().register(new AuthValueFactoryProvider.Binder(User.class));
}
// classes below may be external (internal for simplicity)
@Singleton
public static class OAuthAuthenticator implements Authenticator<String, User> {
@Override
public Optional<User> authenticate(String credentials) throws AuthenticationException {
return Optional.fromNullable("valid".equals(credentials) ? new User() : null); }
}
@Singleton
public static class UserAuthorizer implements Authorizer<User> {
@Override
public boolean authorize(User user, String role) {
return user.getName().equals("good-guy") && role.equals("ADMIN");
}
}
}
The class is automatically picked up by the jersey installer.
OAuthAuthenticator
and OAuthAuthorizer
are simple guice beans (no special installation required).
Constructor injection is used to obtain required guice managed instances and then configure authentication the same way as described in dropwizard docs.
If auto configuration is enabled, then the class will be resolved and installed automatically.
Complete OAuth example source
Chained auth¶
Chained auth can be used to support different authentication schemes.
Integration approach is the same as in simple case:
@Provider
public class ChainedAuthDynamicFeature extends AuthDynamicFeature {
@Inject
public ChainedAuthDynamicFeature(BasicAuthenticator basicAuthenticator,
OAuthAuthenticator oauthAuthenticator,
UserAuthorizer authorizer,
Environment environment) {
super(new ChainedAuthFilter(Arrays.asList(
new BasicCredentialAuthFilter.Builder<>()
.setAuthenticator(basicAuthenticator)
.setAuthorizer(authorizer)
.setPrefix("Basic")
.buildAuthFilter(),
new OAuthCredentialAuthFilter.Builder<>()
.setAuthenticator(oauthAuthenticator)
.setAuthorizer(authorizer)
.setPrefix("Bearer")
.buildAuthFilter()
)));
environment.jersey().register(RolesAllowedDynamicFeature.class);
environment.jersey().register(new AuthValueFactoryProvider.Binder(User.class));
}
}
Polymorphic auth¶
Polymorphic auth allows using different auth schemes simultaneously.
Integration approach is the same as in simple case:
@Provider
public class PolyAuthDynamicFeature extends PolymorphicAuthDynamicFeature {
@Inject
public PolyAuthDynamicFeature(BasicAuthenticator basicAuthenticator,
OauthAuthenticator oauthAuthenticator,
UserAuthorizer authorizer,
Environment environment) {
super(ImmutableMap.of(
BasicPrincipal.class, new BasicCredentialAuthFilter.Builder<BasicPrincipal>()
.setAuthenticator(basicAuthenticator)
.setAuthorizer(authorizer)
.setRealm("SUPER SECRET STUFF")
.buildAuthFilter(),
OAuthPrincipal.class, new OAuthCredentialAuthFilter.Builder<OAuthPrincipal>()
.setAuthenticator(oauthAuthenticator)
.setAuthorizer(authorizer)
.setPrefix("Bearer")
.buildAuthFilter()));
final AbstractBinder binder = new PolymorphicAuthValueFactoryProvider.Binder<>(
ImmutableSet.of(BasicPrincipal.class, OAuthPrincipal.class));
environment.jersey().register(binder);
environment.jersey().register(RolesAllowedDynamicFeature.class);
}
}