Authentication¶
Example of dropwizard authentication usage with guice.
Simple auth¶
Using dropwizard oauth example as basement. Other auth types are configured in similar way.
@Provider public class OAuthDynamicFeature extends AuthDynamicFeature { @Inject public OAuthDynamicFeature(OAuthAuthenticator authenticator, UserAuthorizer authorizer, Environment environment) { super(new OAuthCredentialAuthFilter.Builder<User>() .setAuthenticator(authenticator) .setAuthorizer(authorizer) .setPrefix("Bearer") .buildAuthFilter()); environment.jersey().register(RolesAllowedDynamicFeature.class); environment.jersey().register(new AuthValueFactoryProvider.Binder(User.class)); } // classes below may be external (internal for simplicity) @Singleton public static class OAuthAuthenticator implements Authenticator<String, User> { @Override public Optional<User> authenticate(String credentials) throws AuthenticationException { return Optional.fromNullable("valid".equals(credentials) ? new User() : null); } } @Singleton public static class UserAuthorizer implements Authorizer<User> { @Override public boolean authorize(User user, String role) { return user.getName().equals("good-guy") && role.equals("ADMIN"); } } }
The class is automatically picked up by the jersey installer.
OAuthAuthenticator
and OAuthAuthorizer
are simple guice beans (no special installation required).
Constructor injection is used to obtain required guice managed instances and then configure authentication the same way as described in dropwizard docs.
If auto configuration is enabled, then the class will be resolved and installed automatically.
Chained auth¶
Chained auth can be used to support different authentication schemes.
Integration approach is the same as in simple case:
@Provider public class ChainedAuthDynamicFeature extends AuthDynamicFeature { @Inject public ChainedAuthDynamicFeature(BasicAuthenticator basicAuthenticator, OAuthAuthenticator oauthAuthenticator, UserAuthorizer authorizer, Environment environment) { super(new ChainedAuthFilter(Arrays.asList( new BasicCredentialAuthFilter.Builder<>() .setAuthenticator(basicAuthenticator) .setAuthorizer(authorizer) .setPrefix("Basic") .buildAuthFilter(), new OAuthCredentialAuthFilter.Builder<>() .setAuthenticator(oauthAuthenticator) .setAuthorizer(authorizer) .setPrefix("Bearer") .buildAuthFilter() ))); environment.jersey().register(RolesAllowedDynamicFeature.class); environment.jersey().register(new AuthValueFactoryProvider.Binder(User.class)); } }
Polymorphic auth¶
Polymorphic auth allows using different auth schemes simultaneously.
Integration approach is the same as in simple case:
@Provider public class PolyAuthDynamicFeature extends PolymorphicAuthDynamicFeature { @Inject public PolyAuthDynamicFeature(BasicAuthenticator basicAuthenticator, OauthAuthenticator oauthAuthenticator, UserAuthorizer authorizer, Environment environment) { super(ImmutableMap.of( BasicPrincipal.class, new BasicCredentialAuthFilter.Builder<BasicPrincipal>() .setAuthenticator(basicAuthenticator) .setAuthorizer(authorizer) .setRealm("SUPER SECRET STUFF") .buildAuthFilter(), OAuthPrincipal.class, new OAuthCredentialAuthFilter.Builder<OAuthPrincipal>() .setAuthenticator(oauthAuthenticator) .setAuthorizer(authorizer) .setPrefix("Bearer") .buildAuthFilter())); final AbstractBinder binder = new PolymorphicAuthValueFactoryProvider.Binder<>( ImmutableSet.of(BasicPrincipal.class, OAuthPrincipal.class)); environment.jersey().register(binder); environment.jersey().register(RolesAllowedDynamicFeature.class); } }