Package io.quarkus.vertx.http.runtime.security

Class HttpAuthenticator

java.lang.Object
io.quarkus.vertx.http.runtime.security.HttpAuthenticator
@Singleton public final class HttpAuthenticator extends Object
Class that is responsible for running the HTTP based authentication

  • Nested Class Summary

    Nested Classes
    Modifier and Type
    Class
    Description
    (package private) static class 
    HttpAuthenticator.NoAuthenticationMechanism
     

  • Field Summary

    Fields
    Modifier and Type
    Field
    Description
    static final String
    BASIC_AUTH_ANNOTATION_DETECTED
    Whether BasicAuthentication has been detected, which means that user needs to use basic authentication.
    static final String
    TEST_IF_BASIC_AUTH_IMPLICITLY_REQUIRED
    Special handling for the basic authentication mechanism, for user convenience, we add the mechanism when: - not explicitly disabled or enabled - is default bean and not programmatically looked up because there are other authentication mechanisms - no custom auth mechanism is defined because then, we can't tell if user didn't provide custom impl

  • Constructor Summary

    Constructors
    Constructor
    Description
    HttpAuthenticator(io.quarkus.security.identity.IdentityProviderManager identityProviderManager, jakarta.enterprise.event.Event<io.quarkus.security.spi.runtime.AuthenticationFailureEvent> authFailureEvent, jakarta.enterprise.event.Event<io.quarkus.security.spi.runtime.AuthenticationSuccessEvent> authSuccessEvent, jakarta.enterprise.inject.spi.BeanManager beanManager, VertxHttpConfig httpConfig, jakarta.enterprise.inject.Instance<io.quarkus.security.identity.IdentityProvider<?>> providers, boolean securityEventsEnabled)
     

  • Method Summary

    Modifier and Type
    Method
    Description
    io.smallrye.mutiny.Uni<io.quarkus.security.identity.SecurityIdentity>
    attemptAuthentication(io.vertx.ext.web.RoutingContext routingContext)
    Attempts authentication with the contents of the request.
    io.smallrye.mutiny.Uni<ChallengeData>
    getChallenge(io.vertx.ext.web.RoutingContext routingContext)
     
    io.quarkus.security.identity.IdentityProviderManager
    getIdentityProviderManager()
     
    (package private) static void
    selectAuthMechanism(io.vertx.ext.web.RoutingContext routingContext, String authMechanism)
     
    (package private) static void
    selectAuthMechanismWithAnnotation()
     
    io.smallrye.mutiny.Uni<Boolean>
    sendChallenge(io.vertx.ext.web.RoutingContext routingContext)
     

    Methods inherited from class java.lang.Object

    clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

  • Field Details

    • TEST_IF_BASIC_AUTH_IMPLICITLY_REQUIRED

      public static final String TEST_IF_BASIC_AUTH_IMPLICITLY_REQUIRED
      Special handling for the basic authentication mechanism, for user convenience, we add the mechanism when: - not explicitly disabled or enabled - is default bean and not programmatically looked up because there are other authentication mechanisms - no custom auth mechanism is defined because then, we can't tell if user didn't provide custom impl. - there is a provider that supports it (if not, we inform user via the log)

      Presence of this system property means that we need to test whether: - there are HTTP Permissions using explicitly this mechanism - or BasicAuthentication

      See Also:

    • BASIC_AUTH_ANNOTATION_DETECTED

      public static final String BASIC_AUTH_ANNOTATION_DETECTED
      Whether BasicAuthentication has been detected, which means that user needs to use basic authentication. Only set when detected and TEST_IF_BASIC_AUTH_IMPLICITLY_REQUIRED is true.
      See Also:

  • Constructor Details

    • HttpAuthenticator

      HttpAuthenticator(io.quarkus.security.identity.IdentityProviderManager identityProviderManager, jakarta.enterprise.event.Event<io.quarkus.security.spi.runtime.AuthenticationFailureEvent> authFailureEvent, jakarta.enterprise.event.Event<io.quarkus.security.spi.runtime.AuthenticationSuccessEvent> authSuccessEvent, jakarta.enterprise.inject.spi.BeanManager beanManager, VertxHttpConfig httpConfig, jakarta.enterprise.inject.Instance<io.quarkus.security.identity.IdentityProvider<?>> providers, boolean securityEventsEnabled)

  • Method Details

    • getIdentityProviderManager

      public io.quarkus.security.identity.IdentityProviderManager getIdentityProviderManager()

    • attemptAuthentication

      public io.smallrye.mutiny.Uni<io.quarkus.security.identity.SecurityIdentity> attemptAuthentication(io.vertx.ext.web.RoutingContext routingContext)
      Attempts authentication with the contents of the request. If this is possible the Uni will resolve to a valid SecurityIdentity when it is subscribed to. Note that Uni is lazy, so this may not happen until the Uni is subscribed to.

      If invalid credentials are present then the completion stage will resolve to a AuthenticationFailedException

      If no credentials are present it will resolve to null.

    • sendChallenge

      public io.smallrye.mutiny.Uni<Boolean> sendChallenge(io.vertx.ext.web.RoutingContext routingContext)
      Returns:

    • getChallenge

      public io.smallrye.mutiny.Uni<ChallengeData> getChallenge(io.vertx.ext.web.RoutingContext routingContext)

    • selectAuthMechanismWithAnnotation

      static void selectAuthMechanismWithAnnotation()

    • selectAuthMechanism

      static void selectAuthMechanism(io.vertx.ext.web.RoutingContext routingContext, String authMechanism)