├── vertx-auth-webauthn4j ├── .gitignore ├── src │ ├── main │ │ ├── java │ │ │ ├── examples │ │ │ │ └── package-info.java │ │ │ ├── io │ │ │ │ └── vertx │ │ │ │ │ └── ext │ │ │ │ │ └── auth │ │ │ │ │ └── webauthn4j │ │ │ │ │ ├── WebAuthn4JException.java │ │ │ │ │ ├── package-info.java │ │ │ │ │ ├── impl │ │ │ │ │ ├── AuthData.java │ │ │ │ │ └── VertxHttpAsyncClient.java │ │ │ │ │ ├── Attestation.java │ │ │ │ │ ├── UserVerification.java │ │ │ │ │ ├── AuthenticatorAttachment.java │ │ │ │ │ ├── AuthenticatorTransport.java │ │ │ │ │ ├── ResidentKey.java │ │ │ │ │ ├── COSEAlgorithm.java │ │ │ │ │ └── RelyingParty.java │ │ │ └── module-info.java │ │ └── generated │ │ │ └── io │ │ │ └── vertx │ │ │ └── ext │ │ │ └── auth │ │ │ └── webauthn4j │ │ │ ├── RelyingPartyConverter.java │ │ │ └── AttestationCertificatesConverter.java │ └── test │ │ └── java │ │ └── module-info.java └── README.adoc ├── vertx-auth-htdigest ├── src │ ├── test │ │ ├── resources │ │ │ ├── .htdigest │ │ │ └── regression.htdigest │ │ └── java │ │ │ ├── module-info.java │ │ │ └── io │ │ │ └── vertx │ │ │ └── tests │ │ │ └── RegressionTest.java │ └── main │ │ └── java │ │ ├── examples │ │ ├── package-info.java │ │ └── AuthHtdigestExamples.java │ │ ├── module-info.java │ │ └── io │ │ └── vertx │ │ └── ext │ │ └── auth │ │ └── htdigest │ │ ├── package-info.java │ │ └── HtdigestAuth.java ├── README.adoc └── pom.xml ├── vertx-auth-jwt ├── src │ ├── main │ │ └── java │ │ │ ├── examples │ │ │ └── package-info.java │ │ │ ├── io │ │ │ └── vertx │ │ │ │ └── ext │ │ │ │ └── auth │ │ │ │ └── jwt │ │ │ │ ├── package-info.java │ │ │ │ └── authorization │ │ │ │ ├── JWTAuthorization.java │ │ │ │ └── MicroProfileAuthorization.java │ │ │ └── module-info.java │ └── test │ │ ├── resources │ │ ├── gce.jks │ │ ├── keystore.jceks │ │ ├── es256-keystore.jceks │ │ └── keystore-race.jceks │ │ └── java │ │ ├── module-info.java │ │ └── io │ │ └── vertx │ │ └── tests │ │ ├── DummyVerticle.java │ │ └── JWTConcurrentCreationTest.java ├── README.adoc └── pom.xml ├── vertx-auth-oauth2 ├── src │ ├── main │ │ └── java │ │ │ ├── examples │ │ │ └── package-info.java │ │ │ ├── io │ │ │ └── vertx │ │ │ │ └── ext │ │ │ │ └── auth │ │ │ │ └── oauth2 │ │ │ │ ├── package-info.java │ │ │ │ └── authorization │ │ │ │ └── KeycloakAuthorization.java │ │ │ └── module-info.java │ └── test │ │ └── java │ │ └── io │ │ └── vertx │ │ └── tests │ │ ├── KeycloakFromJsonTest.java │ │ └── OAuth2ClientOptionsTest.java └── README.adoc ├── vertx-auth-htpasswd ├── src │ ├── main │ │ ├── java │ │ │ ├── examples │ │ │ │ ├── package-info.java │ │ │ │ └── AuthHtpasswdExamples.java │ │ │ ├── io │ │ │ │ └── vertx │ │ │ │ │ └── ext │ │ │ │ │ └── auth │ │ │ │ │ └── htpasswd │ │ │ │ │ ├── package-info.java │ │ │ │ │ ├── impl │ │ │ │ │ └── hash │ │ │ │ │ │ ├── Plaintext.java │ │ │ │ │ │ ├── Crypt.java │ │ │ │ │ │ ├── APR1.java │ │ │ │ │ │ └── SHA1.java │ │ │ │ │ ├── HtpasswdAuth.java │ │ │ │ │ └── HtpasswdAuthOptions.java │ │ │ └── module-info.java │ │ ├── resources │ │ │ └── META-INF │ │ │ │ └── services │ │ │ │ └── io.vertx.ext.auth.hashing.HashingAlgorithm │ │ └── generated │ │ │ └── io │ │ │ └── vertx │ │ │ └── ext │ │ │ └── auth │ │ │ └── htpasswd │ │ │ └── HtpasswdAuthOptionsConverter.java │ └── test │ │ ├── resources │ │ └── .htpasswd │ │ └── java │ │ ├── module-info.java │ │ └── io │ │ └── vertx │ │ └── tests │ │ └── EncodingTest.java ├── README.adoc └── pom.xml ├── vertx-auth-sql-client ├── src │ ├── main │ │ ├── java │ │ │ ├── examples │ │ │ │ └── package-info.java │ │ │ ├── module-info.java │ │ │ └── io │ │ │ │ └── vertx │ │ │ │ └── ext │ │ │ │ └── auth │ │ │ │ └── sqlclient │ │ │ │ ├── package-info.java │ │ │ │ └── SqlAuthorization.java │ │ ├── resources │ │ │ └── sql-auth-ddl.sql │ │ └── generated │ │ │ └── io │ │ │ └── vertx │ │ │ └── ext │ │ │ └── auth │ │ │ └── sqlclient │ │ │ ├── SqlAuthenticationOptionsConverter.java │ │ │ └── SqlAuthorizationOptionsConverter.java │ └── test │ │ └── resources │ │ └── mysql-auth-ddl-test.sql └── README.adoc ├── vertx-auth-common ├── src │ ├── test │ │ ├── resources │ │ │ ├── gce.jks │ │ │ ├── keystore.p12 │ │ │ ├── keystore.jceks │ │ │ ├── keystore.pkcs12 │ │ │ ├── vertx-default-jul-logging.properties │ │ │ └── toc.jwt │ │ ├── node │ │ │ ├── package.json │ │ │ ├── test-x5c │ │ │ │ └── package.json │ │ │ └── test-ec │ │ │ │ └── index.js │ │ └── java │ │ │ └── io │ │ │ └── vertx │ │ │ └── tests │ │ │ ├── it │ │ │ └── JWKLegacyBase64Test.java │ │ │ ├── impl │ │ │ ├── UserConverterTest.java │ │ │ ├── CodecTest.java │ │ │ └── jose │ │ │ │ └── CryptoTest.java │ │ │ ├── TestUtils.java │ │ │ ├── NotAuthorizationTest.java │ │ │ ├── signer │ │ │ ├── keys.txt │ │ │ └── SigningAlgoTest.java │ │ │ ├── VertxContextPRNGTest.java │ │ │ ├── audit │ │ │ └── AuditLoggerTest.java │ │ │ └── authorization │ │ │ └── impl │ │ │ └── VariableAwareExpressionTest.java │ └── main │ │ ├── resources │ │ └── META-INF │ │ │ └── services │ │ │ └── io.vertx.ext.auth.hashing.HashingAlgorithm │ │ ├── java │ │ ├── io │ │ │ └── vertx │ │ │ │ └── ext │ │ │ │ └── auth │ │ │ │ ├── impl │ │ │ │ ├── jose │ │ │ │ │ └── algo │ │ │ │ │ │ ├── Signer.java │ │ │ │ │ │ ├── Verifier.java │ │ │ │ │ │ ├── ThreadSafeSigningAlgorithm.java │ │ │ │ │ │ └── ThreadLocalSigningAlgorithm.java │ │ │ │ └── hash │ │ │ │ │ ├── SHA512.java │ │ │ │ │ ├── SHA1.java │ │ │ │ │ ├── SHA256.java │ │ │ │ │ └── AbstractMDHash.java │ │ │ │ ├── package-info.java │ │ │ │ ├── audit │ │ │ │ ├── Marker.java │ │ │ │ ├── impl │ │ │ │ │ └── SecurityAuditNOOP.java │ │ │ │ └── SecurityAudit.java │ │ │ │ ├── authentication │ │ │ │ ├── CredentialValidationException.java │ │ │ │ └── AuthenticationProvider.java │ │ │ │ ├── authorization │ │ │ │ ├── NotAuthorization.java │ │ │ │ ├── OrAuthorization.java │ │ │ │ ├── AndAuthorization.java │ │ │ │ ├── impl │ │ │ │ │ ├── AuthorizationContextImpl.java │ │ │ │ │ ├── NotAuthorizationConverter.java │ │ │ │ │ ├── RoleBasedAuthorizationConverter.java │ │ │ │ │ ├── PermissionBasedAuthorizationConverter.java │ │ │ │ │ ├── WildcardPermissionBasedAuthorizationConverter.java │ │ │ │ │ └── NotAuthorizationImpl.java │ │ │ │ ├── AuthorizationProvider.java │ │ │ │ ├── RoleBasedAuthorization.java │ │ │ │ ├── PermissionBasedAuthorization.java │ │ │ │ ├── WildcardPermissionBasedAuthorization.java │ │ │ │ └── AuthorizationContext.java │ │ │ │ ├── NoSuchKeyIdException.java │ │ │ │ ├── hashing │ │ │ │ └── HashingAlgorithm.java │ │ │ │ └── ChainAuth.java │ │ └── examples │ │ │ └── package-info.java │ │ └── generated │ │ └── io │ │ └── vertx │ │ └── ext │ │ └── auth │ │ ├── authentication │ │ ├── UsernamePasswordCredentialsConverter.java │ │ └── TokenCredentialsConverter.java │ │ └── PubSecKeyOptionsConverter.java └── README.adoc ├── .github ├── dependabot.yml ├── ISSUE_TEMPLATE.md ├── workflows │ ├── ci-5.x.yml │ ├── ci-5.x-stable.yml │ ├── ci-4.x.yml │ ├── ci.yml │ ├── ci-matrix-5.x.yml │ ├── deploy.yml │ └── codeql-analysis.yml ├── maven-ci-settings.xml └── maven-cd-settings.xml ├── vertx-auth-properties ├── README.adoc ├── src │ ├── test │ │ ├── resources │ │ │ └── test-auth.properties │ │ └── java │ │ │ └── module-info.java │ └── main │ │ ├── java │ │ ├── module-info.java │ │ └── io │ │ │ └── vertx │ │ │ └── ext │ │ │ └── auth │ │ │ └── properties │ │ │ ├── package-info.java │ │ │ ├── PropertyFileAuthentication.java │ │ │ └── PropertyFileAuthorization.java │ │ └── asciidoc │ │ └── index.adoc └── pom.xml ├── vertx-auth-ldap ├── README.adoc ├── src │ ├── test │ │ ├── resources │ │ │ └── ldap.ldif │ │ └── java │ │ │ └── module-info.java │ └── main │ │ ├── java │ │ ├── module-info.java │ │ └── io │ │ │ └── vertx │ │ │ └── ext │ │ │ └── auth │ │ │ └── ldap │ │ │ ├── package-info.java │ │ │ └── LdapAuthentication.java │ │ └── asciidoc │ │ └── index.adoc └── pom.xml ├── vertx-auth-abac ├── README.adoc ├── src │ ├── test │ │ ├── resources │ │ │ └── authz-policy.json │ │ └── java │ │ │ ├── module-info.java │ │ │ └── io │ │ │ └── vertx │ │ │ └── tests │ │ │ └── PolicyTest.java │ └── main │ │ └── java │ │ ├── module-info.java │ │ ├── examples │ │ └── package-info.java │ │ └── io │ │ └── vertx │ │ └── ext │ │ └── auth │ │ └── abac │ │ ├── impl │ │ └── Operator.java │ │ ├── package-info.java │ │ └── PolicyBasedAuthorizationProvider.java └── pom.xml ├── .editorconfig ├── .gitignore ├── vertx-auth-otp ├── src │ ├── test │ │ └── java │ │ │ ├── module-info.java │ │ │ └── io │ │ │ └── vertx │ │ │ └── tests │ │ │ └── DummyDatabase.java │ └── main │ │ ├── java │ │ ├── module-info.java │ │ ├── io │ │ │ └── vertx │ │ │ │ └── ext │ │ │ │ └── auth │ │ │ │ └── otp │ │ │ │ ├── package-info.java │ │ │ │ └── OtpKeyGenerator.java │ │ └── examples │ │ │ └── hotp │ │ │ └── HotpAuthExamples.java │ │ └── generated │ │ └── io │ │ └── vertx │ │ └── ext │ │ └── auth │ │ └── otp │ │ ├── OtpCredentialsConverter.java │ │ ├── totp │ │ └── TotpAuthOptionsConverter.java │ │ └── hotp │ │ └── HotpAuthOptionsConverter.java └── pom.xml └── README.adoc /vertx-auth-webauthn4j/.gitignore: -------------------------------------------------------------------------------- 1 | /vertx-auth-webauthn/ 2 | /.apt_generated_tests/ 3 | -------------------------------------------------------------------------------- /vertx-auth-htdigest/src/test/resources/.htdigest: -------------------------------------------------------------------------------- 1 | Mufasa:testrealm@host.com:939e7578ed9e3c518a452acee763bce9 2 | -------------------------------------------------------------------------------- /vertx-auth-htdigest/src/test/resources/regression.htdigest: -------------------------------------------------------------------------------- 1 | usain:jcrealm@host.com:28ee8d494b645014eefcd66ac3ddcade 2 | -------------------------------------------------------------------------------- /vertx-auth-jwt/src/main/java/examples/package-info.java: -------------------------------------------------------------------------------- 1 | @Source 2 | package examples; 3 | 4 | import io.vertx.docgen.Source; -------------------------------------------------------------------------------- /vertx-auth-oauth2/src/main/java/examples/package-info.java: -------------------------------------------------------------------------------- 1 | @Source 2 | package examples; 3 | 4 | import io.vertx.docgen.Source; -------------------------------------------------------------------------------- /vertx-auth-htdigest/src/main/java/examples/package-info.java: -------------------------------------------------------------------------------- 1 | @Source 2 | package examples; 3 | 4 | import io.vertx.docgen.Source; -------------------------------------------------------------------------------- /vertx-auth-htpasswd/src/main/java/examples/package-info.java: -------------------------------------------------------------------------------- 1 | @Source 2 | package examples; 3 | 4 | import io.vertx.docgen.Source; -------------------------------------------------------------------------------- /vertx-auth-sql-client/src/main/java/examples/package-info.java: -------------------------------------------------------------------------------- 1 | @Source 2 | package examples; 3 | 4 | import io.vertx.docgen.Source; -------------------------------------------------------------------------------- /vertx-auth-webauthn4j/src/main/java/examples/package-info.java: -------------------------------------------------------------------------------- 1 | @Source 2 | package examples; 3 | 4 | import io.vertx.docgen.Source; -------------------------------------------------------------------------------- /vertx-auth-jwt/src/test/resources/gce.jks: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/eclipse-vertx/vertx-auth/HEAD/vertx-auth-jwt/src/test/resources/gce.jks -------------------------------------------------------------------------------- /vertx-auth-common/src/test/resources/gce.jks: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/eclipse-vertx/vertx-auth/HEAD/vertx-auth-common/src/test/resources/gce.jks -------------------------------------------------------------------------------- /.github/dependabot.yml: -------------------------------------------------------------------------------- 1 | version: 2 2 | updates: 3 | - package-ecosystem: "maven" 4 | directory: "/" 5 | schedule: 6 | interval: "daily" 7 | -------------------------------------------------------------------------------- /vertx-auth-common/src/test/resources/keystore.p12: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/eclipse-vertx/vertx-auth/HEAD/vertx-auth-common/src/test/resources/keystore.p12 -------------------------------------------------------------------------------- /vertx-auth-jwt/src/test/resources/keystore.jceks: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/eclipse-vertx/vertx-auth/HEAD/vertx-auth-jwt/src/test/resources/keystore.jceks -------------------------------------------------------------------------------- /vertx-auth-common/src/test/resources/keystore.jceks: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/eclipse-vertx/vertx-auth/HEAD/vertx-auth-common/src/test/resources/keystore.jceks -------------------------------------------------------------------------------- /vertx-auth-common/src/test/resources/keystore.pkcs12: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/eclipse-vertx/vertx-auth/HEAD/vertx-auth-common/src/test/resources/keystore.pkcs12 -------------------------------------------------------------------------------- /vertx-auth-jwt/src/test/resources/es256-keystore.jceks: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/eclipse-vertx/vertx-auth/HEAD/vertx-auth-jwt/src/test/resources/es256-keystore.jceks -------------------------------------------------------------------------------- /vertx-auth-jwt/src/test/resources/keystore-race.jceks: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/eclipse-vertx/vertx-auth/HEAD/vertx-auth-jwt/src/test/resources/keystore-race.jceks -------------------------------------------------------------------------------- /vertx-auth-properties/README.adoc: -------------------------------------------------------------------------------- 1 | = Vert.x Auth File 2 | 3 | This module contains contains a Vert.x auth implementation where users, roles and permissions are read from a property file 4 | -------------------------------------------------------------------------------- /vertx-auth-common/README.adoc: -------------------------------------------------------------------------------- 1 | = Vert.x Auth Common 2 | 3 | This module contains common auth interfaces. 4 | 5 | Please see the http://vertx.io/docs/#authentication_and_authorisation[documentation] for more information. 6 | -------------------------------------------------------------------------------- /vertx-auth-htpasswd/src/main/resources/META-INF/services/io.vertx.ext.auth.hashing.HashingAlgorithm: -------------------------------------------------------------------------------- 1 | io.vertx.ext.auth.htpasswd.impl.hash.APR1 2 | io.vertx.ext.auth.htpasswd.impl.hash.SHA1 3 | io.vertx.ext.auth.htpasswd.impl.hash.Crypt 4 | -------------------------------------------------------------------------------- /vertx-auth-common/src/main/resources/META-INF/services/io.vertx.ext.auth.hashing.HashingAlgorithm: -------------------------------------------------------------------------------- 1 | io.vertx.ext.auth.impl.hash.SHA1 2 | io.vertx.ext.auth.impl.hash.SHA256 3 | io.vertx.ext.auth.impl.hash.SHA512 4 | io.vertx.ext.auth.impl.hash.PBKDF2 5 | -------------------------------------------------------------------------------- /vertx-auth-ldap/README.adoc: -------------------------------------------------------------------------------- 1 | = Vert.x Ldap Auth 2 | 3 | This module contains contains a Vert.x auth implementation which uses LDAP 4 | 5 | Please see the http://vertx.io/docs/#authentication_and_authorisation[documentation] for more information. 6 | -------------------------------------------------------------------------------- /vertx-auth-htpasswd/src/test/resources/.htpasswd: -------------------------------------------------------------------------------- 1 | bcrypt:$2y$05$QwbS8vp1A/yQ1AlQ8ySDOuzONdR3U6A.xATjBHno/.nvp8O55eVaG 2 | md5:$apr1$V45rK4cb$O6ozhQ3JtwlH94GhuUKRD1 3 | sha1:{SHA}VBPuJHI7uixaa6LQGWx4s+5GKNE= 4 | crypt:0MJgtfTc6oYDE 5 | plaintext:myPassword 6 | -------------------------------------------------------------------------------- /vertx-auth-abac/README.adoc: -------------------------------------------------------------------------------- 1 | = Vert.x Auth ABAC 2 | 3 | This module contains a simple Attribute Based Authorization Control auth interfaces. 4 | 5 | Please see the http://vertx.io/docs/#authentication_and_authorisation[documentation] for more information. 6 | -------------------------------------------------------------------------------- /vertx-auth-common/src/test/node/package.json: -------------------------------------------------------------------------------- 1 | { 2 | "name": "jwt-interop-tester", 3 | "private": true, 4 | "dependencies": { 5 | "jsonwebtoken": "7.4.1", 6 | "mocha": "3.4.2" 7 | }, 8 | "scripts": { 9 | "start": "mocha" 10 | } 11 | } 12 | -------------------------------------------------------------------------------- /vertx-auth-htdigest/README.adoc: -------------------------------------------------------------------------------- 1 | = Vert.x .htdigest Auth 2 | 3 | This module contains contains a Vert.x auth implementation which uses a .htdigest file to query user information. 4 | 5 | Please see the http://vertx.io/docs/#authentication_and_authorisation[documentation] for more information. 6 | -------------------------------------------------------------------------------- /vertx-auth-htpasswd/README.adoc: -------------------------------------------------------------------------------- 1 | = Vert.x htpasswd Auth 2 | 3 | This module contains a Vert.x auth implementation which uses a Apache htpasswd file to query user information. 4 | 5 | Please see the http://vertx.io/docs/#authentication_and_authorisation[documentation] for more information. 6 | -------------------------------------------------------------------------------- /vertx-auth-sql-client/README.adoc: -------------------------------------------------------------------------------- 1 | = Vert.x SQL Client Auth 2 | 3 | This module contains a Vert.x auth implementation which uses a Vert.x SQL client to query user/role/permission information. 4 | 5 | Please see the http://vertx.io/docs/#authentication_and_authorisation[documentation] for more information. 6 | -------------------------------------------------------------------------------- /vertx-auth-common/src/test/java/io/vertx/tests/it/JWKLegacyBase64Test.java: -------------------------------------------------------------------------------- 1 | package io.vertx.tests.it; 2 | 3 | import io.vertx.tests.JWKTest; 4 | 5 | public class JWKLegacyBase64Test extends JWKTest { 6 | 7 | static { 8 | System.setProperty("vertx.json.base64", "legacy"); 9 | } 10 | 11 | } 12 | -------------------------------------------------------------------------------- /.editorconfig: -------------------------------------------------------------------------------- 1 | root = true 2 | 3 | [*] 4 | charset = utf-8 5 | indent_style = space 6 | indent_size = 2 7 | trim_trailing_whitespace = true 8 | end_of_line = lf 9 | insert_final_newline = true 10 | 11 | [**/examples/**.java] 12 | # 84 looks like a odd number, however 13 | # it accounts for 4 spaces (class and example method indentation) 14 | max_line_length = 84 15 | -------------------------------------------------------------------------------- /vertx-auth-properties/src/test/resources/test-auth.properties: -------------------------------------------------------------------------------- 1 | user.tim=sausages,morris_dancer,developer 2 | user.bob=socks,developer 3 | user.paulo=secret,administrator 4 | user.editor=secret,editor 5 | role.morris_dancer=bang_sticks 6 | role.manager=play_golf,say_buzzwords 7 | role.developer=do_actual_work 8 | role.administrator=* 9 | role.editor=newsletter:edit:* 10 | -------------------------------------------------------------------------------- /.github/ISSUE_TEMPLATE.md: -------------------------------------------------------------------------------- 1 | ### Version 2 | 3 | * vert.x core: 4 | * vert.x auth: 5 | 6 | ### Context 7 | 8 | I encountered an exception which looks suspicious while ... 9 | 10 | ### Do you have a reproducer? 11 | 12 | * Link to github project/gist 13 | 14 | ### Steps to reproduce 15 | 16 | 1. ... 17 | 2. ... 18 | 3. ... 19 | 4. ... 20 | 21 | ### Extra 22 | 23 | * Anything that can be relevant 24 | -------------------------------------------------------------------------------- /.github/workflows/ci-5.x.yml: -------------------------------------------------------------------------------- 1 | name: vertx-auth (5.x) 2 | on: 3 | push: 4 | branches: 5 | - master 6 | pull_request: 7 | branches: 8 | - master 9 | schedule: 10 | - cron: '0 5 * * *' 11 | jobs: 12 | CI-CD: 13 | uses: ./.github/workflows/ci-matrix-5.x.yml 14 | secrets: inherit 15 | with: 16 | branch: ${{ github.event.pull_request.head.sha || github.ref_name }} 17 | -------------------------------------------------------------------------------- /vertx-auth-abac/src/test/resources/authz-policy.json: -------------------------------------------------------------------------------- 1 | { 2 | "cashier-shop-admin" : { 3 | "type" : "wildcard", 4 | "permission" : "txo.shop:*" 5 | }, 6 | "cashier-shop-nl" : { 7 | "type" : "wildcard", 8 | "permission" : "txo.shop:nl" 9 | }, 10 | "cashier-shop-global-reader" : { 11 | "type" : "wildcard", 12 | "permission" : "txo.shop:*", 13 | "resource" : "read" 14 | } 15 | } 16 | -------------------------------------------------------------------------------- /.gitignore: -------------------------------------------------------------------------------- 1 | .DS_Store 2 | .gradle 3 | .idea 4 | .classpath 5 | .project 6 | .settings 7 | .yardoc 8 | .yardopts 9 | build 10 | target 11 | out 12 | *.iml 13 | *.ipr 14 | *.iws 15 | test-output 16 | Scratch.java 17 | ScratchTest.java 18 | test-results 19 | test-tmp 20 | *.class 21 | ScratchPad.java 22 | src/main/resources/ext-js/*.js 23 | src/main/java/io/vertx/java/**/*.java 24 | src/main/groovy/io/vertx/groovy/**/*.groovy 25 | *.swp 26 | node_modules 27 | 28 | -------------------------------------------------------------------------------- /vertx-auth-ldap/src/test/resources/ldap.ldif: -------------------------------------------------------------------------------- 1 | version: 1 2 | dn: dc=myorg,dc=com 3 | objectClass: domain 4 | objectClass: top 5 | dc: myorg 6 | 7 | dn: ou=Users,dc=myorg,dc=com 8 | objectClass: organizationalUnit 9 | objectClass: top 10 | ou: Users 11 | 12 | dn: uid=tim,ou=Users,dc=myorg,dc=com 13 | objectClass: inetOrgPerson 14 | objectClass: organizationalPerson 15 | objectClass: person 16 | objectClass: top 17 | cn: Tim fox 18 | sn: Ldap 19 | uid: tim 20 | userPassword: sausages 21 | 22 | -------------------------------------------------------------------------------- /.github/workflows/ci-5.x-stable.yml: -------------------------------------------------------------------------------- 1 | name: vertx-auth (5.x-stable) 2 | on: 3 | push: 4 | branches: 5 | - '5.[0-9]+' 6 | pull_request: 7 | branches: 8 | - '5.[0-9]+' 9 | schedule: 10 | - cron: '0 6 * * *' 11 | jobs: 12 | CI-CD: 13 | uses: ./.github/workflows/ci-matrix-5.x.yml 14 | secrets: inherit 15 | with: 16 | branch: ${{ github.event_name == 'schedule' && vars.VERTX_5_STABLE_BRANCH || github.event.pull_request.head.sha || github.ref_name }} 17 | -------------------------------------------------------------------------------- /vertx-auth-common/src/main/java/io/vertx/ext/auth/impl/jose/algo/Signer.java: -------------------------------------------------------------------------------- 1 | package io.vertx.ext.auth.impl.jose.algo; 2 | 3 | import java.security.GeneralSecurityException; 4 | 5 | /** 6 | * Token signing contract. 7 | */ 8 | @FunctionalInterface 9 | public interface Signer { 10 | 11 | /** 12 | * Sign the payload. 13 | * 14 | * @param payload 15 | * @return 16 | * @throws GeneralSecurityException 17 | */ 18 | byte[] sign(byte[] payload) throws GeneralSecurityException; 19 | 20 | } 21 | -------------------------------------------------------------------------------- /vertx-auth-jwt/README.adoc: -------------------------------------------------------------------------------- 1 | = Vert.x JWT Auth 2 | 3 | This module contains contains a Vert.x auth implementation which uses JSON Web Tokens (JWT) 4 | 5 | Please see the http://vertx.io/docs/#authentication_and_authorisation[documentation] for more information. 6 | 7 | NOTE: 8 | 9 | If you're developing on this code you will need Oracle JDK in order to run the tests. 10 | The reason why is because we test strong cryptography algorithms such as Elliptic Curve and these are not available by default with OpenJDK itself. 11 | -------------------------------------------------------------------------------- /vertx-auth-common/src/test/node/test-x5c/package.json: -------------------------------------------------------------------------------- 1 | { 2 | "name": "jwt-test", 3 | "type": "module", 4 | "private": true, 5 | "dependencies": { 6 | "node-jose": "*", 7 | "pem": "*" 8 | }, 9 | "scripts": { 10 | "start": "node index.mjs", 11 | "preopenssl": "openssl genrsa -out private2048b.key 2048", 12 | "openssl": "openssl req -new -key private2048b.key -out myrequest2048.csr", 13 | "postopenssl": "openssl x509 -req -days 3650 -in myrequest2048.csr -signkey private2048b.key -out public2048b.crt" 14 | } 15 | } 16 | -------------------------------------------------------------------------------- /vertx-auth-webauthn4j/src/main/java/io/vertx/ext/auth/webauthn4j/WebAuthn4JException.java: -------------------------------------------------------------------------------- 1 | package io.vertx.ext.auth.webauthn4j; 2 | 3 | import io.vertx.codegen.annotations.GenIgnore; 4 | 5 | @SuppressWarnings("serial") 6 | @GenIgnore 7 | public class WebAuthn4JException extends RuntimeException { 8 | public WebAuthn4JException(String message) { 9 | super(message); 10 | } 11 | public WebAuthn4JException(String message, Throwable cause) { 12 | super(message, cause); 13 | } 14 | public WebAuthn4JException(Throwable cause) { 15 | super(cause); 16 | } 17 | } 18 | -------------------------------------------------------------------------------- /vertx-auth-abac/src/test/java/module-info.java: -------------------------------------------------------------------------------- 1 | /* 2 | * Copyright (c) 2011-2024 Contributors to the Eclipse Foundation 3 | * 4 | * This program and the accompanying materials are made available under the 5 | * terms of the Eclipse Public License 2.0 which is available at 6 | * http://www.eclipse.org/legal/epl-2.0, or the Apache License, Version 2.0 7 | * which is available at https://www.apache.org/licenses/LICENSE-2.0. 8 | * 9 | * SPDX-License-Identifier: EPL-2.0 OR Apache-2.0 10 | */ 11 | open module io.vertx.tests { 12 | requires io.vertx.auth.abac; 13 | requires io.vertx.testing.unit; 14 | requires junit; 15 | } 16 | -------------------------------------------------------------------------------- /vertx-auth-jwt/src/test/java/module-info.java: -------------------------------------------------------------------------------- 1 | /* 2 | * Copyright (c) 2011-2024 Contributors to the Eclipse Foundation 3 | * 4 | * This program and the accompanying materials are made available under the 5 | * terms of the Eclipse Public License 2.0 which is available at 6 | * http://www.eclipse.org/legal/epl-2.0, or the Apache License, Version 2.0 7 | * which is available at https://www.apache.org/licenses/LICENSE-2.0. 8 | * 9 | * SPDX-License-Identifier: EPL-2.0 OR Apache-2.0 10 | */ 11 | open module io.vertx.tests { 12 | requires io.vertx.auth.jwt; 13 | requires io.vertx.testing.unit; 14 | requires junit; 15 | } 16 | -------------------------------------------------------------------------------- /vertx-auth-otp/src/test/java/module-info.java: -------------------------------------------------------------------------------- 1 | /* 2 | * Copyright (c) 2011-2024 Contributors to the Eclipse Foundation 3 | * 4 | * This program and the accompanying materials are made available under the 5 | * terms of the Eclipse Public License 2.0 which is available at 6 | * http://www.eclipse.org/legal/epl-2.0, or the Apache License, Version 2.0 7 | * which is available at https://www.apache.org/licenses/LICENSE-2.0. 8 | * 9 | * SPDX-License-Identifier: EPL-2.0 OR Apache-2.0 10 | */ 11 | open module io.vertx.tests { 12 | requires io.vertx.auth.otp; 13 | requires io.vertx.testing.unit; 14 | requires junit; 15 | } 16 | -------------------------------------------------------------------------------- /vertx-auth-htdigest/src/test/java/module-info.java: -------------------------------------------------------------------------------- 1 | /* 2 | * Copyright (c) 2011-2024 Contributors to the Eclipse Foundation 3 | * 4 | * This program and the accompanying materials are made available under the 5 | * terms of the Eclipse Public License 2.0 which is available at 6 | * http://www.eclipse.org/legal/epl-2.0, or the Apache License, Version 2.0 7 | * which is available at https://www.apache.org/licenses/LICENSE-2.0. 8 | * 9 | * SPDX-License-Identifier: EPL-2.0 OR Apache-2.0 10 | */ 11 | open module io.vertx.tests { 12 | requires io.vertx.auth.htdigest; 13 | requires io.vertx.testing.unit; 14 | requires junit; 15 | } 16 | -------------------------------------------------------------------------------- /vertx-auth-htpasswd/src/test/java/module-info.java: -------------------------------------------------------------------------------- 1 | /* 2 | * Copyright (c) 2011-2024 Contributors to the Eclipse Foundation 3 | * 4 | * This program and the accompanying materials are made available under the 5 | * terms of the Eclipse Public License 2.0 which is available at 6 | * http://www.eclipse.org/legal/epl-2.0, or the Apache License, Version 2.0 7 | * which is available at https://www.apache.org/licenses/LICENSE-2.0. 8 | * 9 | * SPDX-License-Identifier: EPL-2.0 OR Apache-2.0 10 | */ 11 | open module io.vertx.tests { 12 | requires io.vertx.auth.htpasswd; 13 | requires io.vertx.testing.unit; 14 | requires junit; 15 | } 16 | -------------------------------------------------------------------------------- /vertx-auth-properties/src/test/java/module-info.java: -------------------------------------------------------------------------------- 1 | /* 2 | * Copyright (c) 2011-2024 Contributors to the Eclipse Foundation 3 | * 4 | * This program and the accompanying materials are made available under the 5 | * terms of the Eclipse Public License 2.0 which is available at 6 | * http://www.eclipse.org/legal/epl-2.0, or the Apache License, Version 2.0 7 | * which is available at https://www.apache.org/licenses/LICENSE-2.0. 8 | * 9 | * SPDX-License-Identifier: EPL-2.0 OR Apache-2.0 10 | */ 11 | open module io.vertx.tests { 12 | requires io.vertx.auth.properties; 13 | requires io.vertx.testing.unit; 14 | requires junit; 15 | } 16 | -------------------------------------------------------------------------------- /vertx-auth-common/src/test/java/io/vertx/tests/impl/UserConverterTest.java: -------------------------------------------------------------------------------- 1 | package io.vertx.tests.impl; 2 | 3 | import io.vertx.core.json.JsonObject; 4 | import io.vertx.ext.auth.impl.UserConverter; 5 | import io.vertx.ext.auth.impl.UserImpl; 6 | import org.junit.Test; 7 | 8 | import static org.junit.Assert.*; 9 | 10 | public class UserConverterTest { 11 | 12 | @Test 13 | public void encode_UserImpl_defaultCtor() { 14 | JsonObject json = UserConverter.encode(new UserImpl()); 15 | assertNull(json.getValue("principal")); 16 | assertFalse(json.containsKey("authorizations")); 17 | assertNull(json.getValue("attributes")); 18 | } 19 | } 20 | -------------------------------------------------------------------------------- /vertx-auth-abac/src/main/java/module-info.java: -------------------------------------------------------------------------------- 1 | /* 2 | * Copyright (c) 2011-2024 Contributors to the Eclipse Foundation 3 | * 4 | * This program and the accompanying materials are made available under the 5 | * terms of the Eclipse Public License 2.0 which is available at 6 | * http://www.eclipse.org/legal/epl-2.0, or the Apache License, Version 2.0 7 | * which is available at https://www.apache.org/licenses/LICENSE-2.0. 8 | * 9 | * SPDX-License-Identifier: EPL-2.0 OR Apache-2.0 10 | */ 11 | module io.vertx.auth.abac { 12 | requires transitive io.vertx.auth.common; 13 | requires static io.vertx.codegen.api; 14 | requires static io.vertx.docgen; 15 | exports io.vertx.ext.auth.abac; 16 | } 17 | -------------------------------------------------------------------------------- /README.adoc: -------------------------------------------------------------------------------- 1 | = Vert.x Auth 2 | 3 | image:https://github.com/eclipse-vertx/vertx-auth/actions/workflows/ci-5.x.yml/badge.svg["Build Status (5.x)",link="https://github.com/eclipse-vertx/vertx-auth/actions/workflows/ci-5.x.yml"] 4 | image:https://github.com/eclipse-vertx/vertx-auth/actions/workflows/ci-4.x.yml/badge.svg["Build Status (4.x)",link="https://github.com/eclipse-vertx/vertx-auth/actions/workflows/ci-4.x.yml"] 5 | 6 | This module contains auth implementations for Vert.x and common auth interfaces 7 | 8 | Particular implementations are stored in sub modules. 9 | 10 | Legacy modules (vertx-auth-mongo, vertx-auth-jdbc, vertx-auth-shiro) are maintained at https://github.com/vert-x3/vertx-auth. 11 | 12 | 13 | -------------------------------------------------------------------------------- /vertx-auth-abac/src/main/java/examples/package-info.java: -------------------------------------------------------------------------------- 1 | /* 2 | * Copyright 2014 Red Hat, Inc. 3 | * 4 | * All rights reserved. This program and the accompanying materials 5 | * are made available under the terms of the Eclipse Public License v1.0 6 | * and Apache License v2.0 which accompanies this distribution. 7 | * 8 | * The Eclipse Public License is available at 9 | * http://www.eclipse.org/legal/epl-v10.html 10 | * 11 | * The Apache License v2.0 is available at 12 | * http://www.opensource.org/licenses/apache2.0.php 13 | * 14 | * You may elect to redistribute this code under either of these licenses. 15 | */ 16 | 17 | @Source 18 | package examples; 19 | 20 | import io.vertx.docgen.Source; -------------------------------------------------------------------------------- /vertx-auth-common/src/main/java/examples/package-info.java: -------------------------------------------------------------------------------- 1 | /* 2 | * Copyright 2014 Red Hat, Inc. 3 | * 4 | * All rights reserved. This program and the accompanying materials 5 | * are made available under the terms of the Eclipse Public License v1.0 6 | * and Apache License v2.0 which accompanies this distribution. 7 | * 8 | * The Eclipse Public License is available at 9 | * http://www.eclipse.org/legal/epl-v10.html 10 | * 11 | * The Apache License v2.0 is available at 12 | * http://www.opensource.org/licenses/apache2.0.php 13 | * 14 | * You may elect to redistribute this code under either of these licenses. 15 | */ 16 | 17 | @Source 18 | package examples; 19 | 20 | import io.vertx.docgen.Source; -------------------------------------------------------------------------------- /vertx-auth-common/src/main/java/io/vertx/ext/auth/impl/jose/algo/Verifier.java: -------------------------------------------------------------------------------- 1 | package io.vertx.ext.auth.impl.jose.algo; 2 | 3 | import java.security.GeneralSecurityException; 4 | 5 | /** 6 | * Token signature verification contract. 7 | */ 8 | @FunctionalInterface 9 | public interface Verifier { 10 | 11 | /** 12 | * Verify {@code payload} matches the {@code signature}. 13 | * 14 | * @param signature the expected result 15 | * @param payload the tested data 16 | * @return whether verification succeeded 17 | * @throws GeneralSecurityException anything that could prevent verification to happen 18 | */ 19 | boolean verify(byte[] signature, byte[] payload) throws GeneralSecurityException; 20 | } 21 | -------------------------------------------------------------------------------- /vertx-auth-jwt/src/test/java/io/vertx/tests/DummyVerticle.java: -------------------------------------------------------------------------------- 1 | package io.vertx.tests; 2 | 3 | import io.vertx.core.Future; 4 | import io.vertx.core.VerticleBase; 5 | import io.vertx.ext.auth.KeyStoreOptions; 6 | import io.vertx.ext.auth.jwt.JWTAuth; 7 | import io.vertx.ext.auth.jwt.JWTAuthOptions; 8 | 9 | public class DummyVerticle extends VerticleBase { 10 | 11 | private static final JWTAuthOptions config = new JWTAuthOptions() 12 | .setKeyStore(new KeyStoreOptions() 13 | .setPath("keystore.jceks") 14 | .setType("jceks") 15 | .setPassword("secret")); 16 | 17 | public Future start() throws Exception { 18 | JWTAuth.create(vertx, config); 19 | return super.start(); 20 | } 21 | } 22 | -------------------------------------------------------------------------------- /vertx-auth-properties/src/main/java/module-info.java: -------------------------------------------------------------------------------- 1 | /* 2 | * Copyright (c) 2011-2024 Contributors to the Eclipse Foundation 3 | * 4 | * This program and the accompanying materials are made available under the 5 | * terms of the Eclipse Public License 2.0 which is available at 6 | * http://www.eclipse.org/legal/epl-2.0, or the Apache License, Version 2.0 7 | * which is available at https://www.apache.org/licenses/LICENSE-2.0. 8 | * 9 | * SPDX-License-Identifier: EPL-2.0 OR Apache-2.0 10 | */ 11 | module io.vertx.auth.properties { 12 | requires transitive io.vertx.auth.common; 13 | requires io.vertx.core.logging; 14 | requires static io.vertx.codegen.api; 15 | exports io.vertx.ext.auth.properties; 16 | } 17 | -------------------------------------------------------------------------------- /vertx-auth-ldap/src/main/java/module-info.java: -------------------------------------------------------------------------------- 1 | /* 2 | * Copyright (c) 2011-2024 Contributors to the Eclipse Foundation 3 | * 4 | * This program and the accompanying materials are made available under the 5 | * terms of the Eclipse Public License 2.0 which is available at 6 | * http://www.eclipse.org/legal/epl-2.0, or the Apache License, Version 2.0 7 | * which is available at https://www.apache.org/licenses/LICENSE-2.0. 8 | * 9 | * SPDX-License-Identifier: EPL-2.0 OR Apache-2.0 10 | */ 11 | module io.vertx.auth.ldap { 12 | requires transitive io.vertx.auth.common; 13 | requires java.naming; 14 | requires static io.vertx.codegen.api; 15 | requires static io.vertx.codegen.json; 16 | exports io.vertx.ext.auth.ldap; 17 | } 18 | -------------------------------------------------------------------------------- /.github/workflows/ci-4.x.yml: -------------------------------------------------------------------------------- 1 | name: vertx-auth (4.x) 2 | on: 3 | schedule: 4 | - cron: '0 4 * * *' 5 | jobs: 6 | CI: 7 | strategy: 8 | matrix: 9 | include: 10 | - os: ubuntu-latest 11 | jdk: 8 12 | - os: ubuntu-latest 13 | jdk: 17 14 | uses: ./.github/workflows/ci.yml 15 | with: 16 | branch: 4.x 17 | jdk: ${{ matrix.jdk }} 18 | os: ${{ matrix.os }} 19 | secrets: inherit 20 | Deploy: 21 | if: ${{ github.repository_owner == 'eclipse-vertx' && (github.event_name == 'push' || github.event_name == 'schedule') }} 22 | needs: CI 23 | uses: ./.github/workflows/deploy.yml 24 | with: 25 | branch: 4.x 26 | jdk: 8 27 | secrets: inherit 28 | -------------------------------------------------------------------------------- /vertx-auth-ldap/src/test/java/module-info.java: -------------------------------------------------------------------------------- 1 | /* 2 | * Copyright (c) 2011-2024 Contributors to the Eclipse Foundation 3 | * 4 | * This program and the accompanying materials are made available under the 5 | * terms of the Eclipse Public License 2.0 which is available at 6 | * http://www.eclipse.org/legal/epl-2.0, or the Apache License, Version 2.0 7 | * which is available at https://www.apache.org/licenses/LICENSE-2.0. 8 | * 9 | * SPDX-License-Identifier: EPL-2.0 OR Apache-2.0 10 | */ 11 | open module io.vertx.tests { 12 | requires apacheds.core.annotations; 13 | requires apacheds.server.annotations; 14 | requires apacheds.test.framework; 15 | requires io.vertx.auth.ldap; 16 | requires io.vertx.testing.unit; 17 | requires junit; 18 | } 19 | -------------------------------------------------------------------------------- /vertx-auth-htdigest/src/main/java/module-info.java: -------------------------------------------------------------------------------- 1 | /* 2 | * Copyright (c) 2011-2024 Contributors to the Eclipse Foundation 3 | * 4 | * This program and the accompanying materials are made available under the 5 | * terms of the Eclipse Public License 2.0 which is available at 6 | * http://www.eclipse.org/legal/epl-2.0, or the Apache License, Version 2.0 7 | * which is available at https://www.apache.org/licenses/LICENSE-2.0. 8 | * 9 | * SPDX-License-Identifier: EPL-2.0 OR Apache-2.0 10 | */ 11 | module io.vertx.auth.htdigest { 12 | requires transitive io.vertx.auth.common; 13 | requires static io.vertx.codegen.api; 14 | requires static io.vertx.codegen.json; 15 | requires static io.vertx.docgen; 16 | exports io.vertx.ext.auth.htdigest; 17 | } 18 | -------------------------------------------------------------------------------- /vertx-auth-sql-client/src/main/java/module-info.java: -------------------------------------------------------------------------------- 1 | /* 2 | * Copyright (c) 2011-2024 Contributors to the Eclipse Foundation 3 | * 4 | * This program and the accompanying materials are made available under the 5 | * terms of the Eclipse Public License 2.0 which is available at 6 | * http://www.eclipse.org/legal/epl-2.0, or the Apache License, Version 2.0 7 | * which is available at https://www.apache.org/licenses/LICENSE-2.0. 8 | * 9 | * SPDX-License-Identifier: EPL-2.0 OR Apache-2.0 10 | */ 11 | module io.vertx.auth.sqlclient { 12 | requires transitive io.vertx.auth.common; 13 | requires transitive io.vertx.sql.client; 14 | requires static io.vertx.codegen.api; 15 | requires static io.vertx.codegen.json; 16 | requires static io.vertx.docgen; 17 | } 18 | -------------------------------------------------------------------------------- /vertx-auth-abac/src/main/java/io/vertx/ext/auth/abac/impl/Operator.java: -------------------------------------------------------------------------------- 1 | /* 2 | * Copyright 2014 Red Hat, Inc. 3 | * 4 | * All rights reserved. This program and the accompanying materials 5 | * are made available under the terms of the Eclipse Public License v1.0 6 | * and Apache License v2.0 which accompanies this distribution. 7 | * 8 | * The Eclipse Public License is available at 9 | * http://www.eclipse.org/legal/epl-v10.html 10 | * 11 | * The Apache License v2.0 is available at 12 | * http://www.opensource.org/licenses/apache2.0.php 13 | * 14 | * You may elect to redistribute this code under either of these licenses. 15 | */ 16 | package io.vertx.ext.auth.abac.impl; 17 | 18 | public enum Operator { 19 | HAS, 20 | EQ, 21 | NE, 22 | FN 23 | } 24 | -------------------------------------------------------------------------------- /.github/workflows/ci.yml: -------------------------------------------------------------------------------- 1 | name: CI 2 | on: 3 | workflow_call: 4 | inputs: 5 | branch: 6 | required: true 7 | type: string 8 | jdk: 9 | default: 8 10 | type: string 11 | os: 12 | default: ubuntu-latest 13 | type: string 14 | jobs: 15 | Test: 16 | name: Run tests 17 | runs-on: ${{ inputs.os }} 18 | steps: 19 | - name: Checkout 20 | uses: actions/checkout@v3 21 | with: 22 | ref: ${{ inputs.branch }} 23 | - name: Install JDK 24 | uses: actions/setup-java@v3 25 | with: 26 | java-version: ${{ inputs.jdk }} 27 | distribution: temurin 28 | - name: Run tests 29 | run: mvn -s .github/maven-ci-settings.xml -q clean verify -B 30 | -------------------------------------------------------------------------------- /vertx-auth-otp/src/main/java/module-info.java: -------------------------------------------------------------------------------- 1 | /* 2 | * Copyright (c) 2011-2024 Contributors to the Eclipse Foundation 3 | * 4 | * This program and the accompanying materials are made available under the 5 | * terms of the Eclipse Public License 2.0 which is available at 6 | * http://www.eclipse.org/legal/epl-2.0, or the Apache License, Version 2.0 7 | * which is available at https://www.apache.org/licenses/LICENSE-2.0. 8 | * 9 | * SPDX-License-Identifier: EPL-2.0 OR Apache-2.0 10 | */ 11 | module io.vertx.auth.otp { 12 | requires transitive io.vertx.auth.common; 13 | requires static io.vertx.codegen.api; 14 | requires static io.vertx.codegen.json; 15 | exports io.vertx.ext.auth.otp; 16 | exports io.vertx.ext.auth.otp.hotp; 17 | exports io.vertx.ext.auth.otp.totp; 18 | } 19 | -------------------------------------------------------------------------------- /vertx-auth-webauthn4j/src/test/java/module-info.java: -------------------------------------------------------------------------------- 1 | /* 2 | * Copyright (c) 2011-2024 Contributors to the Eclipse Foundation 3 | * 4 | * This program and the accompanying materials are made available under the 5 | * terms of the Eclipse Public License 2.0 which is available at 6 | * http://www.eclipse.org/legal/epl-2.0, or the Apache License, Version 2.0 7 | * which is available at https://www.apache.org/licenses/LICENSE-2.0. 8 | * 9 | * SPDX-License-Identifier: EPL-2.0 OR Apache-2.0 10 | */ 11 | open module io.vertx.tests { 12 | requires io.vertx.auth.common; 13 | requires io.vertx.auth.webauthn4j; 14 | requires io.vertx.testing.unit; 15 | requires junit; 16 | requires com.webauthn4j.metadata.async; 17 | requires com.webauthn4j.test; 18 | requires io.vertx.core; 19 | } 20 | -------------------------------------------------------------------------------- /vertx-auth-common/src/main/java/io/vertx/ext/auth/package-info.java: -------------------------------------------------------------------------------- 1 | /* 2 | * Copyright 2014 Red Hat, Inc. 3 | * 4 | * All rights reserved. This program and the accompanying materials 5 | * are made available under the terms of the Eclipse Public License v1.0 6 | * and Apache License v2.0 which accompanies this distribution. 7 | * 8 | * The Eclipse Public License is available at 9 | * http://www.eclipse.org/legal/epl-v10.html 10 | * 11 | * The Apache License v2.0 is available at 12 | * http://www.opensource.org/licenses/apache2.0.php 13 | * 14 | * You may elect to redistribute this code under either of these licenses. 15 | */ 16 | @ModuleGen(name = "vertx-auth-common", groupPackage = "io.vertx") 17 | package io.vertx.ext.auth; 18 | 19 | import io.vertx.codegen.annotations.ModuleGen; 20 | -------------------------------------------------------------------------------- /vertx-auth-abac/src/main/java/io/vertx/ext/auth/abac/package-info.java: -------------------------------------------------------------------------------- 1 | /* 2 | * Copyright 2014 Red Hat, Inc. 3 | * 4 | * All rights reserved. This program and the accompanying materials 5 | * are made available under the terms of the Eclipse Public License v1.0 6 | * and Apache License v2.0 which accompanies this distribution. 7 | * 8 | * The Eclipse Public License is available at 9 | * http://www.eclipse.org/legal/epl-v10.html 10 | * 11 | * The Apache License v2.0 is available at 12 | * http://www.opensource.org/licenses/apache2.0.php 13 | * 14 | * You may elect to redistribute this code under either of these licenses. 15 | */ 16 | @ModuleGen(name = "vertx-auth-abac", groupPackage = "io.vertx") 17 | package io.vertx.ext.auth.abac; 18 | 19 | import io.vertx.codegen.annotations.ModuleGen; 20 | -------------------------------------------------------------------------------- /vertx-auth-jwt/src/main/java/io/vertx/ext/auth/jwt/package-info.java: -------------------------------------------------------------------------------- 1 | /* 2 | * Copyright 2014 Red Hat, Inc. 3 | * 4 | * All rights reserved. This program and the accompanying materials 5 | * are made available under the terms of the Eclipse Public License v1.0 6 | * and Apache License v2.0 which accompanies this distribution. 7 | * 8 | * The Eclipse Public License is available at 9 | * http://www.eclipse.org/legal/epl-v10.html 10 | * 11 | * The Apache License v2.0 is available at 12 | * http://www.opensource.org/licenses/apache2.0.php 13 | * 14 | * You may elect to redistribute this code under either of these licenses. 15 | */ 16 | 17 | @ModuleGen(name = "vertx-auth-jwt", groupPackage = "io.vertx") 18 | package io.vertx.ext.auth.jwt; 19 | 20 | import io.vertx.codegen.annotations.ModuleGen; 21 | -------------------------------------------------------------------------------- /vertx-auth-otp/src/main/java/io/vertx/ext/auth/otp/package-info.java: -------------------------------------------------------------------------------- 1 | /* 2 | * Copyright 2022 Red Hat, Inc. 3 | * 4 | * All rights reserved. This program and the accompanying materials 5 | * are made available under the terms of the Eclipse Public License v1.0 6 | * and Apache License v2.0 which accompanies this distribution. 7 | * 8 | * The Eclipse Public License is available at 9 | * http://www.eclipse.org/legal/epl-v10.html 10 | * 11 | * The Apache License v2.0 is available at 12 | * http://www.opensource.org/licenses/apache2.0.php 13 | * 14 | * You may elect to redistribute this code under either of these licenses. 15 | */ 16 | 17 | @ModuleGen(name = "vertx-auth-otp", groupPackage = "io.vertx") 18 | package io.vertx.ext.auth.otp; 19 | 20 | import io.vertx.codegen.annotations.ModuleGen; 21 | -------------------------------------------------------------------------------- /vertx-auth-ldap/src/main/java/io/vertx/ext/auth/ldap/package-info.java: -------------------------------------------------------------------------------- 1 | /* 2 | * Copyright 2014 Red Hat, Inc. 3 | * 4 | * All rights reserved. This program and the accompanying materials 5 | * are made available under the terms of the Eclipse Public License v1.0 6 | * and Apache License v2.0 which accompanies this distribution. 7 | * 8 | * The Eclipse Public License is available at 9 | * http://www.eclipse.org/legal/epl-v10.html 10 | * 11 | * The Apache License v2.0 is available at 12 | * http://www.opensource.org/licenses/apache2.0.php 13 | * 14 | * You may elect to redistribute this code under either of these licenses. 15 | */ 16 | 17 | @ModuleGen(name = "vertx-auth-ldap", groupPackage = "io.vertx") 18 | package io.vertx.ext.auth.ldap; 19 | 20 | import io.vertx.codegen.annotations.ModuleGen; 21 | -------------------------------------------------------------------------------- /vertx-auth-sql-client/src/main/resources/sql-auth-ddl.sql: -------------------------------------------------------------------------------- 1 | CREATE TABLE `users` 2 | ( 3 | `username` VARCHAR(255) NOT NULL, 4 | `password` VARCHAR(255) NOT NULL 5 | ); 6 | 7 | CREATE TABLE `users_roles` 8 | ( 9 | `username` VARCHAR(255) NOT NULL, 10 | `role` VARCHAR(255) NOT NULL 11 | ); 12 | 13 | CREATE TABLE `roles_perms` 14 | ( 15 | `role` VARCHAR(255) NOT NULL, 16 | `perm` VARCHAR(255) NOT NULL 17 | ); 18 | 19 | ALTER TABLE users 20 | ADD CONSTRAINT `pk_username` PRIMARY KEY (username); 21 | ALTER TABLE users_roles 22 | ADD CONSTRAINT `pk_users_roles` PRIMARY KEY (username, role); 23 | ALTER TABLE roles_perms 24 | ADD CONSTRAINT `pk_roles_perms` PRIMARY KEY (role, perm); 25 | 26 | ALTER TABLE users_roles 27 | ADD CONSTRAINT fk_username FOREIGN KEY (username) REFERENCES users (username); 28 | -------------------------------------------------------------------------------- /vertx-auth-htdigest/src/main/java/io/vertx/ext/auth/htdigest/package-info.java: -------------------------------------------------------------------------------- 1 | /* 2 | * Copyright 2016 Red Hat, Inc. 3 | * 4 | * All rights reserved. This program and the accompanying materials 5 | * are made available under the terms of the Eclipse Public License v1.0 6 | * and Apache License v2.0 which accompanies this distribution. 7 | * 8 | * The Eclipse Public License is available at 9 | * http://www.eclipse.org/legal/epl-v10.html 10 | * 11 | * The Apache License v2.0 is available at 12 | * http://www.opensource.org/licenses/apache2.0.php 13 | * 14 | * You may elect to redistribute this code under either of these licenses. 15 | */ 16 | @ModuleGen(name = "vertx-auth-htdigest", groupPackage = "io.vertx") 17 | package io.vertx.ext.auth.htdigest; 18 | 19 | import io.vertx.codegen.annotations.ModuleGen; 20 | -------------------------------------------------------------------------------- /vertx-auth-htpasswd/src/main/java/io/vertx/ext/auth/htpasswd/package-info.java: -------------------------------------------------------------------------------- 1 | /* 2 | * Copyright 2017 Red Hat, Inc. 3 | * 4 | * All rights reserved. This program and the accompanying materials 5 | * are made available under the terms of the Eclipse Public License v1.0 6 | * and Apache License v2.0 which accompanies this distribution. 7 | * 8 | * The Eclipse Public License is available at 9 | * http://www.eclipse.org/legal/epl-v10.html 10 | * 11 | * The Apache License v2.0 is available at 12 | * http://www.opensource.org/licenses/apache2.0.php 13 | * 14 | * You may elect to redistribute this code under either of these licenses. 15 | */ 16 | @ModuleGen(name = "vertx-auth-htpasswd", groupPackage = "io.vertx") 17 | package io.vertx.ext.auth.htpasswd; 18 | 19 | import io.vertx.codegen.annotations.ModuleGen; 20 | -------------------------------------------------------------------------------- /vertx-auth-oauth2/src/main/java/io/vertx/ext/auth/oauth2/package-info.java: -------------------------------------------------------------------------------- 1 | /* 2 | * Copyright 2015 Red Hat, Inc. 3 | * 4 | * All rights reserved. This program and the accompanying materials 5 | * are made available under the terms of the Eclipse Public License v1.0 6 | * and Apache License v2.0 which accompanies this distribution. 7 | * 8 | * The Eclipse Public License is available at 9 | * http://www.eclipse.org/legal/epl-v10.html 10 | * 11 | * The Apache License v2.0 is available at 12 | * http://www.opensource.org/licenses/apache2.0.php 13 | * 14 | * You may elect to redistribute this code under either of these licenses. 15 | */ 16 | 17 | @ModuleGen(name = "vertx-auth-oauth2", groupPackage = "io.vertx") 18 | package io.vertx.ext.auth.oauth2; 19 | 20 | import io.vertx.codegen.annotations.ModuleGen; 21 | -------------------------------------------------------------------------------- /vertx-auth-sql-client/src/main/java/io/vertx/ext/auth/sqlclient/package-info.java: -------------------------------------------------------------------------------- 1 | /* 2 | * Copyright 2014 Red Hat, Inc. 3 | * 4 | * All rights reserved. This program and the accompanying materials 5 | * are made available under the terms of the Eclipse Public License v1.0 6 | * and Apache License v2.0 which accompanies this distribution. 7 | * 8 | * The Eclipse Public License is available at 9 | * http://www.eclipse.org/legal/epl-v10.html 10 | * 11 | * The Apache License v2.0 is available at 12 | * http://www.opensource.org/licenses/apache2.0.php 13 | * 14 | * You may elect to redistribute this code under either of these licenses. 15 | */ 16 | 17 | @ModuleGen(name = "vertx-auth-sql-client", groupPackage = "io.vertx") 18 | package io.vertx.ext.auth.sqlclient; 19 | 20 | import io.vertx.codegen.annotations.ModuleGen; 21 | -------------------------------------------------------------------------------- /vertx-auth-webauthn4j/src/main/java/io/vertx/ext/auth/webauthn4j/package-info.java: -------------------------------------------------------------------------------- 1 | /* 2 | * Copyright 2014 Red Hat, Inc. 3 | * 4 | * All rights reserved. This program and the accompanying materials 5 | * are made available under the terms of the Eclipse Public License v1.0 6 | * and Apache License v2.0 which accompanies this distribution. 7 | * 8 | * The Eclipse Public License is available at 9 | * http://www.eclipse.org/legal/epl-v10.html 10 | * 11 | * The Apache License v2.0 is available at 12 | * http://www.opensource.org/licenses/apache2.0.php 13 | * 14 | * You may elect to redistribute this code under either of these licenses. 15 | */ 16 | 17 | @ModuleGen(name = "vertx-auth-webauthn", groupPackage = "io.vertx") 18 | package io.vertx.ext.auth.webauthn4j; 19 | 20 | import io.vertx.codegen.annotations.ModuleGen; 21 | -------------------------------------------------------------------------------- /vertx-auth-properties/src/main/java/io/vertx/ext/auth/properties/package-info.java: -------------------------------------------------------------------------------- 1 | /* 2 | * Copyright 2014 Red Hat, Inc. 3 | * 4 | * All rights reserved. This program and the accompanying materials 5 | * are made available under the terms of the Eclipse Public License v1.0 6 | * and Apache License v2.0 which accompanies this distribution. 7 | * 8 | * The Eclipse Public License is available at 9 | * http://www.eclipse.org/legal/epl-v10.html 10 | * 11 | * The Apache License v2.0 is available at 12 | * http://www.opensource.org/licenses/apache2.0.php 13 | * 14 | * You may elect to redistribute this code under either of these licenses. 15 | */ 16 | 17 | @ModuleGen(name = "vertx-auth-properties", groupPackage = "io.vertx") 18 | package io.vertx.ext.auth.properties; 19 | 20 | import io.vertx.codegen.annotations.ModuleGen; 21 | -------------------------------------------------------------------------------- /.github/workflows/ci-matrix-5.x.yml: -------------------------------------------------------------------------------- 1 | name: CI matrix (5.x) 2 | on: 3 | workflow_call: 4 | inputs: 5 | branch: 6 | required: true 7 | type: string 8 | jobs: 9 | CI: 10 | strategy: 11 | matrix: 12 | include: 13 | - os: ubuntu-latest 14 | jdk: 11 15 | - os: ubuntu-latest 16 | jdk: 21 17 | uses: ./.github/workflows/ci.yml 18 | with: 19 | branch: ${{ inputs.branch }} 20 | jdk: ${{ matrix.jdk }} 21 | os: ${{ matrix.os }} 22 | secrets: inherit 23 | Deploy: 24 | if: ${{ github.repository_owner == 'eclipse-vertx' && (github.event_name == 'push' || github.event_name == 'schedule') }} 25 | needs: CI 26 | uses: ./.github/workflows/deploy.yml 27 | with: 28 | branch: ${{ inputs.branch }} 29 | jdk: 11 30 | secrets: inherit 31 | -------------------------------------------------------------------------------- /vertx-auth-abac/src/main/java/io/vertx/ext/auth/abac/PolicyBasedAuthorizationProvider.java: -------------------------------------------------------------------------------- 1 | package io.vertx.ext.auth.abac; 2 | 3 | import io.vertx.codegen.annotations.Fluent; 4 | import io.vertx.codegen.annotations.VertxGen; 5 | import io.vertx.ext.auth.authorization.AuthorizationProvider; 6 | import io.vertx.ext.auth.abac.impl.PolicyBasedAuthorizationProviderImpl; 7 | 8 | import java.util.List; 9 | 10 | @VertxGen 11 | public interface PolicyBasedAuthorizationProvider extends AuthorizationProvider { 12 | 13 | static PolicyBasedAuthorizationProvider create() { 14 | return new PolicyBasedAuthorizationProviderImpl(); 15 | } 16 | 17 | @Fluent 18 | PolicyBasedAuthorizationProvider addPolicy(Policy policy); 19 | 20 | @Fluent 21 | PolicyBasedAuthorizationProvider setPolicies(List policies); 22 | 23 | @Fluent 24 | PolicyBasedAuthorizationProvider clear(); 25 | } 26 | -------------------------------------------------------------------------------- /vertx-auth-oauth2/src/main/java/module-info.java: -------------------------------------------------------------------------------- 1 | /* 2 | * Copyright (c) 2011-2024 Contributors to the Eclipse Foundation 3 | * 4 | * This program and the accompanying materials are made available under the 5 | * terms of the Eclipse Public License 2.0 which is available at 6 | * http://www.eclipse.org/legal/epl-2.0, or the Apache License, Version 2.0 7 | * which is available at https://www.apache.org/licenses/LICENSE-2.0. 8 | * 9 | * SPDX-License-Identifier: EPL-2.0 OR Apache-2.0 10 | */ 11 | module io.vertx.auth.oauth2 { 12 | 13 | requires transitive io.vertx.auth.common; 14 | requires io.vertx.core.logging; 15 | 16 | exports io.vertx.ext.auth.oauth2; 17 | exports io.vertx.ext.auth.oauth2.authorization; 18 | exports io.vertx.ext.auth.oauth2.providers; 19 | 20 | requires static io.vertx.codegen.api; 21 | requires static io.vertx.codegen.json; 22 | requires static io.vertx.docgen; 23 | 24 | } 25 | -------------------------------------------------------------------------------- /vertx-auth-jwt/src/main/java/module-info.java: -------------------------------------------------------------------------------- 1 | /* 2 | * Copyright (c) 2011-2024 Contributors to the Eclipse Foundation 3 | * 4 | * This program and the accompanying materials are made available under the 5 | * terms of the Eclipse Public License 2.0 which is available at 6 | * http://www.eclipse.org/legal/epl-2.0, or the Apache License, Version 2.0 7 | * which is available at https://www.apache.org/licenses/LICENSE-2.0. 8 | * 9 | * SPDX-License-Identifier: EPL-2.0 OR Apache-2.0 10 | */ 11 | module io.vertx.auth.jwt { 12 | 13 | requires transitive io.vertx.auth.common; 14 | requires io.vertx.core.logging; 15 | 16 | requires static io.vertx.codegen.api; 17 | requires static io.vertx.codegen.json; 18 | requires static io.vertx.docgen; 19 | 20 | exports io.vertx.ext.auth.jwt; 21 | exports io.vertx.ext.auth.jwt.authorization; 22 | 23 | exports io.vertx.ext.auth.jwt.impl to io.vertx.tests; 24 | 25 | } 26 | -------------------------------------------------------------------------------- /vertx-auth-common/src/test/resources/vertx-default-jul-logging.properties: -------------------------------------------------------------------------------- 1 | # 2 | # Copyright 2014 Red Hat, Inc. 3 | # 4 | # All rights reserved. This program and the accompanying materials 5 | # are made available under the terms of the Eclipse Public License v1.0 6 | # and Apache License v2.0 which accompanies this distribution. 7 | # 8 | # The Eclipse Public License is available at 9 | # http://www.eclipse.org/legal/epl-v10.html 10 | # 11 | # The Apache License v2.0 is available at 12 | # http://www.opensource.org/licenses/apache2.0.php 13 | # 14 | # You may elect to redistribute this code under either of these licenses. 15 | # 16 | java.util.logging.SimpleFormatter.format=%5$s %6$s\n 17 | java.util.logging.ConsoleHandler.formatter=java.util.logging.SimpleFormatter 18 | java.util.logging.ConsoleHandler.level=ALL 19 | 20 | handlers=java.util.logging.ConsoleHandler 21 | .level=INFO 22 | io.vertx.ext.auth.audit.level=ALL 23 | -------------------------------------------------------------------------------- /vertx-auth-webauthn4j/README.adoc: -------------------------------------------------------------------------------- 1 | = Vert.x WebAuthN4J Auth 2 | 3 | This component contains a WebAuthn authentication mechanism using https://github.com/webauthn4j/webauthn4j[WebAuthn4J]. 4 | To use this project, add the following dependency to the _dependencies_ section of your build descriptor: 5 | 6 | FIDO2 is a "passwordless" authentication mechanism and the JavaScript API is more known as WebAuthN. 7 | 8 | WebAuthN allows users to authenticate using a secure device or token and no passwords are exchange between the browser and the server (also known as Relay Party). 9 | 10 | The current implementation supports both authentication and device attestation. 11 | 12 | Device attestation is a verification of the device itself. 13 | Currently the following attestations are implemented: 14 | 15 | * none 16 | * U2F (FIDO-U2F tokens, e.g.: Yubikey's) 17 | * Packed 18 | * Android Key 19 | * Android Safetynet 20 | * TPM 21 | * Apple 22 | 23 | 24 | -------------------------------------------------------------------------------- /vertx-auth-otp/src/test/java/io/vertx/tests/DummyDatabase.java: -------------------------------------------------------------------------------- 1 | package io.vertx.tests; 2 | 3 | import io.vertx.core.Future; 4 | import io.vertx.ext.auth.otp.Authenticator; 5 | 6 | import java.util.Map; 7 | import java.util.concurrent.ConcurrentHashMap; 8 | 9 | public class DummyDatabase { 10 | 11 | private final Map DB = new ConcurrentHashMap<>(); 12 | 13 | public Future fetch(String id) { 14 | if (DB.containsKey(id)) { 15 | return Future.succeededFuture(DB.get(id)); 16 | } else { 17 | return Future.succeededFuture(); 18 | } 19 | } 20 | 21 | public Future upsert(Authenticator authenticator) { 22 | DB.put(authenticator.getIdentifier(), authenticator); 23 | return Future.succeededFuture(); 24 | } 25 | 26 | public DummyDatabase fixture(Authenticator authenticator) { 27 | DB.put(authenticator.getIdentifier(), authenticator); 28 | return this; 29 | } 30 | } 31 | -------------------------------------------------------------------------------- /vertx-auth-webauthn4j/src/main/java/module-info.java: -------------------------------------------------------------------------------- 1 | /* 2 | * Copyright (c) 2011-2024 Contributors to the Eclipse Foundation 3 | * 4 | * This program and the accompanying materials are made available under the 5 | * terms of the Eclipse Public License 2.0 which is available at 6 | * http://www.eclipse.org/legal/epl-2.0, or the Apache License, Version 2.0 7 | * which is available at https://www.apache.org/licenses/LICENSE-2.0. 8 | * 9 | * SPDX-License-Identifier: EPL-2.0 OR Apache-2.0 10 | */ 11 | module io.vertx.auth.webauthn4j { 12 | 13 | requires io.vertx.auth.common; 14 | requires io.vertx.core.logging; 15 | 16 | requires static io.vertx.codegen.api; 17 | requires static io.vertx.codegen.json; 18 | requires static io.vertx.docgen; 19 | requires com.webauthn4j.metadata.async; 20 | requires com.webauthn4j.core.async; 21 | 22 | exports io.vertx.ext.auth.webauthn4j; 23 | exports io.vertx.ext.auth.webauthn4j.impl to io.vertx.tests; 24 | } 25 | -------------------------------------------------------------------------------- /vertx-auth-common/src/test/java/io/vertx/tests/impl/CodecTest.java: -------------------------------------------------------------------------------- 1 | package io.vertx.tests.impl; 2 | 3 | import io.vertx.ext.auth.impl.Codec; 4 | import org.junit.Assert; 5 | import org.junit.Test; 6 | 7 | import java.nio.charset.StandardCharsets; 8 | 9 | import static org.junit.Assert.assertArrayEquals; 10 | import static org.junit.Assert.assertEquals; 11 | 12 | public class CodecTest { 13 | 14 | @Test 15 | public void testBase32() { 16 | String source = "The quick brown fox jumps over the lazy dog."; 17 | 18 | Assert.assertEquals( 19 | "KRUGKIDROVUWG2ZAMJZG653OEBTG66BANJ2W24DTEBXXMZLSEB2GQZJANRQXU6JAMRXWOLQ", 20 | Codec.base32Encode(source.getBytes(StandardCharsets.UTF_8)) 21 | ); 22 | } 23 | 24 | @Test 25 | public void testBase16() { 26 | byte[] source = "The quick brown fox jumps over the lazy dog.".getBytes(StandardCharsets.UTF_8); 27 | 28 | assertArrayEquals( 29 | source, 30 | Codec.base16Decode(Codec.base16Encode(source)) 31 | ); 32 | } 33 | } 34 | -------------------------------------------------------------------------------- /vertx-auth-common/src/main/java/io/vertx/ext/auth/audit/Marker.java: -------------------------------------------------------------------------------- 1 | /* 2 | * Copyright 2023 Red Hat, Inc. 3 | * 4 | * All rights reserved. This program and the accompanying materials 5 | * are made available under the terms of the Eclipse Public License v1.0 6 | * and Apache License v2.0 which accompanies this distribution. 7 | * 8 | * The Eclipse Public License is available at 9 | * http://www.eclipse.org/legal/epl-v10.html 10 | * 11 | * The Apache License v2.0 is available at 12 | * http://www.opensource.org/licenses/apache2.0.php 13 | * 14 | * You may elect to redistribute this code under either of these licenses. 15 | */ 16 | package io.vertx.ext.auth.audit; 17 | 18 | import io.vertx.codegen.annotations.VertxGen; 19 | 20 | /** 21 | * A marker will define the structured data id in the log and contains metadata on which fields should be masked. 22 | * @author Paulo Lopes 23 | */ 24 | @VertxGen 25 | public enum Marker { 26 | 27 | AUTHENTICATION, 28 | AUTHORIZATION, 29 | REQUEST; 30 | } 31 | -------------------------------------------------------------------------------- /vertx-auth-common/src/main/java/io/vertx/ext/auth/impl/hash/SHA512.java: -------------------------------------------------------------------------------- 1 | /* 2 | * Copyright 2014 Red Hat, Inc. 3 | * 4 | * All rights reserved. This program and the accompanying materials 5 | * are made available under the terms of the Eclipse Public License v1.0 6 | * and Apache License v2.0 which accompanies this distribution. 7 | * 8 | * The Eclipse Public License is available at 9 | * http://www.eclipse.org/legal/epl-v10.html 10 | * 11 | * The Apache License v2.0 is available at 12 | * http://www.opensource.org/licenses/apache2.0.php 13 | * 14 | * You may elect to redistribute this code under either of these licenses. 15 | */ 16 | package io.vertx.ext.auth.impl.hash; 17 | 18 | /** 19 | * Implementation of the SHA512 Hashing algorithm 20 | * 21 | * @author Paulo Lopes 22 | */ 23 | public class SHA512 extends AbstractMDHash { 24 | 25 | public SHA512() { 26 | super("SHA-512"); 27 | } 28 | 29 | @Override 30 | public String id() { 31 | return "sha512"; 32 | } 33 | 34 | } 35 | -------------------------------------------------------------------------------- /vertx-auth-common/src/main/java/io/vertx/ext/auth/impl/hash/SHA1.java: -------------------------------------------------------------------------------- 1 | /* 2 | * Copyright (c) 2011-2019 The original author or authors 3 | * 4 | * All rights reserved. This program and the accompanying materials 5 | * are made available under the terms of the Eclipse Public License v1.0 6 | * and Apache License v2.0 which accompanies this distribution. 7 | * 8 | * The Eclipse Public License is available at 9 | * http://www.eclipse.org/legal/epl-v10.html 10 | * 11 | * The Apache License v2.0 is available at 12 | * http://www.opensource.org/licenses/apache2.0.php 13 | * 14 | * You may elect to redistribute this code under either of these licenses. 15 | */ 16 | 17 | package io.vertx.ext.auth.impl.hash; 18 | 19 | /** 20 | * Implementation of the SHA1 Hashing algorithm 21 | * 22 | * @author Lin Gao 23 | */ 24 | public class SHA1 extends AbstractMDHash { 25 | 26 | public SHA1() { 27 | super("SHA-1"); 28 | } 29 | 30 | @Override 31 | public String id() { 32 | return "sha1"; 33 | } 34 | 35 | } 36 | -------------------------------------------------------------------------------- /vertx-auth-webauthn4j/src/main/java/io/vertx/ext/auth/webauthn4j/impl/AuthData.java: -------------------------------------------------------------------------------- 1 | /* 2 | * Copyright 2019 Red Hat, Inc. 3 | * 4 | * All rights reserved. This program and the accompanying materials 5 | * are made available under the terms of the Eclipse Public License v1.0 6 | * and Apache License v2.0 which accompanies this distribution. 7 | * 8 | * The Eclipse Public License is available at 9 | * http://www.eclipse.org/legal/epl-v10.html 10 | * 11 | * The Apache License v2.0 is available at 12 | * http://www.opensource.org/licenses/apache2.0.php 13 | * 14 | * You may elect to redistribute this code under either of these licenses. 15 | */ 16 | 17 | package io.vertx.ext.auth.webauthn4j.impl; 18 | 19 | /** 20 | * FIDO2 Authenticator Data 21 | * This class decodes the buffer into a parsable object 22 | */ 23 | public class AuthData { 24 | 25 | public static final int USER_PRESENT = 0x01; 26 | public static final int USER_VERIFIED = 0x04; 27 | public static final int ATTESTATION_DATA = 0x40; 28 | public static final int EXTENSION_DATA = 0x80; 29 | 30 | } 31 | -------------------------------------------------------------------------------- /vertx-auth-common/src/main/java/io/vertx/ext/auth/impl/hash/SHA256.java: -------------------------------------------------------------------------------- 1 | /* 2 | * Copyright (c) 2011-2019 The original author or authors 3 | * 4 | * All rights reserved. This program and the accompanying materials 5 | * are made available under the terms of the Eclipse Public License v1.0 6 | * and Apache License v2.0 which accompanies this distribution. 7 | * 8 | * The Eclipse Public License is available at 9 | * http://www.eclipse.org/legal/epl-v10.html 10 | * 11 | * The Apache License v2.0 is available at 12 | * http://www.opensource.org/licenses/apache2.0.php 13 | * 14 | * You may elect to redistribute this code under either of these licenses. 15 | */ 16 | 17 | package io.vertx.ext.auth.impl.hash; 18 | 19 | /** 20 | * Implementation of the SHA256 Hashing algorithm 21 | * 22 | * @author Lin Gao 23 | */ 24 | public class SHA256 extends AbstractMDHash { 25 | 26 | public SHA256() { 27 | super("SHA-256"); 28 | } 29 | 30 | @Override 31 | public String id() { 32 | return "sha256"; 33 | } 34 | 35 | } 36 | -------------------------------------------------------------------------------- /vertx-auth-htpasswd/src/main/java/module-info.java: -------------------------------------------------------------------------------- 1 | /* 2 | * Copyright (c) 2011-2024 Contributors to the Eclipse Foundation 3 | * 4 | * This program and the accompanying materials are made available under the 5 | * terms of the Eclipse Public License 2.0 which is available at 6 | * http://www.eclipse.org/legal/epl-2.0, or the Apache License, Version 2.0 7 | * which is available at https://www.apache.org/licenses/LICENSE-2.0. 8 | * 9 | * SPDX-License-Identifier: EPL-2.0 OR Apache-2.0 10 | */ 11 | import io.vertx.ext.auth.hashing.HashingAlgorithm; 12 | import io.vertx.ext.auth.htpasswd.impl.hash.APR1; 13 | import io.vertx.ext.auth.htpasswd.impl.hash.Crypt; 14 | import io.vertx.ext.auth.htpasswd.impl.hash.SHA1; 15 | 16 | module io.vertx.auth.htpasswd { 17 | 18 | requires transitive io.vertx.auth.common; 19 | requires org.apache.commons.codec; 20 | 21 | requires static io.vertx.codegen.api; 22 | requires static io.vertx.codegen.json; 23 | requires static io.vertx.docgen; 24 | 25 | exports io.vertx.ext.auth.htpasswd; 26 | 27 | provides HashingAlgorithm with APR1, Crypt, SHA1; 28 | 29 | } 30 | -------------------------------------------------------------------------------- /.github/workflows/deploy.yml: -------------------------------------------------------------------------------- 1 | name: Deploy 2 | on: 3 | workflow_call: 4 | inputs: 5 | branch: 6 | required: true 7 | type: string 8 | jdk: 9 | default: 8 10 | type: string 11 | jobs: 12 | Deploy: 13 | name: Deploy to OSSRH 14 | runs-on: ubuntu-latest 15 | env: 16 | VERTX_NEXUS_USERNAME: ${{ secrets.VERTX_NEXUS_USERNAME }} 17 | VERTX_NEXUS_PASSWORD: ${{ secrets.VERTX_NEXUS_PASSWORD }} 18 | steps: 19 | - name: Checkout 20 | uses: actions/checkout@v3 21 | with: 22 | ref: ${{ inputs.branch }} 23 | - name: Install JDK 24 | uses: actions/setup-java@v3 25 | with: 26 | java-version: ${{ inputs.jdk }} 27 | distribution: temurin 28 | - name: Get project version 29 | run: echo "PROJECT_VERSION=$(mvn org.apache.maven.plugins:maven-help-plugin:evaluate -Dexpression=project.version -q -DforceStdout | grep -v '\[')" >> $GITHUB_ENV 30 | - name: Maven deploy 31 | if: ${{ endsWith(env.PROJECT_VERSION, '-SNAPSHOT') }} 32 | run: mvn deploy -s .github/maven-cd-settings.xml -DskipTests -B 33 | -------------------------------------------------------------------------------- /vertx-auth-common/src/main/java/io/vertx/ext/auth/authentication/CredentialValidationException.java: -------------------------------------------------------------------------------- 1 | /* 2 | * Copyright 2014 Red Hat, Inc. 3 | * 4 | * All rights reserved. This program and the accompanying materials 5 | * are made available under the terms of the Eclipse Public License v1.0 6 | * and Apache License v2.0 which accompanies this distribution. 7 | * 8 | * The Eclipse Public License is available at 9 | * http://www.eclipse.org/legal/epl-v10.html 10 | * 11 | * The Apache License v2.0 is available at 12 | * http://www.opensource.org/licenses/apache2.0.php 13 | * 14 | * You may elect to redistribute this code under either of these licenses. 15 | */ 16 | package io.vertx.ext.auth.authentication; 17 | 18 | /** 19 | * Signals that the validation of the {@link Credentials} implementation is not valid. 20 | * 21 | * @author Paulo Lopes 22 | */ 23 | public class CredentialValidationException extends RuntimeException { 24 | 25 | public CredentialValidationException(String message) { 26 | super(message); 27 | } 28 | 29 | public CredentialValidationException(String message, Throwable cause) { 30 | super(message, cause); 31 | } 32 | } 33 | -------------------------------------------------------------------------------- /vertx-auth-htpasswd/src/main/java/io/vertx/ext/auth/htpasswd/impl/hash/Plaintext.java: -------------------------------------------------------------------------------- 1 | /* 2 | * Copyright 2014 Red Hat, Inc. 3 | * 4 | * All rights reserved. This program and the accompanying materials 5 | * are made available under the terms of the Eclipse Public License v1.0 6 | * and Apache License v2.0 which accompanies this distribution. 7 | * 8 | * The Eclipse Public License is available at 9 | * http://www.eclipse.org/legal/epl-v10.html 10 | * 11 | * The Apache License v2.0 is available at 12 | * http://www.opensource.org/licenses/apache2.0.php 13 | * 14 | * You may elect to redistribute this code under either of these licenses. 15 | */ 16 | package io.vertx.ext.auth.htpasswd.impl.hash; 17 | 18 | import io.vertx.ext.auth.hashing.HashString; 19 | import io.vertx.ext.auth.hashing.HashingAlgorithm; 20 | 21 | /** 22 | * Implementation of the PlainText (NO-OP) Hashing algorithm 23 | * 24 | * @author Paulo Lopes 25 | */ 26 | public class Plaintext implements HashingAlgorithm { 27 | 28 | @Override 29 | public String id() { 30 | return ""; 31 | } 32 | 33 | @Override 34 | public String hash(HashString hashString, String password) { 35 | return password; 36 | } 37 | } 38 | -------------------------------------------------------------------------------- /vertx-auth-common/src/main/java/io/vertx/ext/auth/authorization/NotAuthorization.java: -------------------------------------------------------------------------------- 1 | /******************************************************************************** 2 | * Copyright (c) 2019 Stephane Bastian 3 | * 4 | * This program and the accompanying materials are made available under the 2 5 | * terms of the Eclipse Public License 2.0 which is available at 6 | * http://www.eclipse.org/legal/epl-2.0. 7 | * 8 | * SPDX-License-Identifier: EPL-2.0 3 9 | * 10 | * Contributors: 4 11 | * Stephane Bastian - initial API and implementation 12 | ********************************************************************************/ 13 | package io.vertx.ext.auth.authorization; 14 | 15 | import io.vertx.codegen.annotations.VertxGen; 16 | import io.vertx.ext.auth.authorization.impl.NotAuthorizationImpl; 17 | 18 | /** 19 | * Allows to perform a logical 'not' of the specified authorization 20 | * 21 | * @author Stephane Bastian 22 | */ 23 | @VertxGen 24 | public interface NotAuthorization extends Authorization { 25 | 26 | static NotAuthorization create(Authorization authorization) { 27 | return new NotAuthorizationImpl(authorization); 28 | } 29 | 30 | Authorization getAuthorization(); 31 | 32 | } 33 | -------------------------------------------------------------------------------- /vertx-auth-htpasswd/src/test/java/io/vertx/tests/EncodingTest.java: -------------------------------------------------------------------------------- 1 | package io.vertx.tests; 2 | 3 | import io.vertx.ext.auth.hashing.HashingStrategy; 4 | import org.junit.Test; 5 | 6 | import static org.junit.Assert.assertFalse; 7 | import static org.junit.Assert.assertTrue; 8 | 9 | public class EncodingTest { 10 | 11 | private final HashingStrategy strategy = HashingStrategy.load(); 12 | 13 | @Test 14 | public void testSHA1() { 15 | assertTrue(strategy.verify("{SHA}W6ph5Mm5Pz8GgiULbPgzG37mj9g=", "password")); 16 | assertFalse(strategy.verify("{SHA}W6ph5Mm5Pz8GgiULbPgzG37mj8g=", "password")); 17 | } 18 | 19 | @Test 20 | public void testCrypt() { 21 | assertTrue(strategy.verify("b5R8K8YXZaSq2", "password")); 22 | assertFalse(strategy.verify("b5R8K8YXZaSq3", "password")); 23 | } 24 | 25 | @Test 26 | public void testBrypt() { 27 | // this test should fail as there is no known open source project that can generate $2y$ hashes 28 | assertFalse(strategy.verify("$2y$10$wBza2CzSTNeOjMdrwq.UquoCj4cPpdOzcF0/.JPqLJQ2qQDpT4ehG", "password")); 29 | } 30 | 31 | @Test 32 | public void testAPR1() { 33 | assertTrue(strategy.verify("$apr1$vm2xls13$Rk6E1Pqoep3Ze9fvQMDBU/", "password")); 34 | assertFalse(strategy.verify("$apr1$vm2xls13$Rk6E1Pqoep3Ze0fvQMDBU/", "password")); 35 | } 36 | } 37 | -------------------------------------------------------------------------------- /vertx-auth-common/src/main/java/io/vertx/ext/auth/authorization/OrAuthorization.java: -------------------------------------------------------------------------------- 1 | /******************************************************************************** 2 | * Copyright (c) 2019 Stephane Bastian 3 | * 4 | * This program and the accompanying materials are made available under the 2 5 | * terms of the Eclipse Public License 2.0 which is available at 6 | * http://www.eclipse.org/legal/epl-2.0. 7 | * 8 | * SPDX-License-Identifier: EPL-2.0 3 9 | * 10 | * Contributors: 4 11 | * Stephane Bastian - initial API and implementation 12 | ********************************************************************************/ 13 | package io.vertx.ext.auth.authorization; 14 | 15 | import io.vertx.codegen.annotations.VertxGen; 16 | import io.vertx.ext.auth.authorization.impl.OrAuthorizationImpl; 17 | 18 | import java.util.List; 19 | 20 | /** 21 | * Allows to perform a logical 'or' between several authorizations 22 | * 23 | * @author Stephane Bastian 24 | */ 25 | @VertxGen 26 | public interface OrAuthorization extends Authorization { 27 | 28 | static OrAuthorization create() { 29 | return new OrAuthorizationImpl(); 30 | } 31 | 32 | List getAuthorizations(); 33 | 34 | OrAuthorization addAuthorization(Authorization authorization); 35 | 36 | } 37 | -------------------------------------------------------------------------------- /vertx-auth-common/src/main/java/io/vertx/ext/auth/authorization/AndAuthorization.java: -------------------------------------------------------------------------------- 1 | /******************************************************************************** 2 | * Copyright (c) 2019 Stephane Bastian 3 | * 4 | * This program and the accompanying materials are made available under the 2 5 | * terms of the Eclipse Public License 2.0 which is available at 6 | * http://www.eclipse.org/legal/epl-2.0. 7 | * 8 | * SPDX-License-Identifier: EPL-2.0 3 9 | * 10 | * Contributors: 4 11 | * Stephane Bastian - initial API and implementation 12 | ********************************************************************************/ 13 | package io.vertx.ext.auth.authorization; 14 | 15 | import io.vertx.codegen.annotations.VertxGen; 16 | import io.vertx.ext.auth.authorization.impl.AndAuthorizationImpl; 17 | 18 | import java.util.List; 19 | 20 | /** 21 | * Allows to perform a logical 'and' between several authorizations 22 | * 23 | * @author Stephane Bastian 24 | */ 25 | @VertxGen 26 | public interface AndAuthorization extends Authorization { 27 | 28 | static AndAuthorization create() { 29 | return new AndAuthorizationImpl(); 30 | } 31 | 32 | List getAuthorizations(); 33 | 34 | AndAuthorization addAuthorization(Authorization authorization); 35 | 36 | } 37 | -------------------------------------------------------------------------------- /vertx-auth-oauth2/README.adoc: -------------------------------------------------------------------------------- 1 | = Vert.x OAuth2 Auth 2 | 3 | Please see the documentation for more information. 4 | 5 | == Running test 6 | 7 | Standard unit tests are run against a mock of some providers, `Google`, `Keycloak` to run against a real provider (`Keycloak`) the `IT` profile must be enabled, which you can do by: 8 | 9 | [source] 10 | ---- 11 | mvn -PIT ... 12 | ---- 13 | 14 | Or by having the environment variable `TRAVIS` set to `true`. 15 | When running the integration tests you must have a local keycloak installed with the configuration file `src/test/fixtures/vertx-test-realm.json`. 16 | 17 | And the container can be run locally as: 18 | 19 | [source] 20 | ---- 21 | # build the image if not present 22 | docker build -t vertx-test-keycloak src/test/fixtures 23 | # run once there is a image 24 | docker run -d -p 8888:8080 vertx-test-keycloak 25 | ---- 26 | 27 | === IntelliJ IDE 28 | 29 | In IntelliJ IDE, you have to uncheck `argLine` in Preferences -> Build,Execution,Deployment -> Build Tools -> Maven -> Running Tests ... 30 | 31 | to avoid `IntelliJ Error when running unit test: Could not find or load main class ${surefireArgLine}` 32 | 33 | - https://github.com/vert-x3/vertx-ext-parent/issues/7 34 | - https://stackoverflow.com/questions/24115142/intellij-error-when-running-unit-test-could-not-find-or-load-main-class-suref 35 | 36 | -------------------------------------------------------------------------------- /vertx-auth-sql-client/src/test/resources/mysql-auth-ddl-test.sql: -------------------------------------------------------------------------------- 1 | CREATE TABLE `users` 2 | ( 3 | username VARCHAR(255) NOT NULL, 4 | password VARCHAR(255) NOT NULL 5 | ); 6 | 7 | CREATE TABLE `users_roles` 8 | ( 9 | username VARCHAR(255) NOT NULL, 10 | role VARCHAR(255) NOT NULL 11 | ); 12 | 13 | CREATE TABLE `roles_perms` 14 | ( 15 | role VARCHAR(255) NOT NULL, 16 | perm VARCHAR(255) NOT NULL 17 | ); 18 | 19 | ALTER TABLE `users` 20 | ADD CONSTRAINT pk_username PRIMARY KEY (username); 21 | ALTER TABLE `users_roles` 22 | ADD CONSTRAINT pk_users_roles PRIMARY KEY (username, role); 23 | ALTER TABLE `roles_perms` 24 | ADD CONSTRAINT pk_roles_perms PRIMARY KEY (role, perm); 25 | 26 | ALTER TABLE users_roles 27 | ADD CONSTRAINT fk_username FOREIGN KEY (username) REFERENCES users (username); 28 | 29 | -- Test data -- 30 | 31 | insert into users 32 | values ('lopus', 33 | '$pbkdf2$1drH02tXcgS5ipJIf8v/AlL/qm3CjAgAp7Qt3hyJx/c$/lONU4cTa3ayMRJbHIup47nX/1HhysyzDA0dpoFpsf727LoGH2OZ+SyFCGtv/pIEZK3mQtJv+yjzD+W0quF6xg'); 34 | 35 | insert into roles_perms 36 | values ('dev', 'commit_code'); 37 | insert into roles_perms 38 | values ('dev', 'eat_pizza'); 39 | insert into roles_perms 40 | values ('admin', 'merge_pr'); 41 | insert into users_roles 42 | values ('lopus', 'dev'); 43 | insert into users_roles 44 | values ('lopus', 'admin'); 45 | -------------------------------------------------------------------------------- /vertx-auth-common/src/test/node/test-ec/index.js: -------------------------------------------------------------------------------- 1 | var assert = require('assert'); 2 | var fs = require('fs'); 3 | var jwt = require('jsonwebtoken'); 4 | 5 | describe('JWT', function () { 6 | describe('interop', function () { 7 | it('should verify a token generated from Vert.x', function () { 8 | 9 | // One way to create a key pair is: 10 | // openssl ecparam -name secp256r1 -genkey -param_enc explicit -out ecdsa-private.pem 11 | // openssl ec -in ecdsa-private.pem -pubout -out ecdsa-public.pem 12 | 13 | // but we just reuse the keytool one (we need to mark the begin/end so the node api can process it) 14 | var PUBKEY = '-----BEGIN PUBLIC KEY-----\nMFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEwq481nd4jdkvwYCck6CaC+obxrrLOdArA28iPxkKyRw687M7WJZI4OGnIMx97uSuANNCb7SllqoKvYJix+0OMg==\n-----END PUBLIC KEY-----'; 15 | 16 | var token = 'eyJ0eXAiOiJKV1QiLCJhbGciOiJFUzI1NiJ9.eyJ0ZXN0IjoidGVzdCIsImlhdCI6MTQ5OTA3Mzg5Nn0.TVZyzs1KNXywNi3MEv5UuoHl9lq9kBvIBRk1C5Qj8SdMhmlqHmFh1OtAJDmeyiDOxEbg-nfiVLrQAL9HpkNcDA'; 17 | // the token was created from the private key above in vert.x using: 18 | // String signed = sk.sign(new JsonObject().put("test", "test"), new JsonObject().put("algorithm", "ES256")); 19 | 20 | var decoded = jwt.verify(token, PUBKEY); 21 | assert.equal('test', decoded.test); 22 | }); 23 | }); 24 | }); 25 | 26 | -------------------------------------------------------------------------------- /vertx-auth-sql-client/src/main/generated/io/vertx/ext/auth/sqlclient/SqlAuthenticationOptionsConverter.java: -------------------------------------------------------------------------------- 1 | package io.vertx.ext.auth.sqlclient; 2 | 3 | import io.vertx.core.json.JsonObject; 4 | import io.vertx.core.json.JsonArray; 5 | 6 | /** 7 | * Converter and mapper for {@link io.vertx.ext.auth.sqlclient.SqlAuthenticationOptions}. 8 | * NOTE: This class has been automatically generated from the {@link io.vertx.ext.auth.sqlclient.SqlAuthenticationOptions} original class using Vert.x codegen. 9 | */ 10 | public class SqlAuthenticationOptionsConverter { 11 | 12 | static void fromJson(Iterable> json, SqlAuthenticationOptions obj) { 13 | for (java.util.Map.Entry member : json) { 14 | switch (member.getKey()) { 15 | case "authenticationQuery": 16 | if (member.getValue() instanceof String) { 17 | obj.setAuthenticationQuery((String)member.getValue()); 18 | } 19 | break; 20 | } 21 | } 22 | } 23 | 24 | static void toJson(SqlAuthenticationOptions obj, JsonObject json) { 25 | toJson(obj, json.getMap()); 26 | } 27 | 28 | static void toJson(SqlAuthenticationOptions obj, java.util.Map json) { 29 | if (obj.getAuthenticationQuery() != null) { 30 | json.put("authenticationQuery", obj.getAuthenticationQuery()); 31 | } 32 | } 33 | } 34 | -------------------------------------------------------------------------------- /vertx-auth-common/src/main/java/io/vertx/ext/auth/authorization/impl/AuthorizationContextImpl.java: -------------------------------------------------------------------------------- 1 | /******************************************************************************** 2 | * Copyright (c) 2019 Stephane Bastian 3 | * 4 | * This program and the accompanying materials are made available under the 2 5 | * terms of the Eclipse Public License 2.0 which is available at 6 | * http://www.eclipse.org/legal/epl-2.0. 7 | * 8 | * SPDX-License-Identifier: EPL-2.0 3 9 | * 10 | * Contributors: 4 11 | * Stephane Bastian - initial API and implementation 12 | ********************************************************************************/ 13 | package io.vertx.ext.auth.authorization.impl; 14 | 15 | import io.vertx.core.MultiMap; 16 | import io.vertx.ext.auth.User; 17 | import io.vertx.ext.auth.authorization.AuthorizationContext; 18 | 19 | import java.util.Objects; 20 | 21 | public class AuthorizationContextImpl implements AuthorizationContext { 22 | 23 | private final User user; 24 | private final MultiMap variables; 25 | 26 | public AuthorizationContextImpl(User user, MultiMap variables) { 27 | this.user = Objects.requireNonNull(user); 28 | this.variables = Objects.requireNonNull(variables); 29 | } 30 | 31 | @Override 32 | public User user() { 33 | return user; 34 | } 35 | 36 | @Override 37 | public MultiMap variables() { 38 | return variables; 39 | } 40 | 41 | } 42 | -------------------------------------------------------------------------------- /vertx-auth-properties/src/main/asciidoc/index.adoc: -------------------------------------------------------------------------------- 1 | = property file Auth provider 2 | 3 | This auth provider implementation reads users, roles and permissions from a property file that is compatible with the format used by http://shiro.apache.org/static/1.3.2/apidocs/org/apache/shiro/realm/text/PropertiesRealm.html[Apache Shiro Properties Realm]. 4 | 5 | Note that there is no dependency on Apache Shiro as this is a new implementation that is simply compatible with the Apache Shiro format 6 | 7 | The properties file should have the following structure: 8 | 9 | Each line should either contain the username, password and roles for a user or the permissions in a role. 10 | 11 | For a user line it should be of the form: 12 | 13 | user.{username}={password},{roleName1},{roleName2},...,{roleNameN} 14 | 15 | For a role line it should be of the form: 16 | 17 | role.{roleName}={permissionName1},{permissionName2},...,{permissionNameN} 18 | 19 | Here's an example: 20 | 21 | ---- 22 | user.tim = mypassword,administrator,developer 23 | user.bob = hispassword,developer 24 | user.joe = anotherpassword,manager 25 | role.administrator=* 26 | role.manager=play_golf,say_buzzwords 27 | role.developer=do_actual_work 28 | ---- 29 | 30 | When describing roles a wildcard `*` can be used to indicate that the role has all permissions. 31 | 32 | The implementation currently assumes that user/password based authentication is used. 33 | -------------------------------------------------------------------------------- /.github/workflows/codeql-analysis.yml: -------------------------------------------------------------------------------- 1 | name: "CodeQL" 2 | 3 | on: 4 | push: 5 | branches: [ master ] 6 | pull_request: 7 | # The branches below must be a subset of the branches above 8 | branches: [ master ] 9 | schedule: 10 | - cron: '0 4 * * *' 11 | 12 | jobs: 13 | analyze: 14 | name: Analyze 15 | runs-on: ubuntu-latest 16 | permissions: 17 | actions: read 18 | contents: read 19 | security-events: write 20 | 21 | strategy: 22 | fail-fast: false 23 | matrix: 24 | language: [ 'java' ] 25 | # CodeQL supports [ 'cpp', 'csharp', 'go', 'java', 'javascript', 'python' ] 26 | # https://docs.github.com/en/free-pro-team@latest/github/finding-security-vulnerabilities-and-errors-in-your-code/configuring-code-scanning#changing-the-languages-that-are-analyzed 27 | 28 | steps: 29 | - name: Checkout repository 30 | uses: actions/checkout@v3 31 | 32 | # Initializes the CodeQL tools for scanning. 33 | - name: Initialize CodeQL 34 | uses: github/codeql-action/init@v2 35 | with: 36 | languages: ${{ matrix.language }} 37 | 38 | # Autobuild attempts to build any compiled languages (C/C++, C#, or Java). 39 | - name: Autobuild 40 | uses: github/codeql-action/autobuild@v2 41 | 42 | - name: Perform CodeQL Analysis 43 | uses: github/codeql-action/analyze@v2 44 | -------------------------------------------------------------------------------- /vertx-auth-common/src/main/java/io/vertx/ext/auth/NoSuchKeyIdException.java: -------------------------------------------------------------------------------- 1 | /* 2 | * Copyright 2015 Red Hat, Inc. 3 | * 4 | * All rights reserved. This program and the accompanying materials 5 | * are made available under the terms of the Eclipse Public License v1.0 6 | * and Apache License v2.0 which accompanies this distribution. 7 | * 8 | * The Eclipse Public License is available at 9 | * http://www.eclipse.org/legal/epl-v10.html 10 | * 11 | * The Apache License v2.0 is available at 12 | * http://www.opensource.org/licenses/apache2.0.php 13 | * 14 | * You may elect to redistribute this code under either of these licenses. 15 | */ 16 | package io.vertx.ext.auth; 17 | 18 | /** 19 | * No such KeyId exception is thrown when a JWT with a well known "kid" does not find a matching "kid" in the crypto 20 | * list. 21 | */ 22 | public final class NoSuchKeyIdException extends RuntimeException { 23 | 24 | private final String id; 25 | 26 | public NoSuchKeyIdException(String alg) { 27 | this(alg, ""); 28 | } 29 | 30 | public NoSuchKeyIdException(String alg, String kid) { 31 | super("algorithm [" + alg + "]: " + kid); 32 | this.id = alg + "#" + kid; 33 | } 34 | 35 | /** 36 | * Returns the missing key with the format {@code ALGORITHM + '#' + KEY_ID}. 37 | * 38 | * @return the id of the missing key 39 | */ 40 | public String id() { 41 | return id; 42 | } 43 | } 44 | -------------------------------------------------------------------------------- /vertx-auth-htpasswd/src/main/java/io/vertx/ext/auth/htpasswd/impl/hash/Crypt.java: -------------------------------------------------------------------------------- 1 | /* 2 | * Copyright 2014 Red Hat, Inc. 3 | * 4 | * All rights reserved. This program and the accompanying materials 5 | * are made available under the terms of the Eclipse Public License v1.0 6 | * and Apache License v2.0 which accompanies this distribution. 7 | * 8 | * The Eclipse Public License is available at 9 | * http://www.eclipse.org/legal/epl-v10.html 10 | * 11 | * The Apache License v2.0 is available at 12 | * http://www.opensource.org/licenses/apache2.0.php 13 | * 14 | * You may elect to redistribute this code under either of these licenses. 15 | */ 16 | package io.vertx.ext.auth.htpasswd.impl.hash; 17 | 18 | import io.vertx.ext.auth.hashing.HashString; 19 | import io.vertx.ext.auth.hashing.HashingAlgorithm; 20 | import org.apache.commons.codec.digest.UnixCrypt; 21 | 22 | /** 23 | * Implementation of the Crypt Hashing algorithm 24 | * 25 | * @author Paulo Lopes 26 | */ 27 | public class Crypt implements HashingAlgorithm { 28 | 29 | @Override 30 | public String id() { 31 | return ""; 32 | } 33 | 34 | @Override 35 | public String hash(HashString hashString, String password) { 36 | // htpasswd uses the first 2 bytes as salt 37 | final String cryptSalt = hashString.hash().substring(0, 2); 38 | return UnixCrypt.crypt(password, cryptSalt); 39 | } 40 | } 41 | -------------------------------------------------------------------------------- /vertx-auth-htpasswd/src/main/java/io/vertx/ext/auth/htpasswd/HtpasswdAuth.java: -------------------------------------------------------------------------------- 1 | /* 2 | * Copyright 2014 Red Hat, Inc. 3 | * 4 | * All rights reserved. This program and the accompanying materials 5 | * are made available under the terms of the Eclipse Public License v1.0 6 | * and Apache License v2.0 which accompanies this distribution. 7 | * 8 | * The Eclipse Public License is available at 9 | * http://www.eclipse.org/legal/epl-v10.html 10 | * 11 | * The Apache License v2.0 is available at 12 | * http://www.opensource.org/licenses/apache2.0.php 13 | * 14 | * You may elect to redistribute this code under either of these licenses. 15 | */ 16 | package io.vertx.ext.auth.htpasswd; 17 | 18 | import io.vertx.codegen.annotations.VertxGen; 19 | import io.vertx.core.Vertx; 20 | import io.vertx.ext.auth.authentication.AuthenticationProvider; 21 | import io.vertx.ext.auth.htpasswd.impl.HtpasswdAuthImpl; 22 | 23 | /** 24 | * An extension of AuthProvider which is using htpasswd file as store 25 | * 26 | * @author Neven Radovanović 27 | */ 28 | @VertxGen 29 | public interface HtpasswdAuth extends AuthenticationProvider { 30 | 31 | static HtpasswdAuth create(Vertx vertx) { 32 | return new HtpasswdAuthImpl(vertx, new HtpasswdAuthOptions()); 33 | } 34 | 35 | static HtpasswdAuth create(Vertx vertx, HtpasswdAuthOptions htpasswdAuthOptions) { 36 | return new HtpasswdAuthImpl(vertx, htpasswdAuthOptions); 37 | } 38 | } 39 | -------------------------------------------------------------------------------- /vertx-auth-common/src/main/java/io/vertx/ext/auth/authentication/AuthenticationProvider.java: -------------------------------------------------------------------------------- 1 | /* 2 | * Copyright 2014 Red Hat, Inc. 3 | * 4 | * All rights reserved. This program and the accompanying materials 5 | * are made available under the terms of the Eclipse Public License v1.0 6 | * and Apache License v2.0 which accompanies this distribution. 7 | * 8 | * The Eclipse Public License is available at 9 | * http://www.eclipse.org/legal/epl-v10.html 10 | * 11 | * The Apache License v2.0 is available at 12 | * http://www.opensource.org/licenses/apache2.0.php 13 | * 14 | * You may elect to redistribute this code under either of these licenses. 15 | */ 16 | 17 | package io.vertx.ext.auth.authentication; 18 | 19 | import io.vertx.codegen.annotations.VertxGen; 20 | import io.vertx.core.Future; 21 | import io.vertx.ext.auth.User; 22 | 23 | /** 24 | * User-facing interface for authenticating users. 25 | * 26 | * @author Tim Fox 27 | */ 28 | @VertxGen 29 | public interface AuthenticationProvider { 30 | 31 | /** 32 | * Authenticate a user. 33 | *

34 | * The first argument is a Credentials object containing information for authenticating the user. 35 | * What this actually contains depends on the specific implementation. 36 | * 37 | * @param credentials The credentials 38 | * @return The result future 39 | */ 40 | Future authenticate(Credentials credentials); 41 | } 42 | -------------------------------------------------------------------------------- /vertx-auth-htpasswd/src/main/java/io/vertx/ext/auth/htpasswd/impl/hash/APR1.java: -------------------------------------------------------------------------------- 1 | /* 2 | * Copyright 2014 Red Hat, Inc. 3 | * 4 | * All rights reserved. This program and the accompanying materials 5 | * are made available under the terms of the Eclipse Public License v1.0 6 | * and Apache License v2.0 which accompanies this distribution. 7 | * 8 | * The Eclipse Public License is available at 9 | * http://www.eclipse.org/legal/epl-v10.html 10 | * 11 | * The Apache License v2.0 is available at 12 | * http://www.opensource.org/licenses/apache2.0.php 13 | * 14 | * You may elect to redistribute this code under either of these licenses. 15 | */ 16 | package io.vertx.ext.auth.htpasswd.impl.hash; 17 | 18 | import io.vertx.ext.auth.hashing.HashString; 19 | import io.vertx.ext.auth.hashing.HashingAlgorithm; 20 | import org.apache.commons.codec.digest.Md5Crypt; 21 | 22 | /** 23 | * Implementation of the APR1 Hashing algorithm 24 | * 25 | * @author Paulo Lopes 26 | */ 27 | public class APR1 implements HashingAlgorithm { 28 | 29 | @Override 30 | public String id() { 31 | return "apr1"; 32 | } 33 | 34 | @Override 35 | public String hash(HashString hashString, String password) { 36 | final String apr1Salt = "$apr1$" + hashString.salt(); 37 | String res = Md5Crypt.apr1Crypt(password, apr1Salt); 38 | // we need to exclude the salt part 39 | return res.substring(apr1Salt.length() + 1); 40 | } 41 | } 42 | -------------------------------------------------------------------------------- /vertx-auth-webauthn4j/src/main/java/io/vertx/ext/auth/webauthn4j/impl/VertxHttpAsyncClient.java: -------------------------------------------------------------------------------- 1 | package io.vertx.ext.auth.webauthn4j.impl; 2 | 3 | import java.io.ByteArrayInputStream; 4 | import java.util.concurrent.CompletionStage; 5 | 6 | import com.webauthn4j.async.metadata.HttpAsyncClient; 7 | import com.webauthn4j.metadata.HttpClient.Response; 8 | import com.webauthn4j.metadata.exception.MDSException; 9 | 10 | import io.vertx.core.Vertx; 11 | import io.vertx.core.buffer.Buffer; 12 | import io.vertx.core.http.HttpClientOptions; 13 | import io.vertx.core.http.HttpMethod; 14 | import io.vertx.ext.auth.impl.http.SimpleHttpClient; 15 | 16 | public class VertxHttpAsyncClient implements HttpAsyncClient { 17 | 18 | private static final byte[] NO_BYTES = new byte[0]; 19 | private SimpleHttpClient httpClient; 20 | 21 | public VertxHttpAsyncClient(Vertx vertx) { 22 | this.httpClient = new SimpleHttpClient(vertx, "vertx-auth", new HttpClientOptions()); 23 | } 24 | 25 | @Override 26 | public CompletionStage fetch(String uri) throws MDSException { 27 | return httpClient 28 | .fetch(HttpMethod.GET, uri, null, null) 29 | .map(res -> { 30 | Buffer body = res.body(); 31 | byte[] bytes; 32 | if(body != null) { 33 | bytes = body.getBytes(); 34 | } else { 35 | bytes = NO_BYTES; 36 | } 37 | return new Response(res.statusCode(), new ByteArrayInputStream(bytes)); 38 | }).toCompletionStage(); 39 | } 40 | 41 | } 42 | -------------------------------------------------------------------------------- /vertx-auth-webauthn4j/src/main/generated/io/vertx/ext/auth/webauthn4j/RelyingPartyConverter.java: -------------------------------------------------------------------------------- 1 | package io.vertx.ext.auth.webauthn4j; 2 | 3 | import io.vertx.core.json.JsonObject; 4 | import io.vertx.core.json.JsonArray; 5 | 6 | /** 7 | * Converter and mapper for {@link io.vertx.ext.auth.webauthn4j.RelyingParty}. 8 | * NOTE: This class has been automatically generated from the {@link io.vertx.ext.auth.webauthn4j.RelyingParty} original class using Vert.x codegen. 9 | */ 10 | public class RelyingPartyConverter { 11 | 12 | static void fromJson(Iterable> json, RelyingParty obj) { 13 | for (java.util.Map.Entry member : json) { 14 | switch (member.getKey()) { 15 | case "id": 16 | if (member.getValue() instanceof String) { 17 | obj.setId((String)member.getValue()); 18 | } 19 | break; 20 | case "name": 21 | if (member.getValue() instanceof String) { 22 | obj.setName((String)member.getValue()); 23 | } 24 | break; 25 | } 26 | } 27 | } 28 | 29 | static void toJson(RelyingParty obj, JsonObject json) { 30 | toJson(obj, json.getMap()); 31 | } 32 | 33 | static void toJson(RelyingParty obj, java.util.Map json) { 34 | if (obj.getId() != null) { 35 | json.put("id", obj.getId()); 36 | } 37 | if (obj.getName() != null) { 38 | json.put("name", obj.getName()); 39 | } 40 | } 41 | } 42 | -------------------------------------------------------------------------------- /vertx-auth-jwt/src/main/java/io/vertx/ext/auth/jwt/authorization/JWTAuthorization.java: -------------------------------------------------------------------------------- 1 | /* 2 | * Copyright 2015 Red Hat, Inc. 3 | * 4 | * All rights reserved. This program and the accompanying materials 5 | * are made available under the terms of the Eclipse Public License v1.0 6 | * and Apache License v2.0 which accompanies this distribution. 7 | * 8 | * The Eclipse Public License is available at 9 | * http://www.eclipse.org/legal/epl-v10.html 10 | * 11 | * The Apache License v2.0 is available at 12 | * http://www.opensource.org/licenses/apache2.0.php 13 | * 14 | * You may elect to redistribute this code under either of these licenses. 15 | */ 16 | package io.vertx.ext.auth.jwt.authorization; 17 | 18 | import io.vertx.codegen.annotations.VertxGen; 19 | import io.vertx.ext.auth.authorization.AuthorizationProvider; 20 | import io.vertx.ext.auth.jwt.authorization.impl.JWTAuthorizationImpl; 21 | 22 | /** 23 | * Implementation of the JWT authorization provider. 24 | * 25 | * @author Paulo Lopes. 26 | */ 27 | @VertxGen 28 | public interface JWTAuthorization extends AuthorizationProvider { 29 | 30 | /** 31 | * Factory method to create a Authorization provider for JWT tokens. 32 | * 33 | * @param rootClaim slash separated string to the json array with the claims. 34 | * @return a AuthorizationProvider 35 | */ 36 | static JWTAuthorization create(String rootClaim) { 37 | return new JWTAuthorizationImpl(rootClaim); 38 | } 39 | } 40 | -------------------------------------------------------------------------------- /vertx-auth-otp/src/main/generated/io/vertx/ext/auth/otp/OtpCredentialsConverter.java: -------------------------------------------------------------------------------- 1 | package io.vertx.ext.auth.otp; 2 | 3 | import io.vertx.core.json.JsonObject; 4 | import io.vertx.core.json.JsonArray; 5 | 6 | /** 7 | * Converter and mapper for {@link io.vertx.ext.auth.otp.OtpCredentials}. 8 | * NOTE: This class has been automatically generated from the {@link io.vertx.ext.auth.otp.OtpCredentials} original class using Vert.x codegen. 9 | */ 10 | public class OtpCredentialsConverter { 11 | 12 | static void fromJson(Iterable> json, OtpCredentials obj) { 13 | for (java.util.Map.Entry member : json) { 14 | switch (member.getKey()) { 15 | case "code": 16 | if (member.getValue() instanceof String) { 17 | obj.setCode((String)member.getValue()); 18 | } 19 | break; 20 | case "identifier": 21 | if (member.getValue() instanceof String) { 22 | obj.setIdentifier((String)member.getValue()); 23 | } 24 | break; 25 | } 26 | } 27 | } 28 | 29 | static void toJson(OtpCredentials obj, JsonObject json) { 30 | toJson(obj, json.getMap()); 31 | } 32 | 33 | static void toJson(OtpCredentials obj, java.util.Map json) { 34 | if (obj.getCode() != null) { 35 | json.put("code", obj.getCode()); 36 | } 37 | if (obj.getIdentifier() != null) { 38 | json.put("identifier", obj.getIdentifier()); 39 | } 40 | } 41 | } 42 | -------------------------------------------------------------------------------- /vertx-auth-htpasswd/src/main/java/examples/AuthHtpasswdExamples.java: -------------------------------------------------------------------------------- 1 | /* 2 | * Copyright 2014 Red Hat, Inc. 3 | * 4 | * All rights reserved. This program and the accompanying materials 5 | * are made available under the terms of the Eclipse Public License v1.0 6 | * and Apache License v2.0 which accompanies this distribution. 7 | * 8 | * The Eclipse Public License is available at 9 | * http://www.eclipse.org/legal/epl-v10.html 10 | * 11 | * The Apache License v2.0 is available at 12 | * http://www.opensource.org/licenses/apache2.0.php 13 | * 14 | * You may elect to redistribute this code under either of these licenses. 15 | */ 16 | 17 | package examples; 18 | 19 | import io.vertx.core.Vertx; 20 | import io.vertx.ext.auth.authentication.Credentials; 21 | import io.vertx.ext.auth.authentication.UsernamePasswordCredentials; 22 | import io.vertx.ext.auth.htpasswd.HtpasswdAuth; 23 | import io.vertx.ext.auth.htpasswd.HtpasswdAuthOptions; 24 | 25 | /** 26 | * @author Neven Radovanović 27 | */ 28 | public class AuthHtpasswdExamples { 29 | 30 | public void example1(Vertx vertx) { 31 | HtpasswdAuth authProvider = HtpasswdAuth 32 | .create(vertx, new HtpasswdAuthOptions()); 33 | } 34 | 35 | public void example2(HtpasswdAuth authProvider) { 36 | Credentials authInfo = new UsernamePasswordCredentials( 37 | "someUser", "somePassword"); 38 | 39 | authProvider.authenticate(authInfo) 40 | .onSuccess(user -> { 41 | // OK 42 | }) 43 | .onFailure(err -> { 44 | // Failed! 45 | }); 46 | } 47 | } 48 | -------------------------------------------------------------------------------- /vertx-auth-ldap/src/main/java/io/vertx/ext/auth/ldap/LdapAuthentication.java: -------------------------------------------------------------------------------- 1 | /******************************************************************************** 2 | * Copyright (c) 2019 Stephane Bastian 3 | * 4 | * This program and the accompanying materials are made available under the 2 5 | * terms of the Eclipse Public License 2.0 which is available at 6 | * http://www.eclipse.org/legal/epl-2.0. 7 | * 8 | * SPDX-License-Identifier: EPL-2.0 3 9 | * 10 | * Contributors: 4 11 | * Stephane Bastian - initial API and implementation 12 | ********************************************************************************/ 13 | package io.vertx.ext.auth.ldap; 14 | 15 | import io.vertx.codegen.annotations.VertxGen; 16 | import io.vertx.core.Vertx; 17 | import io.vertx.ext.auth.authentication.AuthenticationProvider; 18 | import io.vertx.ext.auth.ldap.impl.LdapAuthenticationImpl; 19 | 20 | /** 21 | * Factory interface for creating a LDAP {@link io.vertx.ext.auth.authentication.AuthenticationProvider}. 22 | * 23 | * @author Stephane Bastian 24 | */ 25 | @VertxGen 26 | public interface LdapAuthentication extends AuthenticationProvider { 27 | 28 | /** 29 | * Create a LDAP authentication provider 30 | * 31 | * @param vertx the Vert.x instance 32 | * @param options the ldap options 33 | * @return the authentication provider 34 | */ 35 | static LdapAuthentication create(Vertx vertx, LdapAuthenticationOptions options) { 36 | return new LdapAuthenticationImpl(vertx, options); 37 | } 38 | } 39 | -------------------------------------------------------------------------------- /vertx-auth-htpasswd/src/main/generated/io/vertx/ext/auth/htpasswd/HtpasswdAuthOptionsConverter.java: -------------------------------------------------------------------------------- 1 | package io.vertx.ext.auth.htpasswd; 2 | 3 | import io.vertx.core.json.JsonObject; 4 | import io.vertx.core.json.JsonArray; 5 | 6 | /** 7 | * Converter and mapper for {@link io.vertx.ext.auth.htpasswd.HtpasswdAuthOptions}. 8 | * NOTE: This class has been automatically generated from the {@link io.vertx.ext.auth.htpasswd.HtpasswdAuthOptions} original class using Vert.x codegen. 9 | */ 10 | public class HtpasswdAuthOptionsConverter { 11 | 12 | static void fromJson(Iterable> json, HtpasswdAuthOptions obj) { 13 | for (java.util.Map.Entry member : json) { 14 | switch (member.getKey()) { 15 | case "plainTextEnabled": 16 | if (member.getValue() instanceof Boolean) { 17 | obj.setPlainTextEnabled((Boolean)member.getValue()); 18 | } 19 | break; 20 | case "htpasswdFile": 21 | if (member.getValue() instanceof String) { 22 | obj.setHtpasswdFile((String)member.getValue()); 23 | } 24 | break; 25 | } 26 | } 27 | } 28 | 29 | static void toJson(HtpasswdAuthOptions obj, JsonObject json) { 30 | toJson(obj, json.getMap()); 31 | } 32 | 33 | static void toJson(HtpasswdAuthOptions obj, java.util.Map json) { 34 | json.put("plainTextEnabled", obj.isPlainTextEnabled()); 35 | if (obj.getHtpasswdFile() != null) { 36 | json.put("htpasswdFile", obj.getHtpasswdFile()); 37 | } 38 | } 39 | } 40 | -------------------------------------------------------------------------------- /vertx-auth-otp/pom.xml: -------------------------------------------------------------------------------- 1 | 2 | 17 | 18 | 20 | 21 | vertx-auth-parent 22 | io.vertx 23 | 5.1.0-SNAPSHOT 24 | 25 | 4.0.0 26 | 27 | vertx-auth-otp 28 | 29 | 30 | false 31 | 32 | 33 | 34 | 35 | io.vertx 36 | vertx-auth-common 37 | 38 | 39 | io.vertx 40 | vertx-unit 41 | test 42 | 43 | 44 | 45 | -------------------------------------------------------------------------------- /vertx-auth-properties/src/main/java/io/vertx/ext/auth/properties/PropertyFileAuthentication.java: -------------------------------------------------------------------------------- 1 | /******************************************************************************** 2 | * Copyright (c) 2019 Stephane Bastian 3 | * 4 | * This program and the accompanying materials are made available under the 2 5 | * terms of the Eclipse Public License 2.0 which is available at 6 | * http://www.eclipse.org/legal/epl-2.0. 7 | * 8 | * SPDX-License-Identifier: EPL-2.0 3 9 | * 10 | * Contributors: 4 11 | * Stephane Bastian - initial API and implementation 12 | ********************************************************************************/ 13 | package io.vertx.ext.auth.properties; 14 | 15 | import io.vertx.codegen.annotations.VertxGen; 16 | import io.vertx.core.Vertx; 17 | import io.vertx.ext.auth.authentication.AuthenticationProvider; 18 | import io.vertx.ext.auth.properties.impl.PropertyFileAuthenticationImpl; 19 | 20 | /** 21 | * Factory interface for creating property file based {@link io.vertx.ext.auth.authentication.AuthenticationProvider} instances. 22 | * 23 | * @author Stephane Bastian 24 | */ 25 | @VertxGen 26 | public interface PropertyFileAuthentication extends AuthenticationProvider { 27 | 28 | /** 29 | * Create a File authentication provider 30 | * 31 | * @param vertx the Vert.x instance 32 | * @return the authentication provider 33 | */ 34 | static PropertyFileAuthentication create(Vertx vertx, String path) { 35 | return new PropertyFileAuthenticationImpl(vertx, path); 36 | } 37 | } 38 | -------------------------------------------------------------------------------- /vertx-auth-properties/src/main/java/io/vertx/ext/auth/properties/PropertyFileAuthorization.java: -------------------------------------------------------------------------------- 1 | /******************************************************************************** 2 | * Copyright (c) 2019 Stephane Bastian 3 | * 4 | * This program and the accompanying materials are made available under the 2 5 | * terms of the Eclipse Public License 2.0 which is available at 6 | * http://www.eclipse.org/legal/epl-2.0. 7 | * 8 | * SPDX-License-Identifier: EPL-2.0 3 9 | * 10 | * Contributors: 4 11 | * Stephane Bastian - initial API and implementation 12 | ********************************************************************************/ 13 | package io.vertx.ext.auth.properties; 14 | 15 | import io.vertx.codegen.annotations.VertxGen; 16 | import io.vertx.core.Vertx; 17 | import io.vertx.ext.auth.authorization.AuthorizationProvider; 18 | import io.vertx.ext.auth.properties.impl.PropertyFileAuthenticationImpl; 19 | 20 | /** 21 | * Factory interface for creating property file based {@link io.vertx.ext.auth.authentication.AuthenticationProvider} instances. 22 | * 23 | * @author Stephane Bastian 24 | */ 25 | @VertxGen 26 | public interface PropertyFileAuthorization extends AuthorizationProvider { 27 | 28 | /** 29 | * Create a File authentication provider 30 | * 31 | * @param vertx the Vert.x instance 32 | * @return the authentication provider 33 | */ 34 | static PropertyFileAuthorization create(Vertx vertx, String path) { 35 | return new PropertyFileAuthenticationImpl(vertx, path); 36 | } 37 | 38 | } 39 | -------------------------------------------------------------------------------- /vertx-auth-htdigest/pom.xml: -------------------------------------------------------------------------------- 1 | 2 | 17 | 18 | 20 | 21 | vertx-auth-parent 22 | io.vertx 23 | 5.1.0-SNAPSHOT 24 | 25 | 4.0.0 26 | 27 | vertx-auth-htdigest 28 | 29 | 30 | false 31 | 32 | 33 | 34 | 35 | io.vertx 36 | vertx-auth-common 37 | 38 | 39 | io.vertx 40 | vertx-unit 41 | test 42 | 43 | 44 | 45 | -------------------------------------------------------------------------------- /vertx-auth-jwt/pom.xml: -------------------------------------------------------------------------------- 1 | 2 | 17 | 18 | 21 | 22 | vertx-auth-parent 23 | io.vertx 24 | 5.1.0-SNAPSHOT 25 | 26 | 4.0.0 27 | 28 | vertx-auth-jwt 29 | 30 | 31 | false 32 | 33 | 34 | 35 | 36 | io.vertx 37 | vertx-auth-common 38 | 39 | 40 | io.vertx 41 | vertx-unit 42 | test 43 | 44 | 45 | 46 | -------------------------------------------------------------------------------- /vertx-auth-abac/pom.xml: -------------------------------------------------------------------------------- 1 | 2 | 17 | 18 | 21 | 22 | vertx-auth-parent 23 | io.vertx 24 | 5.1.0-SNAPSHOT 25 | 26 | 4.0.0 27 | 28 | vertx-auth-abac 29 | 30 | 31 | false 32 | 33 | 34 | 35 | 36 | io.vertx 37 | vertx-auth-common 38 | 39 | 40 | io.vertx 41 | vertx-unit 42 | test 43 | 44 | 45 | 46 | 47 | -------------------------------------------------------------------------------- /vertx-auth-jwt/src/test/java/io/vertx/tests/JWTConcurrentCreationTest.java: -------------------------------------------------------------------------------- 1 | /* 2 | * Copyright 2014 Red Hat, Inc. 3 | * 4 | * All rights reserved. This program and the accompanying materials 5 | * are made available under the terms of the Eclipse Public License v1.0 6 | * and Apache License v2.0 which accompanies this distribution. 7 | * 8 | * The Eclipse Public License is available at 9 | * http://www.eclipse.org/legal/epl-v10.html 10 | * 11 | * The Apache License v2.0 is available at 12 | * http://www.opensource.org/licenses/apache2.0.php 13 | * 14 | * You may elect to redistribute this code under either of these licenses. 15 | */ 16 | package io.vertx.tests; 17 | 18 | import io.vertx.core.DeploymentOptions; 19 | import io.vertx.core.VertxOptions; 20 | import io.vertx.ext.unit.Async; 21 | import io.vertx.ext.unit.TestContext; 22 | import io.vertx.ext.unit.junit.RunTestOnContext; 23 | import io.vertx.ext.unit.junit.VertxUnitRunner; 24 | import org.junit.Rule; 25 | import org.junit.Test; 26 | import org.junit.runner.RunWith; 27 | 28 | @RunWith(VertxUnitRunner.class) 29 | public class JWTConcurrentCreationTest { 30 | 31 | @Rule 32 | public final RunTestOnContext rule = new RunTestOnContext(new VertxOptions().setEventLoopPoolSize(16)); 33 | 34 | @Test 35 | public void testParallelCreation(TestContext should) { 36 | final Async test = should.async(); 37 | rule.vertx() 38 | .deployVerticle(DummyVerticle.class.getName(), new DeploymentOptions().setInstances(512)) 39 | .onFailure(should::fail) 40 | .onSuccess(id -> test.complete()); 41 | 42 | } 43 | } 44 | -------------------------------------------------------------------------------- /vertx-auth-common/src/main/java/io/vertx/ext/auth/impl/jose/algo/ThreadSafeSigningAlgorithm.java: -------------------------------------------------------------------------------- 1 | package io.vertx.ext.auth.impl.jose.algo; 2 | 3 | import java.security.GeneralSecurityException; 4 | 5 | public class ThreadSafeSigningAlgorithm extends SigningAlgorithm { 6 | 7 | private final SigningAlgorithm algorithm; 8 | 9 | public ThreadSafeSigningAlgorithm(SigningAlgorithm algorithm) { 10 | this.algorithm = algorithm; 11 | } 12 | 13 | @Override 14 | public SigningAlgorithm safe() { 15 | return this; 16 | } 17 | 18 | @Override 19 | public SigningAlgorithm unwrap() { 20 | return algorithm.unwrap(); 21 | } 22 | 23 | @Override 24 | public String name() { 25 | return algorithm.name(); 26 | } 27 | 28 | @Override 29 | public String id() { 30 | return algorithm.id(); 31 | } 32 | 33 | @Override 34 | public boolean canSign() { 35 | return algorithm.canSign(); 36 | } 37 | 38 | @Override 39 | public boolean canVerify() { 40 | return algorithm.canVerify(); 41 | } 42 | 43 | @Override 44 | public Signer signer() throws GeneralSecurityException { 45 | Signer signer = algorithm.signer(); 46 | return payload -> { 47 | synchronized (signer) { 48 | return signer.sign(payload); 49 | } 50 | }; 51 | } 52 | 53 | @Override 54 | public Verifier verifier() throws GeneralSecurityException { 55 | Verifier verifier = algorithm.verifier(); 56 | return (signature, payload) -> { 57 | synchronized (verifier) { 58 | return verifier.verify(signature, payload); 59 | } 60 | }; 61 | } 62 | } 63 | -------------------------------------------------------------------------------- /vertx-auth-properties/pom.xml: -------------------------------------------------------------------------------- 1 | 2 | 17 | 18 | 21 | 22 | vertx-auth-parent 23 | io.vertx 24 | 5.1.0-SNAPSHOT 25 | 26 | 27 | 4.0.0 28 | 29 | 30 | false 31 | 32 | 33 | vertx-auth-properties 34 | 35 | 36 | 37 | io.vertx 38 | vertx-auth-common 39 | 40 | 41 | io.vertx 42 | vertx-unit 43 | test 44 | 45 | 46 | 47 | -------------------------------------------------------------------------------- /vertx-auth-common/src/main/java/io/vertx/ext/auth/authorization/AuthorizationProvider.java: -------------------------------------------------------------------------------- 1 | /******************************************************************************** 2 | * Copyright (c) 2019 Stephane Bastian 3 | * 4 | * This program and the accompanying materials are made available under the 2 5 | * terms of the Eclipse Public License 2.0 which is available at 6 | * http://www.eclipse.org/legal/epl-2.0. 7 | * 8 | * SPDX-License-Identifier: EPL-2.0 3 9 | * 10 | * Contributors: 4 11 | * Stephane Bastian - initial API and implementation 12 | ********************************************************************************/ 13 | package io.vertx.ext.auth.authorization; 14 | 15 | import io.vertx.codegen.annotations.VertxGen; 16 | import io.vertx.core.Future; 17 | import io.vertx.ext.auth.User; 18 | 19 | import java.util.Collections; 20 | import java.util.HashSet; 21 | import java.util.Objects; 22 | import java.util.Set; 23 | 24 | /** 25 | * The role of an AuthorizationProvider is to return a set of Authorization. 26 | * Note that each AuthorizationProvider must provide its own unique Id 27 | * 28 | * @author stephane bastian 29 | */ 30 | @VertxGen(concrete = false) 31 | public interface AuthorizationProvider { 32 | 33 | /** 34 | * returns the id of the authorization provider 35 | * 36 | * @return 37 | */ 38 | String getId(); 39 | 40 | /** 41 | * Updates the user with the set of authorizations. 42 | * 43 | * @param user user to lookup and update. 44 | * @return Future void to signal end of asynchronous call. 45 | */ 46 | Future getAuthorizations(User user); 47 | } 48 | -------------------------------------------------------------------------------- /vertx-auth-common/src/test/java/io/vertx/tests/TestUtils.java: -------------------------------------------------------------------------------- 1 | /******************************************************************************** 2 | * Copyright (c) 2019 Stephane Bastian 3 | * 4 | * This program and the accompanying materials are made available under the 2 5 | * terms of the Eclipse Public License 2.0 which is available at 6 | * http://www.eclipse.org/legal/epl-2.0. 7 | * 8 | * SPDX-License-Identifier: EPL-2.0 3 9 | * 10 | * Contributors: 4 11 | * Stephane Bastian - initial API and implementation 12 | ********************************************************************************/ 13 | package io.vertx.tests; 14 | 15 | import io.vertx.core.json.JsonObject; 16 | import io.vertx.ext.auth.User; 17 | import io.vertx.ext.auth.authorization.AuthorizationContext; 18 | import org.junit.Assert; 19 | 20 | import java.util.function.Function; 21 | 22 | public class TestUtils { 23 | 24 | public static void testJsonCodec(T authorization, Function toJsonConverter, 25 | Function fromJsonConverter) { 26 | Assert.assertNotNull(authorization); 27 | JsonObject json = toJsonConverter.apply(authorization); 28 | T otherAuthorization = fromJsonConverter.apply(json); 29 | Assert.assertEquals(authorization, otherAuthorization); 30 | } 31 | 32 | public static AuthorizationContext getTestAuthorizationContext() { 33 | return getTestAuthorizationContext(User.fromName("dummy user")); 34 | } 35 | 36 | public static AuthorizationContext getTestAuthorizationContext(User user) { 37 | return null; 38 | } 39 | 40 | } 41 | -------------------------------------------------------------------------------- /vertx-auth-webauthn4j/src/main/java/io/vertx/ext/auth/webauthn4j/Attestation.java: -------------------------------------------------------------------------------- 1 | /* 2 | * Copyright 2019 Red Hat, Inc. 3 | * 4 | * All rights reserved. This program and the accompanying materials 5 | * are made available under the terms of the Eclipse Public License v1.0 6 | * and Apache License v2.0 which accompanies this distribution. 7 | * 8 | * The Eclipse Public License is available at 9 | * http://www.eclipse.org/legal/epl-v10.html 10 | * 11 | * The Apache License v2.0 is available at 12 | * http://www.opensource.org/licenses/apache2.0.php 13 | * 14 | * You may elect to redistribute this code under either of these licenses. 15 | */ 16 | package io.vertx.ext.auth.webauthn4j; 17 | 18 | import io.vertx.codegen.annotations.GenIgnore; 19 | import io.vertx.codegen.annotations.Nullable; 20 | import io.vertx.codegen.annotations.VertxGen; 21 | 22 | /** 23 | * AttestationConveyancePreference 24 | * https://www.w3.org/TR/webauthn/#attestation-convey 25 | */ 26 | @VertxGen 27 | public enum Attestation { 28 | NONE("none"), 29 | INDIRECT("indirect"), 30 | DIRECT("direct"), 31 | ENTERPRISE("enterprise"); 32 | 33 | private final String value; 34 | 35 | Attestation(String value) { 36 | this.value = value; 37 | } 38 | 39 | @Override 40 | public String toString() { 41 | return value; 42 | } 43 | 44 | @Nullable 45 | @GenIgnore(GenIgnore.PERMITTED_TYPE) 46 | public static Attestation of(String string) { 47 | for (Attestation el : values()) { 48 | if (el.toString().equals(string)) { 49 | return el; 50 | } 51 | } 52 | return null; 53 | } 54 | } 55 | -------------------------------------------------------------------------------- /vertx-auth-common/src/test/java/io/vertx/tests/NotAuthorizationTest.java: -------------------------------------------------------------------------------- 1 | /******************************************************************************** 2 | * Copyright (c) 2019 Stephane Bastian 3 | * 4 | * This program and the accompanying materials are made available under the 2 5 | * terms of the Eclipse Public License 2.0 which is available at 6 | * http://www.eclipse.org/legal/epl-2.0. 7 | * 8 | * SPDX-License-Identifier: EPL-2.0 3 9 | * 10 | * Contributors: 4 11 | * Stephane Bastian - initial API and implementation 12 | ********************************************************************************/ 13 | package io.vertx.tests; 14 | 15 | import io.vertx.ext.auth.authorization.NotAuthorization; 16 | import io.vertx.ext.auth.authorization.PermissionBasedAuthorization; 17 | import org.junit.Assert; 18 | import org.junit.Test; 19 | 20 | public class NotAuthorizationTest { 21 | 22 | @Test 23 | public void testImpliesOk1() { 24 | Assert.assertEquals(true, NotAuthorization.create(PermissionBasedAuthorization.create("p1")) 25 | .verify(NotAuthorization.create(PermissionBasedAuthorization.create("p1")))); 26 | } 27 | 28 | @Test 29 | public void testImpliesKo1() { 30 | Assert.assertEquals(false, NotAuthorization.create(PermissionBasedAuthorization.create("p1")) 31 | .verify(NotAuthorization.create(PermissionBasedAuthorization.create("p2")))); 32 | } 33 | 34 | @Test 35 | public void testImpliesKo2() { 36 | Assert.assertEquals(false, NotAuthorization.create(PermissionBasedAuthorization.create("p1")) 37 | .verify(PermissionBasedAuthorization.create("p2"))); 38 | } 39 | 40 | } 41 | -------------------------------------------------------------------------------- /vertx-auth-htdigest/src/test/java/io/vertx/tests/RegressionTest.java: -------------------------------------------------------------------------------- 1 | package io.vertx.tests; 2 | 3 | import io.vertx.ext.auth.User; 4 | import io.vertx.ext.auth.authentication.Credentials; 5 | import io.vertx.ext.auth.htdigest.HtdigestAuth; 6 | import io.vertx.ext.auth.htdigest.HtdigestCredentials; 7 | import io.vertx.ext.unit.Async; 8 | import io.vertx.ext.unit.TestContext; 9 | import io.vertx.ext.unit.junit.RunTestOnContext; 10 | import io.vertx.ext.unit.junit.VertxUnitRunner; 11 | import org.junit.Rule; 12 | import org.junit.Test; 13 | import org.junit.runner.RunWith; 14 | 15 | @RunWith(VertxUnitRunner.class) 16 | public class RegressionTest { 17 | 18 | @Rule 19 | public final RunTestOnContext rule = new RunTestOnContext(); 20 | 21 | @Test 22 | public void authTest(TestContext should) { 23 | final Async test = should.async(); 24 | HtdigestAuth authProvider = HtdigestAuth.create(rule.vertx(), "regression.htdigest"); 25 | Credentials authInfo = new HtdigestCredentials() 26 | .setUsername("usain") 27 | .setRealm("jcrealm@host.com") 28 | .setNonce("28ee8d494b645014eefcd66ac3ddcade") 29 | .setMethod("GET") 30 | .setUri("/private/private_page.html") 31 | .setResponse("373408962ca454892aba7c236af6d7a9"); 32 | authProvider.authenticate(authInfo) 33 | .onComplete(res -> { 34 | if (res.succeeded()) { 35 | User user = res.result(); 36 | should.assertEquals("jcrealm@host.com", user.principal().getString("realm")); 37 | test.complete(); 38 | } else { 39 | should.fail(res.cause()); 40 | } 41 | }); 42 | } 43 | 44 | } 45 | -------------------------------------------------------------------------------- /vertx-auth-webauthn4j/src/main/java/io/vertx/ext/auth/webauthn4j/UserVerification.java: -------------------------------------------------------------------------------- 1 | /* 2 | * Copyright 2019 Red Hat, Inc. 3 | * 4 | * All rights reserved. This program and the accompanying materials 5 | * are made available under the terms of the Eclipse Public License v1.0 6 | * and Apache License v2.0 which accompanies this distribution. 7 | * 8 | * The Eclipse Public License is available at 9 | * http://www.eclipse.org/legal/epl-v10.html 10 | * 11 | * The Apache License v2.0 is available at 12 | * http://www.opensource.org/licenses/apache2.0.php 13 | * 14 | * You may elect to redistribute this code under either of these licenses. 15 | */ 16 | package io.vertx.ext.auth.webauthn4j; 17 | 18 | import io.vertx.codegen.annotations.GenIgnore; 19 | import io.vertx.codegen.annotations.Nullable; 20 | import io.vertx.codegen.annotations.VertxGen; 21 | 22 | /** 23 | * UserVerificationRequirement 24 | * https://www.w3.org/TR/webauthn/#enumdef-userverificationrequirement 25 | */ 26 | @VertxGen 27 | public enum UserVerification { 28 | REQUIRED("required"), 29 | PREFERRED("preferred"), 30 | DISCOURAGED("discouraged"); 31 | 32 | private final String value; 33 | 34 | UserVerification(String value) { 35 | this.value = value; 36 | } 37 | 38 | @Override 39 | public String toString() { 40 | return value; 41 | } 42 | 43 | @Nullable 44 | @GenIgnore(GenIgnore.PERMITTED_TYPE) 45 | public static UserVerification of(String string) { 46 | for (UserVerification el : values()) { 47 | if (el.toString().equals(string)) { 48 | return el; 49 | } 50 | } 51 | return null; 52 | } 53 | } 54 | -------------------------------------------------------------------------------- /vertx-auth-webauthn4j/src/main/java/io/vertx/ext/auth/webauthn4j/AuthenticatorAttachment.java: -------------------------------------------------------------------------------- 1 | /* 2 | * Copyright 2019 Red Hat, Inc. 3 | * 4 | * All rights reserved. This program and the accompanying materials 5 | * are made available under the terms of the Eclipse Public License v1.0 6 | * and Apache License v2.0 which accompanies this distribution. 7 | * 8 | * The Eclipse Public License is available at 9 | * http://www.eclipse.org/legal/epl-v10.html 10 | * 11 | * The Apache License v2.0 is available at 12 | * http://www.opensource.org/licenses/apache2.0.php 13 | * 14 | * You may elect to redistribute this code under either of these licenses. 15 | */ 16 | package io.vertx.ext.auth.webauthn4j; 17 | 18 | import io.vertx.codegen.annotations.GenIgnore; 19 | import io.vertx.codegen.annotations.Nullable; 20 | import io.vertx.codegen.annotations.VertxGen; 21 | 22 | /** 23 | * AuthenticatorAttachment 24 | * https://www.w3.org/TR/webauthn/#enumdef-authenticatorattachment 25 | */ 26 | @VertxGen 27 | public enum AuthenticatorAttachment { 28 | PLATFORM("platform"), 29 | CROSS_PLATFORM("cross-platform"); 30 | 31 | private final String value; 32 | 33 | AuthenticatorAttachment(String value) { 34 | this.value = value; 35 | } 36 | 37 | @Override 38 | public String toString() { 39 | return value; 40 | } 41 | 42 | @Nullable 43 | @GenIgnore(GenIgnore.PERMITTED_TYPE) 44 | public static AuthenticatorAttachment of(String string) { 45 | for (AuthenticatorAttachment el : values()) { 46 | if (el.toString().equals(string)) { 47 | return el; 48 | } 49 | } 50 | return null; 51 | } 52 | } 53 | -------------------------------------------------------------------------------- /vertx-auth-common/src/main/generated/io/vertx/ext/auth/authentication/UsernamePasswordCredentialsConverter.java: -------------------------------------------------------------------------------- 1 | package io.vertx.ext.auth.authentication; 2 | 3 | import io.vertx.core.json.JsonObject; 4 | import io.vertx.core.json.JsonArray; 5 | 6 | /** 7 | * Converter and mapper for {@link io.vertx.ext.auth.authentication.UsernamePasswordCredentials}. 8 | * NOTE: This class has been automatically generated from the {@link io.vertx.ext.auth.authentication.UsernamePasswordCredentials} original class using Vert.x codegen. 9 | */ 10 | public class UsernamePasswordCredentialsConverter { 11 | 12 | static void fromJson(Iterable> json, UsernamePasswordCredentials obj) { 13 | for (java.util.Map.Entry member : json) { 14 | switch (member.getKey()) { 15 | case "password": 16 | if (member.getValue() instanceof String) { 17 | obj.setPassword((String)member.getValue()); 18 | } 19 | break; 20 | case "username": 21 | if (member.getValue() instanceof String) { 22 | obj.setUsername((String)member.getValue()); 23 | } 24 | break; 25 | } 26 | } 27 | } 28 | 29 | static void toJson(UsernamePasswordCredentials obj, JsonObject json) { 30 | toJson(obj, json.getMap()); 31 | } 32 | 33 | static void toJson(UsernamePasswordCredentials obj, java.util.Map json) { 34 | if (obj.getPassword() != null) { 35 | json.put("password", obj.getPassword()); 36 | } 37 | if (obj.getUsername() != null) { 38 | json.put("username", obj.getUsername()); 39 | } 40 | } 41 | } 42 | -------------------------------------------------------------------------------- /vertx-auth-oauth2/src/test/java/io/vertx/tests/KeycloakFromJsonTest.java: -------------------------------------------------------------------------------- 1 | package io.vertx.tests; 2 | 3 | import io.vertx.core.json.JsonObject; 4 | import io.vertx.ext.auth.oauth2.OAuth2Auth; 5 | import io.vertx.ext.auth.oauth2.OAuth2FlowType; 6 | import io.vertx.ext.auth.oauth2.providers.KeycloakAuth; 7 | import io.vertx.ext.unit.junit.RunTestOnContext; 8 | import io.vertx.ext.unit.junit.VertxUnitRunner; 9 | import org.junit.Rule; 10 | import org.junit.Test; 11 | import org.junit.runner.RunWith; 12 | 13 | @RunWith(VertxUnitRunner.class) 14 | public class KeycloakFromJsonTest { 15 | 16 | @Rule 17 | public final RunTestOnContext rule = new RunTestOnContext(); 18 | 19 | @Test 20 | public void testCreateFromJson() { 21 | JsonObject keycloakJson = new JsonObject() 22 | .put("realm", "master") 23 | .put("realm-public-key", "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqGQkaBkiZWpUjFOuaabgfXgjzZzfJd0wozrS1czX5qHNKG3P79P/UtZeR3wGN8r15jVYiH42GMINMs7R7iP5Mbm1iImge5p/7/dPmXirKOKOBhjA3hNTiV5BlPDTQyiuuTAUEms5dY4+moswXo5zM4q9DFu6B7979o+v3kX6ZB+k3kNhP08wH82I4eJKoenN/0iCT7ALoG3ysEJf18+HEysSnniLMJr8R1pYF2QRFlqaDv3Mqyp7ipxYkt4ebMCgE7aDzT6OrfpyPowObpdjSMTUXpcwIcH8mIZCWFmyfF675zEeE0e+dHKkL1rPeCI7rr7Bqc5+1DS5YM54fk8xQwIDAQAB") 24 | .put("auth-server-url", "http://localhost:9000/auth") 25 | .put("ssl-required", "external") 26 | .put("resource", "frontend") 27 | .put("credentials", new JsonObject() 28 | .put("secret", "2fbf5e18-b923-4a83-9657-b4ebd5317f60")); 29 | 30 | // Initialize the OAuth2 Library 31 | OAuth2Auth oauth2 = KeycloakAuth 32 | .create(rule.vertx(), OAuth2FlowType.PASSWORD, keycloakJson); 33 | } 34 | } 35 | -------------------------------------------------------------------------------- /vertx-auth-sql-client/src/main/generated/io/vertx/ext/auth/sqlclient/SqlAuthorizationOptionsConverter.java: -------------------------------------------------------------------------------- 1 | package io.vertx.ext.auth.sqlclient; 2 | 3 | import io.vertx.core.json.JsonObject; 4 | import io.vertx.core.json.JsonArray; 5 | 6 | /** 7 | * Converter and mapper for {@link io.vertx.ext.auth.sqlclient.SqlAuthorizationOptions}. 8 | * NOTE: This class has been automatically generated from the {@link io.vertx.ext.auth.sqlclient.SqlAuthorizationOptions} original class using Vert.x codegen. 9 | */ 10 | public class SqlAuthorizationOptionsConverter { 11 | 12 | static void fromJson(Iterable> json, SqlAuthorizationOptions obj) { 13 | for (java.util.Map.Entry member : json) { 14 | switch (member.getKey()) { 15 | case "rolesQuery": 16 | if (member.getValue() instanceof String) { 17 | obj.setRolesQuery((String)member.getValue()); 18 | } 19 | break; 20 | case "permissionsQuery": 21 | if (member.getValue() instanceof String) { 22 | obj.setPermissionsQuery((String)member.getValue()); 23 | } 24 | break; 25 | } 26 | } 27 | } 28 | 29 | static void toJson(SqlAuthorizationOptions obj, JsonObject json) { 30 | toJson(obj, json.getMap()); 31 | } 32 | 33 | static void toJson(SqlAuthorizationOptions obj, java.util.Map json) { 34 | if (obj.getRolesQuery() != null) { 35 | json.put("rolesQuery", obj.getRolesQuery()); 36 | } 37 | if (obj.getPermissionsQuery() != null) { 38 | json.put("permissionsQuery", obj.getPermissionsQuery()); 39 | } 40 | } 41 | } 42 | -------------------------------------------------------------------------------- /vertx-auth-htdigest/src/main/java/examples/AuthHtdigestExamples.java: -------------------------------------------------------------------------------- 1 | /* 2 | * Copyright 2014 Red Hat, Inc. 3 | * 4 | * All rights reserved. This program and the accompanying materials 5 | * are made available under the terms of the Eclipse Public License v1.0 6 | * and Apache License v2.0 which accompanies this distribution. 7 | * 8 | * The Eclipse Public License is available at 9 | * http://www.eclipse.org/legal/epl-v10.html 10 | * 11 | * The Apache License v2.0 is available at 12 | * http://www.opensource.org/licenses/apache2.0.php 13 | * 14 | * You may elect to redistribute this code under either of these licenses. 15 | */ 16 | 17 | package examples; 18 | 19 | import io.vertx.core.Vertx; 20 | import io.vertx.ext.auth.authentication.Credentials; 21 | import io.vertx.ext.auth.htdigest.HtdigestAuth; 22 | import io.vertx.ext.auth.htdigest.HtdigestCredentials; 23 | 24 | /** 25 | * @author Paulo Lopes 26 | */ 27 | public class AuthHtdigestExamples { 28 | 29 | public void example1(Vertx vertx) { 30 | HtdigestAuth authProvider = HtdigestAuth.create(vertx, ".htdigest"); 31 | } 32 | 33 | public void example2(HtdigestAuth authProvider) { 34 | Credentials authInfo = new HtdigestCredentials() 35 | .setUsername("Mufasa") 36 | .setRealm("testrealm@host.com") 37 | .setNonce("dcd98b7102dd2f0e8b11d0f600bfb0c093") 38 | .setMethod("GET") 39 | .setUri("/dir/index.html") 40 | .setResponse("6629fae49393a05397450978507c4ef1"); 41 | 42 | authProvider.authenticate(authInfo) 43 | .onSuccess(user -> System.out.println("User: " + user.principal())) 44 | .onFailure(err -> { 45 | // Failed! 46 | }); 47 | } 48 | } 49 | -------------------------------------------------------------------------------- /vertx-auth-otp/src/main/java/io/vertx/ext/auth/otp/OtpKeyGenerator.java: -------------------------------------------------------------------------------- 1 | /* 2 | * Copyright (c) 2021 Dmitry Novikov 3 | * 4 | * This program and the accompanying materials are made available under the 5 | * terms of the Eclipse Public License 2.0 which is available at 6 | * http://www.eclipse.org/legal/epl-2.0, or the Apache License, Version 2.0 7 | * which is available at https://www.apache.org/licenses/LICENSE-2.0. 8 | * 9 | * SPDX-License-Identifier: EPL-2.0 OR Apache-2.0 10 | */ 11 | 12 | package io.vertx.ext.auth.otp; 13 | 14 | import io.vertx.codegen.annotations.VertxGen; 15 | import io.vertx.ext.auth.otp.impl.OtpKeyGeneratorImpl; 16 | 17 | /** 18 | * Otp key generator. 19 | * 20 | * @author Dmitry Novikov 21 | */ 22 | @VertxGen 23 | public interface OtpKeyGenerator { 24 | 25 | /** 26 | * Generate key with default size; 27 | * 28 | * @return {@link OtpKey} 29 | */ 30 | OtpKey generate(); 31 | 32 | /** 33 | * Generate key 34 | * 35 | * @param keySize size of key 36 | * @return {@link OtpKey} 37 | */ 38 | OtpKey generate(int keySize); 39 | 40 | String getAlgorithm(); 41 | 42 | /** 43 | * Creates an instance of OtpKeyGenerator. 44 | * 45 | * @return the created instance of {@link OtpKeyGenerator}. 46 | */ 47 | static OtpKeyGenerator create() { 48 | return new OtpKeyGeneratorImpl(); 49 | } 50 | 51 | /** 52 | * Creates an instance of OtpKeyGenerator. 53 | * 54 | * @param algorithm used hash algorithm. 55 | * @return the created instance of {@link OtpKeyGenerator}. 56 | */ 57 | static OtpKeyGenerator create(String algorithm) { 58 | return new OtpKeyGeneratorImpl(algorithm); 59 | } 60 | } 61 | -------------------------------------------------------------------------------- /vertx-auth-webauthn4j/src/main/java/io/vertx/ext/auth/webauthn4j/AuthenticatorTransport.java: -------------------------------------------------------------------------------- 1 | /* 2 | * Copyright 2019 Red Hat, Inc. 3 | * 4 | * All rights reserved. This program and the accompanying materials 5 | * are made available under the terms of the Eclipse Public License v1.0 6 | * and Apache License v2.0 which accompanies this distribution. 7 | * 8 | * The Eclipse Public License is available at 9 | * http://www.eclipse.org/legal/epl-v10.html 10 | * 11 | * The Apache License v2.0 is available at 12 | * http://www.opensource.org/licenses/apache2.0.php 13 | * 14 | * You may elect to redistribute this code under either of these licenses. 15 | */ 16 | package io.vertx.ext.auth.webauthn4j; 17 | 18 | import io.vertx.codegen.annotations.GenIgnore; 19 | import io.vertx.codegen.annotations.Nullable; 20 | import io.vertx.codegen.annotations.VertxGen; 21 | 22 | /** 23 | * AuthenticatorTransport 24 | * https://www.w3.org/TR/webauthn/#enumdef-authenticatortransport 25 | */ 26 | @VertxGen 27 | public enum AuthenticatorTransport { 28 | USB("usb"), 29 | NFC("nfc"), 30 | BLE("ble"), 31 | HYBRID("hybrid"), 32 | INTERNAL("internal"); 33 | 34 | 35 | private final String value; 36 | 37 | AuthenticatorTransport(String value) { 38 | this.value = value; 39 | } 40 | 41 | @Override 42 | public String toString() { 43 | return value; 44 | } 45 | 46 | @Nullable 47 | @GenIgnore(GenIgnore.PERMITTED_TYPE) 48 | public static AuthenticatorTransport of(String string) { 49 | for (AuthenticatorTransport el : values()) { 50 | if (el.toString().equals(string)) { 51 | return el; 52 | } 53 | } 54 | return null; 55 | } 56 | } 57 | -------------------------------------------------------------------------------- /vertx-auth-webauthn4j/src/main/java/io/vertx/ext/auth/webauthn4j/ResidentKey.java: -------------------------------------------------------------------------------- 1 | /* 2 | * Copyright 2019 Red Hat, Inc. 3 | * 4 | * All rights reserved. This program and the accompanying materials 5 | * are made available under the terms of the Eclipse Public License v1.0 6 | * and Apache License v2.0 which accompanies this distribution. 7 | * 8 | * The Eclipse Public License is available at 9 | * http://www.eclipse.org/legal/epl-v10.html 10 | * 11 | * The Apache License v2.0 is available at 12 | * http://www.opensource.org/licenses/apache2.0.php 13 | * 14 | * You may elect to redistribute this code under either of these licenses. 15 | */ 16 | package io.vertx.ext.auth.webauthn4j; 17 | 18 | import io.vertx.codegen.annotations.GenIgnore; 19 | import io.vertx.codegen.annotations.Nullable; 20 | import io.vertx.codegen.annotations.VertxGen; 21 | 22 | /** 23 | * ResidentKey 24 | * https://www.w3.org/TR/webauthn-2/#dictdef-authenticatorselectioncriteria 25 | * 26 | * This enum is used to specify the desired behaviour for resident keys with the authenticator. 27 | */ 28 | @VertxGen 29 | public enum ResidentKey { 30 | DISCOURAGED("discouraged"), 31 | PREFERRED("preferred"), 32 | REQUIRED("required"); 33 | 34 | private final String value; 35 | 36 | ResidentKey(String value) { 37 | this.value = value; 38 | } 39 | 40 | @Override 41 | public String toString() { 42 | return value; 43 | } 44 | 45 | @Nullable 46 | @GenIgnore(GenIgnore.PERMITTED_TYPE) 47 | public static ResidentKey of(String string) { 48 | for (ResidentKey el : values()) { 49 | if (el.toString().equals(string)) { 50 | return el; 51 | } 52 | } 53 | return null; 54 | } 55 | } 56 | -------------------------------------------------------------------------------- /vertx-auth-oauth2/src/main/java/io/vertx/ext/auth/oauth2/authorization/KeycloakAuthorization.java: -------------------------------------------------------------------------------- 1 | /* 2 | * Copyright 2015 Red Hat, Inc. 3 | * 4 | * All rights reserved. This program and the accompanying materials 5 | * are made available under the terms of the Eclipse Public License v1.0 6 | * and Apache License v2.0 which accompanies this distribution. 7 | * 8 | * The Eclipse Public License is available at 9 | * http://www.eclipse.org/legal/epl-v10.html 10 | * 11 | * The Apache License v2.0 is available at 12 | * http://www.opensource.org/licenses/apache2.0.php 13 | * 14 | * You may elect to redistribute this code under either of these licenses. 15 | */ 16 | package io.vertx.ext.auth.oauth2.authorization; 17 | 18 | import io.vertx.codegen.annotations.VertxGen; 19 | import io.vertx.ext.auth.User; 20 | import io.vertx.ext.auth.authorization.AuthorizationProvider; 21 | import io.vertx.ext.auth.oauth2.authorization.impl.KeycloakAuthorizationImpl; 22 | 23 | /** 24 | * Implementation of the Keycloak Authorization Provider. 25 | * 26 | * @author Paulo Lopes. 27 | */ 28 | @VertxGen 29 | public interface KeycloakAuthorization extends AuthorizationProvider { 30 | 31 | /** 32 | * Factory method to create an Authorization Provider for tokens adhering to the Keycloak token format. 33 | * When the user is known to not be a JWT, (e.g.: a OAuth2 response token) then the root claim 34 | * is expected to be the extracted from the user {@link User#attributes()} under the key: {@code accessToken}. 35 | * 36 | * @return a AuthorizationProvider 37 | */ 38 | static KeycloakAuthorization create() { 39 | return new KeycloakAuthorizationImpl(); 40 | } 41 | } 42 | -------------------------------------------------------------------------------- /vertx-auth-common/src/test/java/io/vertx/tests/signer/keys.txt: -------------------------------------------------------------------------------- 1 | keytool -genseckey -keystore keystore.p12 -storetype pkcs12 -storepass secret -keyalg HmacSHA256 -keysize 2048 -alias HmacSHA256 -keypass secret 2 | keytool -genseckey -keystore keystore.p12 -storetype pkcs12 -storepass secret -keyalg HmacSHA384 -keysize 2048 -alias HmacSHA384 -keypass secret 3 | keytool -genseckey -keystore keystore.p12 -storetype pkcs12 -storepass secret -keyalg HmacSHA512 -keysize 2048 -alias HmacSHA512 -keypass secret 4 | keytool -genkey -keystore keystore.p12 -storetype pkcs12 -storepass secret -keyalg RSA -keysize 2048 -alias SHA256withRSA -keypass secret -sigalg SHA256withRSA -dname "CN=,OU=,O=,L=,ST=,C=" -validity 360 5 | keytool -genkey -keystore keystore.p12 -storetype pkcs12 -storepass secret -keyalg RSA -keysize 2048 -alias SHA384withRSA -keypass secret -sigalg SHA384withRSA -dname "CN=,OU=,O=,L=,ST=,C=" -validity 360 6 | keytool -genkey -keystore keystore.p12 -storetype pkcs12 -storepass secret -keyalg RSA -keysize 2048 -alias SHA512withRSA -keypass secret -sigalg SHA512withRSA -dname "CN=,OU=,O=,L=,ST=,C=" -validity 360 7 | keytool -genkeypair -keystore keystore.p12 -storetype pkcs12 -storepass secret -keyalg EC -keysize 256 -alias SHA256withECDSA -keypass secret -sigalg SHA256withECDSA -dname "CN=,OU=,O=,L=,ST=,C=" -validity 360 8 | keytool -genkeypair -keystore keystore.p12 -storetype pkcs12 -storepass secret -keyalg EC -keysize 384 -alias SHA384withECDSA -keypass secret -sigalg SHA384withECDSA -dname "CN=,OU=,O=,L=,ST=,C=" -validity 360 9 | keytool -genkeypair -keystore keystore.p12 -storetype pkcs12 -storepass secret -keyalg EC -keysize 521 -alias SHA512withECDSA -keypass secret -sigalg SHA512withECDSA -dname "CN=,OU=,O=,L=,ST=,C=" -validity 360 10 | -------------------------------------------------------------------------------- /vertx-auth-jwt/src/main/java/io/vertx/ext/auth/jwt/authorization/MicroProfileAuthorization.java: -------------------------------------------------------------------------------- 1 | /* 2 | * Copyright 2015 Red Hat, Inc. 3 | * 4 | * All rights reserved. This program and the accompanying materials 5 | * are made available under the terms of the Eclipse Public License v1.0 6 | * and Apache License v2.0 which accompanies this distribution. 7 | * 8 | * The Eclipse Public License is available at 9 | * http://www.eclipse.org/legal/epl-v10.html 10 | * 11 | * The Apache License v2.0 is available at 12 | * http://www.opensource.org/licenses/apache2.0.php 13 | * 14 | * You may elect to redistribute this code under either of these licenses. 15 | */ 16 | package io.vertx.ext.auth.jwt.authorization; 17 | 18 | import io.vertx.codegen.annotations.VertxGen; 19 | import io.vertx.ext.auth.User; 20 | import io.vertx.ext.auth.authorization.AuthorizationProvider; 21 | import io.vertx.ext.auth.jwt.authorization.impl.MicroProfileAuthorizationImpl; 22 | 23 | /** 24 | * Implementation of the Microprofile MP-JWT 1.1 RBAC based on the access token groups key. 25 | * 26 | * @author Paulo Lopes. 27 | */ 28 | @VertxGen 29 | public interface MicroProfileAuthorization extends AuthorizationProvider { 30 | 31 | /** 32 | * Factory method to create a Authorization provider for tokens adhering to the MP-JWT 1.1 spec. 33 | * When the user is known to not be a JWT, (e.g.: a OAuth2 response token) then the root claim 34 | * is expected to be extracted from {@link User#attributes()} under the key {@code accessToken}. 35 | * 36 | * @return a AuthorizationProvider 37 | */ 38 | static MicroProfileAuthorization create() { 39 | return new MicroProfileAuthorizationImpl(); 40 | } 41 | } 42 | -------------------------------------------------------------------------------- /vertx-auth-common/src/main/java/io/vertx/ext/auth/authorization/RoleBasedAuthorization.java: -------------------------------------------------------------------------------- 1 | /******************************************************************************** 2 | * Copyright (c) 2019 Stephane Bastian 3 | * 4 | * This program and the accompanying materials are made available under the 2 5 | * terms of the Eclipse Public License 2.0 which is available at 6 | * http://www.eclipse.org/legal/epl-2.0. 7 | * 8 | * SPDX-License-Identifier: EPL-2.0 3 9 | * 10 | * Contributors: 4 11 | * Stephane Bastian - initial API and implementation 12 | ********************************************************************************/ 13 | package io.vertx.ext.auth.authorization; 14 | 15 | import io.vertx.codegen.annotations.Fluent; 16 | import io.vertx.codegen.annotations.VertxGen; 17 | import io.vertx.ext.auth.authorization.impl.RoleBasedAuthorizationImpl; 18 | 19 | /** 20 | * Represents a role. Note that this role can optionally be assigned to a 21 | * specific resource 22 | * 23 | * @author Stephane Bastian 24 | */ 25 | @VertxGen 26 | public interface RoleBasedAuthorization extends Authorization { 27 | 28 | static RoleBasedAuthorization create(String role) { 29 | return new RoleBasedAuthorizationImpl(role); 30 | } 31 | 32 | /** 33 | * returns the role 34 | * 35 | * @return 36 | */ 37 | String getRole(); 38 | 39 | /** 40 | * returns an optional resource that the role is assigned-on 41 | * 42 | * @return 43 | */ 44 | String getResource(); 45 | 46 | /** 47 | * sets an optional resource that the role is assigned-on 48 | * 49 | * @return 50 | */ 51 | @Fluent 52 | RoleBasedAuthorization setResource(String resource); 53 | 54 | } 55 | -------------------------------------------------------------------------------- /vertx-auth-ldap/pom.xml: -------------------------------------------------------------------------------- 1 | 2 | 8 | 9 | 12 | 13 | vertx-auth-parent 14 | io.vertx 15 | 5.1.0-SNAPSHOT 16 | 17 | 18 | 4.0.0 19 | 20 | 21 | false 22 | 23 | 24 | vertx-auth-ldap 25 | 26 | 27 | 28 | io.vertx 29 | vertx-auth-common 30 | 31 | 32 | io.vertx 33 | vertx-unit 34 | test 35 | 36 | 37 | org.apache.directory.server 38 | apacheds-test-framework 39 | 2.0.0.AM25 40 | test 41 | 42 | 43 | 44 | -------------------------------------------------------------------------------- /vertx-auth-otp/src/main/generated/io/vertx/ext/auth/otp/totp/TotpAuthOptionsConverter.java: -------------------------------------------------------------------------------- 1 | package io.vertx.ext.auth.otp.totp; 2 | 3 | import io.vertx.core.json.JsonObject; 4 | import io.vertx.core.json.JsonArray; 5 | 6 | /** 7 | * Converter and mapper for {@link io.vertx.ext.auth.otp.totp.TotpAuthOptions}. 8 | * NOTE: This class has been automatically generated from the {@link io.vertx.ext.auth.otp.totp.TotpAuthOptions} original class using Vert.x codegen. 9 | */ 10 | public class TotpAuthOptionsConverter { 11 | 12 | static void fromJson(Iterable> json, TotpAuthOptions obj) { 13 | for (java.util.Map.Entry member : json) { 14 | switch (member.getKey()) { 15 | case "passwordLength": 16 | if (member.getValue() instanceof Number) { 17 | obj.setPasswordLength(((Number)member.getValue()).intValue()); 18 | } 19 | break; 20 | case "authAttemptsLimit": 21 | if (member.getValue() instanceof Number) { 22 | obj.setAuthAttemptsLimit(((Number)member.getValue()).intValue()); 23 | } 24 | break; 25 | case "period": 26 | if (member.getValue() instanceof Number) { 27 | obj.setPeriod(((Number)member.getValue()).longValue()); 28 | } 29 | break; 30 | } 31 | } 32 | } 33 | 34 | static void toJson(TotpAuthOptions obj, JsonObject json) { 35 | toJson(obj, json.getMap()); 36 | } 37 | 38 | static void toJson(TotpAuthOptions obj, java.util.Map json) { 39 | json.put("passwordLength", obj.getPasswordLength()); 40 | json.put("authAttemptsLimit", obj.getAuthAttemptsLimit()); 41 | json.put("period", obj.getPeriod()); 42 | } 43 | } 44 | -------------------------------------------------------------------------------- /vertx-auth-htpasswd/pom.xml: -------------------------------------------------------------------------------- 1 | 2 | 17 | 18 | 21 | 22 | vertx-auth-parent 23 | io.vertx 24 | 5.1.0-SNAPSHOT 25 | 26 | 4.0.0 27 | 28 | vertx-auth-htpasswd 29 | 30 | 31 | false 32 | 33 | 34 | 35 | 36 | io.vertx 37 | vertx-auth-common 38 | 39 | 40 | commons-codec 41 | commons-codec 42 | 1.15 43 | 44 | 45 | io.vertx 46 | vertx-unit 47 | test 48 | 49 | 50 | 51 | -------------------------------------------------------------------------------- /vertx-auth-common/src/test/java/io/vertx/tests/signer/SigningAlgoTest.java: -------------------------------------------------------------------------------- 1 | package io.vertx.tests.signer; 2 | 3 | import io.vertx.ext.auth.impl.jose.algo.SigningAlgorithm; 4 | import org.junit.Test; 5 | 6 | import java.io.InputStream; 7 | import java.nio.charset.StandardCharsets; 8 | import java.security.KeyStore; 9 | 10 | import static org.junit.Assert.*; 11 | 12 | public class SigningAlgoTest { 13 | 14 | @Test 15 | public void testHS256() throws Exception { 16 | testAlgo("HmacSHA256", "HmacSHA256"); 17 | testAlgo("HmacSHA384", "HmacSHA384"); 18 | testAlgo("HmacSHA512", "HmacSHA512"); 19 | } 20 | 21 | @Test 22 | public void testRSA() throws Exception { 23 | testAlgo("SHA256withRSA", "SHA256withRSA"); 24 | testAlgo("SHA384withRSA", "SHA384withRSA"); 25 | testAlgo("SHA512withRSA", "SHA512withRSA"); 26 | } 27 | 28 | @Test 29 | public void testECDSA() throws Exception { 30 | testAlgo("SHA256withECDSA", "SHA256withECDSA"); 31 | testAlgo("SHA384withECDSA", "SHA384withECDSA"); 32 | testAlgo("SHA512withECDSA", "SHA512withECDSA"); 33 | } 34 | 35 | private void testAlgo(String alias, String expectedName) throws Exception { 36 | InputStream keys = SigningAlgoTest.class.getClassLoader().getResourceAsStream("keystore.pkcs12"); 37 | assertNotNull(keys); 38 | KeyStore store = KeyStore.getInstance("pkcs12"); 39 | store.load(keys, "secret".toCharArray()); 40 | KeyStore.Entry entry = store.getEntry(alias, new KeyStore.PasswordProtection("secret".toCharArray())); 41 | SigningAlgorithm algo = SigningAlgorithm.create(entry); 42 | assertEquals(expectedName, algo.name()); 43 | byte[] signature = algo.signer().sign("foo".getBytes(StandardCharsets.UTF_8)); 44 | assertTrue(algo.verifier().verify(signature, "foo".getBytes())); 45 | } 46 | } 47 | -------------------------------------------------------------------------------- /vertx-auth-common/src/main/generated/io/vertx/ext/auth/PubSecKeyOptionsConverter.java: -------------------------------------------------------------------------------- 1 | package io.vertx.ext.auth; 2 | 3 | import io.vertx.core.json.JsonObject; 4 | import io.vertx.core.json.JsonArray; 5 | 6 | /** 7 | * Converter and mapper for {@link io.vertx.ext.auth.PubSecKeyOptions}. 8 | * NOTE: This class has been automatically generated from the {@link io.vertx.ext.auth.PubSecKeyOptions} original class using Vert.x codegen. 9 | */ 10 | public class PubSecKeyOptionsConverter { 11 | 12 | static void fromJson(Iterable> json, PubSecKeyOptions obj) { 13 | for (java.util.Map.Entry member : json) { 14 | switch (member.getKey()) { 15 | case "algorithm": 16 | if (member.getValue() instanceof String) { 17 | obj.setAlgorithm((String)member.getValue()); 18 | } 19 | break; 20 | case "buffer": 21 | if (member.getValue() instanceof String) { 22 | obj.setBuffer(io.vertx.core.buffer.Buffer.fromJson((String)member.getValue())); 23 | } 24 | break; 25 | case "id": 26 | if (member.getValue() instanceof String) { 27 | obj.setId((String)member.getValue()); 28 | } 29 | break; 30 | } 31 | } 32 | } 33 | 34 | static void toJson(PubSecKeyOptions obj, JsonObject json) { 35 | toJson(obj, json.getMap()); 36 | } 37 | 38 | static void toJson(PubSecKeyOptions obj, java.util.Map json) { 39 | if (obj.getAlgorithm() != null) { 40 | json.put("algorithm", obj.getAlgorithm()); 41 | } 42 | if (obj.getBuffer() != null) { 43 | json.put("buffer", obj.getBuffer().toJson()); 44 | } 45 | if (obj.getId() != null) { 46 | json.put("id", obj.getId()); 47 | } 48 | } 49 | } 50 | -------------------------------------------------------------------------------- /vertx-auth-common/src/test/java/io/vertx/tests/VertxContextPRNGTest.java: -------------------------------------------------------------------------------- 1 | package io.vertx.tests; 2 | 3 | import io.vertx.core.Context; 4 | import io.vertx.core.Vertx; 5 | import io.vertx.ext.auth.prng.VertxContextPRNG; 6 | import io.vertx.ext.unit.junit.RunTestOnContext; 7 | import io.vertx.ext.unit.junit.VertxUnitRunner; 8 | import org.junit.Rule; 9 | import org.junit.Test; 10 | import org.junit.runner.RunWith; 11 | 12 | import java.lang.reflect.Proxy; 13 | 14 | import static org.junit.Assert.assertNotNull; 15 | 16 | @RunWith(VertxUnitRunner.class) 17 | public class VertxContextPRNGTest { 18 | 19 | @Rule 20 | public final RunTestOnContext rule = new RunTestOnContext(); 21 | 22 | @Test 23 | public void testPRNGQuarkusContextAccessNotAllowed() { 24 | 25 | final Vertx vertx = rule.vertx(); 26 | 27 | Context context = (Context) Proxy.newProxyInstance( 28 | VertxContextPRNGTest.class.getClassLoader(), 29 | new Class[]{Context.class}, 30 | (proxy, method, methodArgs) -> { 31 | switch (method.getName()) { 32 | case "get": 33 | case "put": 34 | case "remove": 35 | // mimic Quarkus behavior 36 | throw new UnsupportedOperationException("Access to Context.put(), Context.get() and Context.remove() are forbidden as it can leak data between unrelated processing. Use Context.putLocal(), Context.getLocal() and Context.removeLocal() instead. Note that these methods can only be used from a 'duplicated' Context, and so may not be available everywhere."); 37 | case "owner": 38 | return vertx; 39 | case "equals": 40 | return false; 41 | default: 42 | return null; 43 | } 44 | }); 45 | 46 | assertNotNull(VertxContextPRNG.current(context)); 47 | } 48 | 49 | } 50 | -------------------------------------------------------------------------------- /vertx-auth-common/src/test/java/io/vertx/tests/impl/jose/CryptoTest.java: -------------------------------------------------------------------------------- 1 | package io.vertx.tests.impl.jose; 2 | 3 | import io.vertx.ext.auth.PubSecKeyOptions; 4 | import io.vertx.ext.auth.impl.jose.JWK; 5 | import io.vertx.ext.auth.impl.jose.JWT; 6 | import org.junit.Test; 7 | 8 | import static junit.framework.TestCase.assertFalse; 9 | import static org.junit.Assert.assertNotNull; 10 | 11 | /** 12 | * @author david 13 | */ 14 | public class CryptoTest { 15 | 16 | @Test 17 | public void ecdsaSignatureComplianceTest() throws Exception { 18 | 19 | JWT jwt = new JWT() 20 | .addJWK(new JWK( 21 | new PubSecKeyOptions() 22 | .setAlgorithm("ES512") 23 | .setBuffer("-----BEGIN PUBLIC KEY-----\nMIGbMBAGByqGSM49AgEGBSuBBAAjA4GGAAQASisgweVL1tAtIvfmpoqvdXF8sPKTV9YTKNxBwkdkm+/auh4pR8TbaIfsEzcsGUVv61DFNFXb0ozJfurQ59G2XcgAn3vROlSSnpbIvuhKrzL5jwWDTaYa5tVF1Zjwia/5HUhKBkcPuWGXg05nMjWhZfCuEetzMLoGcHmtvabugFrqsAg=\n-----END PUBLIC KEY-----\n"))); 24 | 25 | assertFalse(jwt.isUnsecure()); 26 | //Test verification for token created using https://github.com/auth0/node-jsonwebtoken/tree/v7.0.1 27 | assertNotNull(jwt.decode("eyJhbGciOiJFUzUxMiIsInR5cCI6IkpXVCJ9.eyJ0ZXN0IjoidGVzdCIsImlhdCI6MTQ2NzA2NTgyN30.Aab4x7HNRzetjgZ88AMGdYV2Ml7kzFbl8Ql2zXvBores7iRqm2nK6810ANpVo5okhHa82MQf2Q_Zn4tFyLDR9z4GAcKFdcAtopxq1h8X58qBWgNOc0Bn40SsgUc8wOX4rFohUCzEtnUREePsvc9EfXjjAH78WD2nq4tn-N94vf14SncQ")); 28 | //Test verification for token created using https://github.com/jwt/ruby-jwt/tree/v1.5.4 29 | assertNotNull(jwt.decode("eyJ0eXAiOiJKV1QiLCJhbGciOiJFUzUxMiJ9.eyJ0ZXN0IjoidGVzdCJ9.AV26tERbSEwcoDGshneZmhokg-tAKUk0uQBoHBohveEd51D5f6EIs6cskkgwtfzs4qAGfx2rYxqQXr7LTXCNquKiAJNkTIKVddbPfped3_TQtmHZTmMNiqmWjiFj7Y9eTPMMRRu26w4gD1a8EQcBF-7UGgeH4L_1CwHJWAXGbtu7uMUn")); 30 | } 31 | } 32 | -------------------------------------------------------------------------------- /vertx-auth-common/src/main/java/io/vertx/ext/auth/authorization/impl/NotAuthorizationConverter.java: -------------------------------------------------------------------------------- 1 | /******************************************************************************** 2 | * Copyright (c) 2019 Stephane Bastian 3 | * 4 | * This program and the accompanying materials are made available under the 2 5 | * terms of the Eclipse Public License 2.0 which is available at 6 | * http://www.eclipse.org/legal/epl-2.0. 7 | * 8 | * SPDX-License-Identifier: EPL-2.0 3 9 | * 10 | * Contributors: 4 11 | * Stephane Bastian - initial API and implementation 12 | ********************************************************************************/ 13 | package io.vertx.ext.auth.authorization.impl; 14 | 15 | import io.vertx.codegen.annotations.Nullable; 16 | import io.vertx.core.json.JsonObject; 17 | import io.vertx.ext.auth.authorization.NotAuthorization; 18 | 19 | import java.util.Objects; 20 | 21 | import static io.vertx.ext.auth.authorization.impl.AuthorizationConverter.FIELD_AUTHORIZATIONS; 22 | import static io.vertx.ext.auth.authorization.impl.AuthorizationConverter.FIELD_TYPE; 23 | 24 | public class NotAuthorizationConverter { 25 | 26 | public final static String TYPE = "not"; 27 | 28 | public static JsonObject encode(NotAuthorization value) throws IllegalArgumentException { 29 | Objects.requireNonNull(value); 30 | 31 | JsonObject result = new JsonObject(); 32 | result.put(FIELD_TYPE, TYPE); 33 | result.put(FIELD_AUTHORIZATIONS, AuthorizationConverter.encode(value.getAuthorization())); 34 | return result; 35 | } 36 | 37 | public static @Nullable NotAuthorization decode(JsonObject json) throws IllegalArgumentException { 38 | Objects.requireNonNull(json); 39 | 40 | return NotAuthorization.create(AuthorizationConverter.decode(json.getJsonObject(FIELD_AUTHORIZATIONS))); 41 | } 42 | 43 | } 44 | -------------------------------------------------------------------------------- /vertx-auth-common/src/main/java/io/vertx/ext/auth/authorization/PermissionBasedAuthorization.java: -------------------------------------------------------------------------------- 1 | /******************************************************************************** 2 | * Copyright (c) 2019 Stephane Bastian 3 | * 4 | * This program and the accompanying materials are made available under the 2 5 | * terms of the Eclipse Public License 2.0 which is available at 6 | * http://www.eclipse.org/legal/epl-2.0. 7 | * 8 | * SPDX-License-Identifier: EPL-2.0 3 9 | * 10 | * Contributors: 4 11 | * Stephane Bastian - initial API and implementation 12 | ********************************************************************************/ 13 | package io.vertx.ext.auth.authorization; 14 | 15 | import io.vertx.codegen.annotations.Fluent; 16 | import io.vertx.codegen.annotations.VertxGen; 17 | import io.vertx.ext.auth.authorization.impl.PermissionBasedAuthorizationImpl; 18 | 19 | /** 20 | * Represents a permission Note that the permission can optionally be assigned 21 | * to a specific resource 22 | * 23 | * @author Stephane Bastian 24 | */ 25 | @VertxGen 26 | public interface PermissionBasedAuthorization extends Authorization { 27 | 28 | static PermissionBasedAuthorization create(String permission) { 29 | return new PermissionBasedAuthorizationImpl(permission); 30 | } 31 | 32 | /** 33 | * returns the value of the permission 34 | * 35 | * @return 36 | */ 37 | String getPermission(); 38 | 39 | /** 40 | * returns an optional resource that the permission is assigned-on 41 | * 42 | * @return 43 | */ 44 | String getResource(); 45 | 46 | /** 47 | * sets an optional resource that the permission is assigned-on 48 | * 49 | * @return 50 | */ 51 | @Fluent 52 | PermissionBasedAuthorization setResource(String resource); 53 | 54 | } 55 | -------------------------------------------------------------------------------- /vertx-auth-common/src/main/java/io/vertx/ext/auth/audit/impl/SecurityAuditNOOP.java: -------------------------------------------------------------------------------- 1 | package io.vertx.ext.auth.audit.impl; 2 | 3 | import io.vertx.core.AsyncResult; 4 | import io.vertx.core.Handler; 5 | import io.vertx.core.http.HttpMethod; 6 | import io.vertx.core.http.HttpVersion; 7 | import io.vertx.core.net.SocketAddress; 8 | import io.vertx.ext.auth.User; 9 | import io.vertx.ext.auth.audit.Marker; 10 | import io.vertx.ext.auth.audit.SecurityAudit; 11 | import io.vertx.ext.auth.authentication.Credentials; 12 | import io.vertx.ext.auth.authorization.Authorization; 13 | 14 | public final class SecurityAuditNOOP implements SecurityAudit { 15 | 16 | private static final Handler NOOP = event -> {}; 17 | 18 | @Override 19 | public SecurityAudit source(SocketAddress address) { 20 | return this; 21 | } 22 | 23 | @Override 24 | public SecurityAudit destination(SocketAddress address) { 25 | return this; 26 | } 27 | 28 | @Override 29 | public SecurityAudit resource(HttpVersion version, HttpMethod method, String path) { 30 | return this; 31 | } 32 | 33 | @Override 34 | public SecurityAudit resource(String resource) { 35 | return this; 36 | } 37 | 38 | @Override 39 | public SecurityAudit credentials(Credentials credentials) { 40 | return this; 41 | } 42 | 43 | @Override 44 | public SecurityAudit user(User user) { 45 | return this; 46 | } 47 | 48 | @Override 49 | public SecurityAudit authorization(Authorization authorization) { 50 | return this; 51 | } 52 | 53 | @Override 54 | public SecurityAudit status(int status) { 55 | return this; 56 | } 57 | 58 | @Override 59 | public void audit(Marker marker, boolean success) { 60 | 61 | } 62 | 63 | @Override 64 | public Handler> auditHandlerFor(Marker marker) { 65 | return (Handler) NOOP; 66 | } 67 | } 68 | -------------------------------------------------------------------------------- /vertx-auth-common/src/main/java/io/vertx/ext/auth/impl/hash/AbstractMDHash.java: -------------------------------------------------------------------------------- 1 | /* 2 | * Copyright (c) 2011-2019 The original author or authors 3 | * 4 | * All rights reserved. This program and the accompanying materials 5 | * are made available under the terms of the Eclipse Public License v1.0 6 | * and Apache License v2.0 which accompanies this distribution. 7 | * 8 | * The Eclipse Public License is available at 9 | * http://www.eclipse.org/legal/epl-v10.html 10 | * 11 | * The Apache License v2.0 is available at 12 | * http://www.opensource.org/licenses/apache2.0.php 13 | * 14 | * You may elect to redistribute this code under either of these licenses. 15 | */ 16 | 17 | package io.vertx.ext.auth.impl.hash; 18 | 19 | import io.vertx.ext.auth.hashing.HashString; 20 | import io.vertx.ext.auth.hashing.HashingAlgorithm; 21 | 22 | import java.nio.charset.StandardCharsets; 23 | import java.security.MessageDigest; 24 | import java.security.NoSuchAlgorithmException; 25 | 26 | import static io.vertx.ext.auth.impl.Codec.base64EncodeWithoutPadding; 27 | 28 | /** 29 | * Abstract implementation of hashing algorithms based on java.security.MessageDigest. 30 | * 31 | * @author Lin Gao 32 | */ 33 | public abstract class AbstractMDHash implements HashingAlgorithm { 34 | 35 | private final MessageDigest md; 36 | 37 | AbstractMDHash(final String algorithm) { 38 | try { 39 | md = MessageDigest.getInstance(algorithm); 40 | } catch (NoSuchAlgorithmException nsae) { 41 | throw new RuntimeException(algorithm + " is not available", nsae); 42 | } 43 | } 44 | 45 | @Override 46 | public String hash(HashString hashString, String password) { 47 | return base64EncodeWithoutPadding(md.digest(password.getBytes(StandardCharsets.UTF_8))); 48 | } 49 | 50 | } 51 | -------------------------------------------------------------------------------- /vertx-auth-common/src/test/resources/toc.jwt: -------------------------------------------------------------------------------- 1 | eyJ4NWMiOlsiTUlJREVUQ0NBZmtDRkJWMDIzZWhPUlN0LzFnT3ZYdjU1bjlTY3JvZk1BMEdDU3FHU0liM0RRRUJDd1VBTUVVeEN6QUpCZ05WQkFZVEFrRlZNUk13RVFZRFZRUUlEQXBUYjIxbExWTjBZWFJsTVNFd0h3WURWUVFLREJoSmJuUmxjbTVsZENCWGFXUm5hWFJ6SUZCMGVTQk1kR1F3SGhjTk1qRXdOREU1TURjek1qUTVXaGNOTXpFd05ERTNNRGN6TWpRNVdqQkZNUXN3Q1FZRFZRUUdFd0pCVlRFVE1CRUdBMVVFQ0F3S1UyOXRaUzFUZEdGMFpURWhNQjhHQTFVRUNnd1lTVzUwWlhKdVpYUWdWMmxrWjJsMGN5QlFkSGtnVEhSa01JSUJJakFOQmdrcWhraUc5dzBCQVFFRkFBT0NBUThBTUlJQkNnS0NBUUVBd08yTWxsNFVqNjgyUUg1UWtSbFZwK3htbUpGNTBiZkhZaTZJNlFSdmxZOUQ1ajRNc2ptTkhZc3hDTHdEaEE5UWRmck5ZZTBkdXBLZzY1czE1UUpzQklSU01kaFRGVG1OT1lMQW9tcGlwMzNJYUhLUXFzOFpaTVZSVERjZXZ4cjJrU3BMeGtZWGNYNUJ0STA0d2Y5dVA4bkI3OEdCMmZtRWNKbDhMU0t1VFJyL3UyQzNreVlNc2lla0dsR08wTW11ZmJpZ3hvU1Y0Qzk0V1BoVWZmbGdkbjJtd1Bob2dHVVJtN1FWcWZ5SktqUW4zQlJGR1JESEt5SlVMMzFwdzFtQ0padlllZE44M3ZHYm51dlp3RDJGN2VyeUtRQkFQV2Y1QjRSandXTmtaSUVLVnJRMTdBUUxZckh0Vi9zK08xMnZaRElic2ZBeE44UDRVcENIQllTNkN3SURBUUFCTUEwR0NTcUdTSWIzRFFFQkN3VUFBNElCQVFBQks1V2tFSnhNcXQzOHhoeUlVcmRhWVFVeFIvcG40OE45U1dOU3M0MGUvMjN2MlBVeFFLUnpWSjB6aFJ0b3BNS1Z1ZXVCSXhRQ3ZwQ1Y0a2tVN1lkNGhUN29iUFNacG5Nd2tFUzhQVlhjOUlUMzlmR2JQMDlZQlYxWGFxNXJsSUxsK1A0Sk5NZXdRNXovbFVkaThocFM3Wkl0Q3VhbFhLL1NZZW45K0U1Z2dENGJBcml4V1FVYURRam1KT2k5WUVMdzR2RTc2NHI1Q3IxN2p6c3Q5MlN6RzNXQ0g0dFAxSE1najZJUHN4Z3VSaiszRzNqcTdFTk0zVU9pbnZtQjBvOWw3eTdmbXVyWGc3NGRuYklnbWFXaVpxbzNoSzZHL29DMUFObUZWRVZPcndYcEtPWjNtK2NVMjZjT1RqMnlqTlNkeEw4Wm9XdVdUdkx5MU9YMTNSVnIiXSwiYWxnIjoiUlMyNTYifQ.eyJpc3MiOiJ2ZXJ0eC1hdXRoLXVuaXQtdGVzdHMiLCJzdWIiOiIxMjM0IiwiYnVuZGxlIjoiLi4uIn0.fJA0nKL0zzacWiPgR-DAf4KoCSS-t56LsPPQVXIpehfgPCthj78yz2cyTZKTU5x9LYJunp2IW0F-UVV7GHAk2Z-KvAWoBV1QkAdfcuNMTcHwNAg76Ks-kCiQjnO8F5lflrOS2nFoULEnO5YRpZ3QLyieF_676459xjo_oLXTR_wBdQfok2FInYyH7548QsFI5GvGP8is5k_4z0aVGdB727L45_MbULobEPwNIajhAxy6Mp4qRsCvhcNJ0hQyUrgqjxdsTBtMnhN7ctX-WIZATvZmnOC_jdo-Pd_UTA6rQAB7syxPRSF00WLwRo2RnoSLxDSvxIJw0Ti7iX9Tc442-Q 2 | -------------------------------------------------------------------------------- /vertx-auth-htpasswd/src/main/java/io/vertx/ext/auth/htpasswd/impl/hash/SHA1.java: -------------------------------------------------------------------------------- 1 | /* 2 | * Copyright 2014 Red Hat, Inc. 3 | * 4 | * All rights reserved. This program and the accompanying materials 5 | * are made available under the terms of the Eclipse Public License v1.0 6 | * and Apache License v2.0 which accompanies this distribution. 7 | * 8 | * The Eclipse Public License is available at 9 | * http://www.eclipse.org/legal/epl-v10.html 10 | * 11 | * The Apache License v2.0 is available at 12 | * http://www.opensource.org/licenses/apache2.0.php 13 | * 14 | * You may elect to redistribute this code under either of these licenses. 15 | */ 16 | package io.vertx.ext.auth.htpasswd.impl.hash; 17 | 18 | import io.vertx.ext.auth.hashing.HashString; 19 | import io.vertx.ext.auth.hashing.HashingAlgorithm; 20 | 21 | import java.nio.charset.StandardCharsets; 22 | import java.security.MessageDigest; 23 | import java.security.NoSuchAlgorithmException; 24 | 25 | import static io.vertx.ext.auth.impl.Codec.base64Encode; 26 | 27 | /** 28 | * Implementation of the SHA1 Hashing algorithm 29 | * 30 | * @author Paulo Lopes 31 | */ 32 | public class SHA1 implements HashingAlgorithm { 33 | 34 | private final MessageDigest md; 35 | 36 | public SHA1() { 37 | try { 38 | md = MessageDigest.getInstance("SHA1"); 39 | } catch (NoSuchAlgorithmException nsae) { 40 | throw new RuntimeException("SHA1 is not available", nsae); 41 | } 42 | } 43 | 44 | @Override 45 | public String id() { 46 | return "{SHA}"; 47 | } 48 | 49 | @Override 50 | public String hash(HashString hashString, String password) { 51 | return base64Encode(md.digest(password.getBytes(StandardCharsets.UTF_8))); 52 | } 53 | 54 | @Override 55 | public boolean needsSeparator() { 56 | return false; 57 | } 58 | } 59 | -------------------------------------------------------------------------------- /vertx-auth-common/src/main/java/io/vertx/ext/auth/audit/SecurityAudit.java: -------------------------------------------------------------------------------- 1 | package io.vertx.ext.auth.audit; 2 | 3 | import io.vertx.codegen.annotations.Fluent; 4 | import io.vertx.codegen.annotations.GenIgnore; 5 | import io.vertx.codegen.annotations.VertxGen; 6 | import io.vertx.core.AsyncResult; 7 | import io.vertx.core.Handler; 8 | import io.vertx.core.http.HttpMethod; 9 | import io.vertx.core.http.HttpVersion; 10 | import io.vertx.core.net.SocketAddress; 11 | import io.vertx.ext.auth.User; 12 | import io.vertx.ext.auth.audit.impl.SecurityAuditNOOP; 13 | import io.vertx.ext.auth.audit.impl.SecurityAuditLogger; 14 | import io.vertx.ext.auth.authentication.Credentials; 15 | import io.vertx.ext.auth.authorization.Authorization; 16 | 17 | @VertxGen 18 | public interface SecurityAudit { 19 | 20 | SecurityAudit NOOP = new SecurityAuditNOOP(); 21 | 22 | static SecurityAudit create() { 23 | if (SecurityAuditLogger.isEnabled()) { 24 | return new SecurityAuditLogger(); 25 | } 26 | // no logging 27 | return NOOP; 28 | } 29 | 30 | @Fluent 31 | SecurityAudit source(SocketAddress address); 32 | 33 | @Fluent 34 | SecurityAudit destination(SocketAddress address); 35 | 36 | SecurityAudit resource(HttpVersion version, HttpMethod method, String path); 37 | 38 | @Fluent 39 | SecurityAudit resource(String resource); 40 | 41 | @Fluent 42 | SecurityAudit credentials(Credentials credentials); 43 | 44 | @Fluent 45 | SecurityAudit user(User user); 46 | 47 | @Fluent 48 | SecurityAudit authorization(Authorization authorization); 49 | 50 | @Fluent 51 | SecurityAudit status(int status); 52 | 53 | void audit(Marker marker, boolean success); 54 | 55 | @GenIgnore(GenIgnore.PERMITTED_TYPE) 56 | default Handler> auditHandlerFor(Marker marker) { 57 | return event -> audit(marker, event.succeeded()); 58 | } 59 | } 60 | -------------------------------------------------------------------------------- /vertx-auth-common/src/main/generated/io/vertx/ext/auth/authentication/TokenCredentialsConverter.java: -------------------------------------------------------------------------------- 1 | package io.vertx.ext.auth.authentication; 2 | 3 | import io.vertx.core.json.JsonObject; 4 | import io.vertx.core.json.JsonArray; 5 | 6 | /** 7 | * Converter and mapper for {@link io.vertx.ext.auth.authentication.TokenCredentials}. 8 | * NOTE: This class has been automatically generated from the {@link io.vertx.ext.auth.authentication.TokenCredentials} original class using Vert.x codegen. 9 | */ 10 | public class TokenCredentialsConverter { 11 | 12 | static void fromJson(Iterable> json, TokenCredentials obj) { 13 | for (java.util.Map.Entry member : json) { 14 | switch (member.getKey()) { 15 | case "token": 16 | if (member.getValue() instanceof String) { 17 | obj.setToken((String)member.getValue()); 18 | } 19 | break; 20 | case "scopes": 21 | if (member.getValue() instanceof JsonArray) { 22 | java.util.ArrayList list = new java.util.ArrayList<>(); 23 | ((Iterable)member.getValue()).forEach( item -> { 24 | if (item instanceof String) 25 | list.add((String)item); 26 | }); 27 | obj.setScopes(list); 28 | } 29 | break; 30 | } 31 | } 32 | } 33 | 34 | static void toJson(TokenCredentials obj, JsonObject json) { 35 | toJson(obj, json.getMap()); 36 | } 37 | 38 | static void toJson(TokenCredentials obj, java.util.Map json) { 39 | if (obj.getToken() != null) { 40 | json.put("token", obj.getToken()); 41 | } 42 | if (obj.getScopes() != null) { 43 | JsonArray array = new JsonArray(); 44 | obj.getScopes().forEach(item -> array.add(item)); 45 | json.put("scopes", array); 46 | } 47 | } 48 | } 49 | -------------------------------------------------------------------------------- /vertx-auth-common/src/main/java/io/vertx/ext/auth/hashing/HashingAlgorithm.java: -------------------------------------------------------------------------------- 1 | /* 2 | * Copyright 2014 Red Hat, Inc. 3 | * 4 | * All rights reserved. This program and the accompanying materials 5 | * are made available under the terms of the Eclipse Public License v1.0 6 | * and Apache License v2.0 which accompanies this distribution. 7 | * 8 | * The Eclipse Public License is available at 9 | * http://www.eclipse.org/legal/epl-v10.html 10 | * 11 | * The Apache License v2.0 is available at 12 | * http://www.opensource.org/licenses/apache2.0.php 13 | * 14 | * You may elect to redistribute this code under either of these licenses. 15 | */ 16 | package io.vertx.ext.auth.hashing; 17 | 18 | import io.vertx.codegen.annotations.GenIgnore; 19 | import io.vertx.codegen.annotations.VertxGen; 20 | 21 | import java.util.Collections; 22 | import java.util.Set; 23 | 24 | /** 25 | * Hashing Algorithm. A common interface to interact with any system provided algorithms. 26 | * 27 | * @author Paulo Lopes 28 | */ 29 | @VertxGen 30 | public interface HashingAlgorithm { 31 | 32 | /** 33 | * return the symbolic name for the algorithm 34 | * 35 | * @return short id e.g.: sha512. 36 | */ 37 | String id(); 38 | 39 | /** 40 | * return the list of param names required for this algorithm. 41 | * 42 | * @return set of param names. 43 | */ 44 | default Set params() { 45 | return Collections.emptySet(); 46 | } 47 | 48 | /** 49 | * Algorithm specific implementation. 50 | * 51 | * @return the hashed digest. 52 | */ 53 | @GenIgnore 54 | String hash(HashString hashString, String password); 55 | 56 | /** 57 | * Should the encoded string use the default separator to split fields. 58 | * 59 | * @return true by default. 60 | */ 61 | default boolean needsSeparator() { 62 | return true; 63 | } 64 | } 65 | -------------------------------------------------------------------------------- /vertx-auth-common/src/main/java/io/vertx/ext/auth/ChainAuth.java: -------------------------------------------------------------------------------- 1 | /* 2 | * Copyright 2014 Red Hat, Inc. 3 | * 4 | * All rights reserved. This program and the accompanying materials 5 | * are made available under the terms of the Eclipse Public License v1.0 6 | * and Apache License v2.0 which accompanies this distribution. 7 | * 8 | * The Eclipse Public License is available at 9 | * http://www.eclipse.org/legal/epl-v10.html 10 | * 11 | * The Apache License v2.0 is available at 12 | * http://www.opensource.org/licenses/apache2.0.php 13 | * 14 | * You may elect to redistribute this code under either of these licenses. 15 | */ 16 | package io.vertx.ext.auth; 17 | 18 | import io.vertx.codegen.annotations.Fluent; 19 | import io.vertx.codegen.annotations.VertxGen; 20 | import io.vertx.ext.auth.authentication.AuthenticationProvider; 21 | import io.vertx.ext.auth.impl.ChainAuthImpl; 22 | 23 | /** 24 | * Chain several authentication providers as if they were one. This is useful for cases where one want to authenticate across 25 | * several providers, for example, database and fallback to passwd file. 26 | */ 27 | @VertxGen 28 | public interface ChainAuth extends AuthenticationProvider { 29 | 30 | /** 31 | * Create a Chainable Auth Provider auth provider that will resolve if all auth providers are successful. 32 | * 33 | * @return the auth provider 34 | */ 35 | static ChainAuth all() { 36 | return new ChainAuthImpl(true); 37 | } 38 | 39 | /** 40 | * Create a Chainable Auth Provider auth provider that will resolve on the first success. 41 | * 42 | * @return the auth provider 43 | */ 44 | static ChainAuth any() { 45 | return new ChainAuthImpl(false); 46 | } 47 | 48 | /** 49 | * Appends a auth provider to the chain. 50 | * 51 | * @param other auth provider 52 | * @return self 53 | */ 54 | @Fluent 55 | ChainAuth add(AuthenticationProvider other); 56 | } 57 | -------------------------------------------------------------------------------- /vertx-auth-common/src/main/java/io/vertx/ext/auth/authorization/WildcardPermissionBasedAuthorization.java: -------------------------------------------------------------------------------- 1 | /******************************************************************************** 2 | * Copyright (c) 2019 Stephane Bastian 3 | * 4 | * This program and the accompanying materials are made available under the 2 5 | * terms of the Eclipse Public License 2.0 which is available at 6 | * http://www.eclipse.org/legal/epl-2.0. 7 | * 8 | * SPDX-License-Identifier: EPL-2.0 3 9 | * 10 | * Contributors: 4 11 | * Stephane Bastian - initial API and implementation 12 | ********************************************************************************/ 13 | package io.vertx.ext.auth.authorization; 14 | 15 | import io.vertx.codegen.annotations.Fluent; 16 | import io.vertx.codegen.annotations.VertxGen; 17 | import io.vertx.ext.auth.authorization.impl.WildcardPermissionBasedAuthorizationImpl; 18 | 19 | /** 20 | * Represents a wildcard permission (ie: 'manage:order:*' '*:orders', '*', etc.) 21 | * Note that it can optionally be assigned to a specific resource 22 | * 23 | * @author Stephane Bastian 24 | */ 25 | @VertxGen 26 | public interface WildcardPermissionBasedAuthorization extends Authorization { 27 | 28 | static WildcardPermissionBasedAuthorization create(String permission) { 29 | return new WildcardPermissionBasedAuthorizationImpl(permission); 30 | } 31 | 32 | /** 33 | * return the value of the wildcard permission 34 | * 35 | * @return 36 | */ 37 | String getPermission(); 38 | 39 | /** 40 | * returns an optional resource that the permission is assigned-on 41 | * 42 | * @return 43 | */ 44 | String getResource(); 45 | 46 | /** 47 | * sets an optional resource that the permission is assigned-on 48 | * 49 | * @return 50 | */ 51 | @Fluent 52 | WildcardPermissionBasedAuthorization setResource(String resource); 53 | 54 | } 55 | -------------------------------------------------------------------------------- /vertx-auth-sql-client/src/main/java/io/vertx/ext/auth/sqlclient/SqlAuthorization.java: -------------------------------------------------------------------------------- 1 | /* 2 | * Copyright 2014 Red Hat, Inc. 3 | * 4 | * All rights reserved. This program and the accompanying materials 5 | * are made available under the terms of the Eclipse Public License v1.0 6 | * and Apache License v2.0 which accompanies this distribution. 7 | * 8 | * The Eclipse Public License is available at 9 | * http://www.eclipse.org/legal/epl-v10.html 10 | * 11 | * The Apache License v2.0 is available at 12 | * http://www.opensource.org/licenses/apache2.0.php 13 | * 14 | * You may elect to redistribute this code under either of these licenses. 15 | */ 16 | 17 | package io.vertx.ext.auth.sqlclient; 18 | 19 | import io.vertx.codegen.annotations.VertxGen; 20 | import io.vertx.ext.auth.authorization.AuthorizationProvider; 21 | import io.vertx.ext.auth.sqlclient.impl.SqlAuthorizationImpl; 22 | import io.vertx.sqlclient.SqlClient; 23 | 24 | /** 25 | * Factory interface for creating {@link AuthorizationProvider} instances that use the Vert.x SQL client. 26 | * 27 | * @author Paulo Lopes 28 | */ 29 | @VertxGen 30 | public interface SqlAuthorization extends AuthorizationProvider { 31 | 32 | /** 33 | * Create a JDBC authorization provider implementation 34 | * 35 | * @param client the SQL client instance 36 | * @return the auth provider 37 | */ 38 | static SqlAuthorization create(SqlClient client) { 39 | return create(client, new SqlAuthorizationOptions()); 40 | } 41 | 42 | /** 43 | * Create a JDBC authorization provider implementation 44 | * 45 | * @param client the SQL client instance 46 | * @param options the {@link SqlAuthorizationOptions} 47 | * @return the auth provider 48 | */ 49 | static SqlAuthorization create(SqlClient client, SqlAuthorizationOptions options) { 50 | return new SqlAuthorizationImpl(client, options); 51 | } 52 | } 53 | -------------------------------------------------------------------------------- /.github/maven-ci-settings.xml: -------------------------------------------------------------------------------- 1 | 16 | 17 | 18 | 19 | false 20 | 21 | 22 | 23 | google-mirror 24 | 25 | true 26 | 27 | 28 | 29 | google-maven-central 30 | GCS Maven Central mirror EU 31 | https://maven-central.storage-download.googleapis.com/maven2/ 32 | 33 | true 34 | 35 | 36 | false 37 | 38 | 39 | 40 | 41 | 42 | google-maven-central 43 | GCS Maven Central mirror 44 | https://maven-central.storage-download.googleapis.com/maven2/ 45 | 46 | true 47 | 48 | 49 | false 50 | 51 | 52 | 53 | 54 | 55 | 56 | -------------------------------------------------------------------------------- /vertx-auth-webauthn4j/src/main/generated/io/vertx/ext/auth/webauthn4j/AttestationCertificatesConverter.java: -------------------------------------------------------------------------------- 1 | package io.vertx.ext.auth.webauthn4j; 2 | 3 | import io.vertx.core.json.JsonObject; 4 | import io.vertx.core.json.JsonArray; 5 | 6 | /** 7 | * Converter and mapper for {@link io.vertx.ext.auth.webauthn4j.AttestationCertificates}. 8 | * NOTE: This class has been automatically generated from the {@link io.vertx.ext.auth.webauthn4j.AttestationCertificates} original class using Vert.x codegen. 9 | */ 10 | public class AttestationCertificatesConverter { 11 | 12 | static void fromJson(Iterable> json, AttestationCertificates obj) { 13 | for (java.util.Map.Entry member : json) { 14 | switch (member.getKey()) { 15 | case "alg": 16 | if (member.getValue() instanceof String) { 17 | obj.setAlg(io.vertx.ext.auth.webauthn4j.COSEAlgorithm.valueOf((String)member.getValue())); 18 | } 19 | break; 20 | case "x5c": 21 | if (member.getValue() instanceof JsonArray) { 22 | java.util.ArrayList list = new java.util.ArrayList<>(); 23 | ((Iterable)member.getValue()).forEach( item -> { 24 | if (item instanceof String) 25 | list.add((String)item); 26 | }); 27 | obj.setX5c(list); 28 | } 29 | break; 30 | } 31 | } 32 | } 33 | 34 | static void toJson(AttestationCertificates obj, JsonObject json) { 35 | toJson(obj, json.getMap()); 36 | } 37 | 38 | static void toJson(AttestationCertificates obj, java.util.Map json) { 39 | if (obj.getAlg() != null) { 40 | json.put("alg", obj.getAlg().name()); 41 | } 42 | if (obj.getX5c() != null) { 43 | JsonArray array = new JsonArray(); 44 | obj.getX5c().forEach(item -> array.add(item)); 45 | json.put("x5c", array); 46 | } 47 | } 48 | } 49 | -------------------------------------------------------------------------------- /vertx-auth-htdigest/src/main/java/io/vertx/ext/auth/htdigest/HtdigestAuth.java: -------------------------------------------------------------------------------- 1 | /* 2 | * Copyright 2014 Red Hat, Inc. 3 | * 4 | * All rights reserved. This program and the accompanying materials 5 | * are made available under the terms of the Eclipse Public License v1.0 6 | * and Apache License v2.0 which accompanies this distribution. 7 | * 8 | * The Eclipse Public License is available at 9 | * http://www.eclipse.org/legal/epl-v10.html 10 | * 11 | * The Apache License v2.0 is available at 12 | * http://www.opensource.org/licenses/apache2.0.php 13 | * 14 | * You may elect to redistribute this code under either of these licenses. 15 | */ 16 | 17 | package io.vertx.ext.auth.htdigest; 18 | 19 | import io.vertx.codegen.annotations.VertxGen; 20 | import io.vertx.core.Vertx; 21 | import io.vertx.ext.auth.authentication.AuthenticationProvider; 22 | import io.vertx.ext.auth.htdigest.impl.HtdigestAuthImpl; 23 | 24 | /** 25 | * An extension of AuthProvider which is using .htdigest file as store 26 | * 27 | * @author Paulo Lopes 28 | */ 29 | @VertxGen 30 | public interface HtdigestAuth extends AuthenticationProvider { 31 | 32 | /** 33 | * The property name to be used to set the name of the collection inside the config 34 | */ 35 | String HTDIGEST_FILE = ".htdigest"; 36 | 37 | /** 38 | * Creates an instance of HtdigestAuth. 39 | * 40 | * @return the created instance of {@link HtdigestAuth}s 41 | */ 42 | static HtdigestAuth create(Vertx vertx) { 43 | return new HtdigestAuthImpl(vertx, HTDIGEST_FILE); 44 | } 45 | 46 | /** 47 | * Creates an instance of HtdigestAuth by using the given htfile file. 48 | * 49 | * @param htfile the existing htfile. 50 | * @return the created instance of {@link HtdigestAuth}s 51 | */ 52 | static HtdigestAuth create(Vertx vertx, String htfile) { 53 | return new HtdigestAuthImpl(vertx, htfile); 54 | } 55 | 56 | /** 57 | * Return the currently used realm 58 | * 59 | * @return the realm 60 | */ 61 | String realm(); 62 | } 63 | -------------------------------------------------------------------------------- /vertx-auth-otp/src/main/generated/io/vertx/ext/auth/otp/hotp/HotpAuthOptionsConverter.java: -------------------------------------------------------------------------------- 1 | package io.vertx.ext.auth.otp.hotp; 2 | 3 | import io.vertx.core.json.JsonObject; 4 | import io.vertx.core.json.JsonArray; 5 | 6 | /** 7 | * Converter and mapper for {@link io.vertx.ext.auth.otp.hotp.HotpAuthOptions}. 8 | * NOTE: This class has been automatically generated from the {@link io.vertx.ext.auth.otp.hotp.HotpAuthOptions} original class using Vert.x codegen. 9 | */ 10 | public class HotpAuthOptionsConverter { 11 | 12 | static void fromJson(Iterable> json, HotpAuthOptions obj) { 13 | for (java.util.Map.Entry member : json) { 14 | switch (member.getKey()) { 15 | case "passwordLength": 16 | if (member.getValue() instanceof Number) { 17 | obj.setPasswordLength(((Number)member.getValue()).intValue()); 18 | } 19 | break; 20 | case "authAttemptsLimit": 21 | if (member.getValue() instanceof Number) { 22 | obj.setAuthAttemptsLimit(((Number)member.getValue()).intValue()); 23 | } 24 | break; 25 | case "lookAheadWindow": 26 | if (member.getValue() instanceof Number) { 27 | obj.setLookAheadWindow(((Number)member.getValue()).intValue()); 28 | } 29 | break; 30 | case "counter": 31 | if (member.getValue() instanceof Number) { 32 | obj.setCounter(((Number)member.getValue()).longValue()); 33 | } 34 | break; 35 | } 36 | } 37 | } 38 | 39 | static void toJson(HotpAuthOptions obj, JsonObject json) { 40 | toJson(obj, json.getMap()); 41 | } 42 | 43 | static void toJson(HotpAuthOptions obj, java.util.Map json) { 44 | json.put("passwordLength", obj.getPasswordLength()); 45 | json.put("authAttemptsLimit", obj.getAuthAttemptsLimit()); 46 | json.put("lookAheadWindow", obj.getLookAheadWindow()); 47 | json.put("counter", obj.getCounter()); 48 | } 49 | } 50 | -------------------------------------------------------------------------------- /vertx-auth-otp/src/main/java/examples/hotp/HotpAuthExamples.java: -------------------------------------------------------------------------------- 1 | /* 2 | * Copyright (c) 2021 Dmitry Novikov 3 | * 4 | * This program and the accompanying materials are made available under the 5 | * terms of the Eclipse Public License 2.0 which is available at 6 | * http://www.eclipse.org/legal/epl-2.0, or the Apache License, Version 2.0 7 | * which is available at https://www.apache.org/licenses/LICENSE-2.0. 8 | * 9 | * SPDX-License-Identifier: EPL-2.0 OR Apache-2.0 10 | */ 11 | 12 | package examples.hotp; 13 | 14 | import io.vertx.core.Future; 15 | import io.vertx.core.json.JsonObject; 16 | import io.vertx.ext.auth.authentication.Credentials; 17 | import io.vertx.ext.auth.otp.Authenticator; 18 | import io.vertx.ext.auth.otp.OtpCredentials; 19 | import io.vertx.ext.auth.otp.OtpKey; 20 | import io.vertx.ext.auth.otp.OtpKeyGenerator; 21 | import io.vertx.ext.auth.otp.hotp.HotpAuth; 22 | import io.vertx.ext.auth.otp.hotp.HotpAuthOptions; 23 | 24 | public class HotpAuthExamples { 25 | 26 | public static void example1() { 27 | // generate new key 28 | OtpKeyGenerator keyGenerator = OtpKeyGenerator.create(); 29 | OtpKey otpKey = keyGenerator.generate(); 30 | } 31 | 32 | public static void example2() { 33 | final HotpAuthOptions hotpAuthOptions = new HotpAuthOptions(); 34 | final HotpAuth authProvider = HotpAuth.create(hotpAuthOptions); 35 | 36 | // key 37 | final String userKey = "OK7JVNHJO5ZMC57QLYJ6QNTOZFKVN76Y"; 38 | final OtpKey otpKey = new OtpKey() 39 | .setKey(userKey) 40 | .setAlgorithm("HmacSHA1"); 41 | 42 | // request hotp for user 43 | JsonObject principal = new JsonObject() 44 | .put("identifier", "user1") 45 | .put("key", otpKey.getKey()) 46 | .put("counter", 0); 47 | 48 | authProvider 49 | .authenticatorFetcher(id -> Future.succeededFuture(new Authenticator())); 50 | 51 | // auth user hotp 52 | Credentials credentials = new OtpCredentials("user1", "249916"); 53 | 54 | authProvider.authenticate(credentials); 55 | } 56 | } 57 | -------------------------------------------------------------------------------- /vertx-auth-common/src/test/java/io/vertx/tests/audit/AuditLoggerTest.java: -------------------------------------------------------------------------------- 1 | package io.vertx.tests.audit; 2 | 3 | import io.vertx.core.net.SocketAddress; 4 | import io.vertx.ext.auth.User; 5 | import io.vertx.ext.auth.audit.Marker; 6 | import io.vertx.ext.auth.audit.SecurityAudit; 7 | import io.vertx.ext.auth.authentication.UsernamePasswordCredentials; 8 | import io.vertx.ext.auth.authorization.AndAuthorization; 9 | import io.vertx.ext.auth.authorization.PermissionBasedAuthorization; 10 | import io.vertx.ext.auth.authorization.RoleBasedAuthorization; 11 | import org.junit.*; 12 | 13 | public class AuditLoggerTest { 14 | 15 | @Test 16 | public void testSync() { 17 | 18 | SecurityAudit audit = SecurityAudit.create(); 19 | 20 | // fake a request coming in 21 | audit.source(SocketAddress.inetSocketAddress(12345, "localhost")); 22 | audit.destination(SocketAddress.inetSocketAddress(8080, "localhost")); 23 | 24 | audit.credentials(new UsernamePasswordCredentials("paulo", "password")); 25 | audit.audit(Marker.AUTHENTICATION, true); 26 | // [AUTHENTICATION epoch="1674814080597" source="localhost" destination="localhost" password="********" username="paulo"] OK 27 | 28 | audit.user(User.fromName("paulo")); 29 | audit.authorization( 30 | AndAuthorization.create() 31 | .addAuthorization(PermissionBasedAuthorization.create("permission1")) 32 | .addAuthorization(RoleBasedAuthorization.create("role1")) 33 | .addAuthorization(PermissionBasedAuthorization.create("permission2")) 34 | .addAuthorization(RoleBasedAuthorization.create("role2"))); 35 | 36 | audit.audit(Marker.AUTHORIZATION, false); 37 | // [AUTHORIZATION epoch="1674814080617" source="localhost" destination="localhost" subject="paulo" authorization="AND(PERMISSION[permission1], ROLE[role1], PERMISSION[permission2], ROLE[role2])"] FAIL 38 | 39 | audit.status(403); 40 | audit.audit(Marker.REQUEST, true); 41 | //[REQUEST epoch="1674814080618" source="localhost" destination="localhost" status=403] OK 42 | } 43 | } 44 | -------------------------------------------------------------------------------- /vertx-auth-ldap/src/main/asciidoc/index.adoc: -------------------------------------------------------------------------------- 1 | = LDAP Auth provider 2 | 3 | This is an auth provider implementation that authenticates via LDAP. 4 | 5 | == Getting started 6 | 7 | To use this project, add the following dependency to the _dependencies_ section of your build descriptor: 8 | 9 | * Maven (in your `pom.xml`): 10 | 11 | [source,xml,subs="+attributes"] 12 | ---- 13 | 14 | io.vertx 15 | vertx-auth-ldap 16 | ${maven.version} 17 | 18 | ---- 19 | 20 | * Gradle (in your `build.gradle` file): 21 | 22 | [source,groovy,subs="+attributes"] 23 | ---- 24 | compile 'io.vertx:vertx-auth-ldap:${maven.version}' 25 | ---- 26 | 27 | == Instantiation 28 | 29 | To create an instance of the Ldap auth provider, use {@link io.vertx.ext.auth.ldap.LdapAuthentication#create(io.vertx.core.Vertx, io.vertx.ext.auth.ldap.LdapAuthenticationOptions)} as follows: 30 | 31 | == Configuration 32 | 33 | The class {@link io.vertx.ext.auth.ldap.LdapAuthenticationOptions} is used to configure the Ldap authentication provider: 34 | 35 | `authenticationQuery`:: this query is used when looking up a user with a particular id. 36 | An example is `uid={0},ou=users,dc=foo,dc=com` - the element `{0}` is substituted with the user id to create the actual lookup. 37 | This setting is mandatory. 38 | 39 | `url`:: the url to the LDAP server. 40 | The url must start with `ldap://` and a port must be specified. 41 | An example is `ldap://myldapserver.mycompany.com:10389` 42 | 43 | `authenticationMechanism`:: Sets the type of LDAP authentication mechanism to use when connecting to the LDAP server. 44 | 45 | `referral`:: Sets the LDAP referral behavior when creating a connection. 46 | Defaults to `follow`. 47 | See the Sun/Oracle LDAP referral documentation for more: http://java.sun.com/products/jndi/tutorial/ldap/referral/jndi.html 48 | 49 | == Notes 50 | 51 | Note that when authenticating using this implementation, it assumes `username` and `password` fields are present in the authentication info 52 | -------------------------------------------------------------------------------- /vertx-auth-common/src/main/java/io/vertx/ext/auth/authorization/AuthorizationContext.java: -------------------------------------------------------------------------------- 1 | /******************************************************************************** 2 | * Copyright (c) 2019 Stephane Bastian 3 | * 4 | * This program and the accompanying materials are made available under the 2 5 | * terms of the Eclipse Public License 2.0 which is available at 6 | * http://www.eclipse.org/legal/epl-2.0. 7 | * 8 | * SPDX-License-Identifier: EPL-2.0 3 9 | * 10 | * Contributors: 4 11 | * Stephane Bastian - initial API and implementation 12 | ********************************************************************************/ 13 | package io.vertx.ext.auth.authorization; 14 | 15 | import io.vertx.codegen.annotations.VertxGen; 16 | import io.vertx.core.MultiMap; 17 | import io.vertx.ext.auth.User; 18 | import io.vertx.ext.auth.authorization.impl.AuthorizationContextImpl; 19 | 20 | /** 21 | * The AuthorizationContext contains properties that can be used to match 22 | * authorizations. 23 | * 24 | * @author Stephane Bastian 25 | */ 26 | @VertxGen 27 | public interface AuthorizationContext { 28 | 29 | /** 30 | * Factory for Authorization Context 31 | * 32 | * @param user a user 33 | * @return a AuthorizationContext instance 34 | */ 35 | static AuthorizationContext create(User user) { 36 | return create(user, MultiMap.caseInsensitiveMultiMap()); 37 | } 38 | 39 | /** 40 | * Factory for Authorization Context 41 | * 42 | * @param user a user 43 | * @return a AuthorizationContext instance 44 | */ 45 | static AuthorizationContext create(User user, MultiMap variables) { 46 | return new AuthorizationContextImpl(user, variables); 47 | } 48 | 49 | /** 50 | * Get the authenticated user 51 | * 52 | * @return the user 53 | */ 54 | User user(); 55 | 56 | /** 57 | * @return a Multimap containing variable names and values that can be resolved 58 | * at runtime by {@link Authorization}Authorizations 59 | */ 60 | MultiMap variables(); 61 | 62 | } 63 | -------------------------------------------------------------------------------- /vertx-auth-oauth2/src/test/java/io/vertx/tests/OAuth2ClientOptionsTest.java: -------------------------------------------------------------------------------- 1 | package io.vertx.tests; 2 | 3 | import io.vertx.ext.auth.oauth2.OAuth2Options; 4 | import io.vertx.ext.auth.oauth2.impl.OAuth2AuthProviderImpl; 5 | import io.vertx.ext.auth.oauth2.providers.AzureADAuth; 6 | import io.vertx.ext.unit.junit.RunTestOnContext; 7 | import io.vertx.ext.unit.junit.VertxUnitRunner; 8 | import org.junit.Rule; 9 | import org.junit.Test; 10 | import org.junit.runner.RunWith; 11 | 12 | import static org.junit.Assert.assertEquals; 13 | 14 | @RunWith(VertxUnitRunner.class) 15 | public class OAuth2ClientOptionsTest { 16 | 17 | @Rule 18 | public final RunTestOnContext rule = new RunTestOnContext(); 19 | 20 | @Test(expected = IllegalStateException.class) 21 | public void testMSLikeConfig() { 22 | OAuth2Options config = new OAuth2Options(); 23 | 24 | config 25 | .setSite("https://login.microsoftonline.com/{tenant}") 26 | .replaceVariables(false); 27 | } 28 | 29 | @Test 30 | public void testMSLikeConfigCorrect() { 31 | OAuth2Options config = new OAuth2Options(); 32 | 33 | config 34 | .setTenant("6731de76-14a6-49ae-97bc-6eba6914391e") 35 | .setSite("https://login.microsoftonline.com/{tenant}") 36 | .replaceVariables(false); 37 | 38 | assertEquals("https://login.microsoftonline.com/6731de76-14a6-49ae-97bc-6eba6914391e", config.getSite()); 39 | } 40 | 41 | @Test 42 | public void testVariableReplacement() { 43 | OAuth2AuthProviderImpl auth = (OAuth2AuthProviderImpl) AzureADAuth.create(rule.vertx(), "clientId", "clientSecret", "guid"); 44 | 45 | OAuth2Options config = auth.getConfig(); 46 | 47 | assertEquals("https://login.microsoftonline.com/guid", config.getSite()); 48 | } 49 | 50 | @Test 51 | public void TestTraillingSlash() { 52 | OAuth2Options config = new OAuth2Options(); 53 | 54 | config 55 | .setSite("https://login.microsoftonline.com/") 56 | .replaceVariables(false); 57 | 58 | assertEquals("https://login.microsoftonline.com", config.getSite()); 59 | } 60 | } 61 | -------------------------------------------------------------------------------- /vertx-auth-common/src/main/java/io/vertx/ext/auth/authorization/impl/RoleBasedAuthorizationConverter.java: -------------------------------------------------------------------------------- 1 | /******************************************************************************** 2 | * Copyright (c) 2019 Stephane Bastian 3 | * 4 | * This program and the accompanying materials are made available under the 2 5 | * terms of the Eclipse Public License 2.0 which is available at 6 | * http://www.eclipse.org/legal/epl-2.0. 7 | * 8 | * SPDX-License-Identifier: EPL-2.0 3 9 | * 10 | * Contributors: 4 11 | * Stephane Bastian - initial API and implementation 12 | ********************************************************************************/ 13 | package io.vertx.ext.auth.authorization.impl; 14 | 15 | import io.vertx.codegen.annotations.Nullable; 16 | import io.vertx.core.json.JsonObject; 17 | import io.vertx.ext.auth.authorization.RoleBasedAuthorization; 18 | 19 | import java.util.Objects; 20 | 21 | import static io.vertx.ext.auth.authorization.impl.AuthorizationConverter.FIELD_TYPE; 22 | 23 | public class RoleBasedAuthorizationConverter { 24 | 25 | public final static String TYPE = "role"; 26 | private final static String FIELD_ROLE = "role"; 27 | private final static String FIELD_RESOURCE = "resource"; 28 | 29 | public static JsonObject encode(RoleBasedAuthorization value) throws IllegalArgumentException { 30 | Objects.requireNonNull(value); 31 | 32 | JsonObject result = new JsonObject(); 33 | result.put(FIELD_TYPE, TYPE); 34 | result.put(FIELD_ROLE, value.getRole()); 35 | if (value.getResource() != null) { 36 | result.put(FIELD_RESOURCE, value.getResource()); 37 | } 38 | return result; 39 | } 40 | 41 | public static @Nullable RoleBasedAuthorization decode(JsonObject json) throws IllegalArgumentException { 42 | Objects.requireNonNull(json); 43 | 44 | RoleBasedAuthorization result = RoleBasedAuthorization.create(json.getString(FIELD_ROLE)); 45 | if (json.getString(FIELD_RESOURCE) != null) { 46 | result.setResource(json.getString(FIELD_RESOURCE)); 47 | } 48 | return result; 49 | } 50 | } 51 | -------------------------------------------------------------------------------- /vertx-auth-common/src/test/java/io/vertx/tests/authorization/impl/VariableAwareExpressionTest.java: -------------------------------------------------------------------------------- 1 | package io.vertx.tests.authorization.impl; 2 | 3 | import io.vertx.core.MultiMap; 4 | import io.vertx.ext.auth.authorization.impl.VariableAwareExpression; 5 | import org.junit.Test; 6 | 7 | import static org.junit.Assert.*; 8 | 9 | public class VariableAwareExpressionTest { 10 | 11 | @Test 12 | public void test() { 13 | VariableAwareExpression expression = new VariableAwareExpression("foo"); 14 | String resolved = expression.resolve(MultiMap.caseInsensitiveMultiMap().add("foo", "bar")); 15 | assertEquals("foo", resolved); 16 | } 17 | 18 | @Test 19 | public void test1() { 20 | VariableAwareExpression expression = new VariableAwareExpression("{foo}"); 21 | String resolved = expression.resolve(MultiMap.caseInsensitiveMultiMap().add("foo", "bar")); 22 | assertEquals("bar", resolved); 23 | } 24 | 25 | @Test 26 | public void test2() { 27 | VariableAwareExpression expression = new VariableAwareExpression("{bar}end"); 28 | String resolved = expression.resolve(MultiMap.caseInsensitiveMultiMap().add("bar", "foo")); 29 | assertEquals("fooend", resolved); 30 | } 31 | 32 | @Test 33 | public void test3() { 34 | VariableAwareExpression expression = new VariableAwareExpression("begin{bar}"); 35 | String resolved = expression.resolve(MultiMap.caseInsensitiveMultiMap().add("bar", "foo")); 36 | assertEquals("beginfoo", resolved); 37 | } 38 | 39 | @Test 40 | public void test4() { 41 | VariableAwareExpression expression = new VariableAwareExpression("part1,part2{bar}"); 42 | String resolved = expression.resolve(MultiMap.caseInsensitiveMultiMap().add("bar", "foo")); 43 | assertEquals("part1,part2foo", resolved); 44 | } 45 | 46 | @Test 47 | public void test5() { 48 | VariableAwareExpression expression = new VariableAwareExpression("part1{bar}part2,part3"); 49 | String resolved = expression.resolve(MultiMap.caseInsensitiveMultiMap().add("bar", "foo")); 50 | assertEquals("part1foopart2,part3", resolved); 51 | } 52 | } 53 | -------------------------------------------------------------------------------- /vertx-auth-abac/src/test/java/io/vertx/tests/PolicyTest.java: -------------------------------------------------------------------------------- 1 | package io.vertx.tests; 2 | 3 | import io.vertx.core.json.JsonArray; 4 | import io.vertx.core.json.JsonObject; 5 | import io.vertx.ext.auth.User; 6 | import io.vertx.ext.auth.abac.Attribute; 7 | import io.vertx.ext.auth.abac.Policy; 8 | import io.vertx.ext.unit.junit.RunTestOnContext; 9 | import io.vertx.ext.unit.junit.VertxUnitRunner; 10 | import org.junit.Rule; 11 | import org.junit.Test; 12 | import org.junit.runner.RunWith; 13 | 14 | import static org.junit.Assert.*; 15 | 16 | @RunWith(VertxUnitRunner.class) 17 | public class PolicyTest { 18 | 19 | @Rule 20 | public final RunTestOnContext rule = new RunTestOnContext(); 21 | 22 | @Test 23 | public void createPolicy() { 24 | Policy policy = new Policy(); 25 | 26 | policy.addAttribute(Attribute.has("/principal/amr","mfa")); 27 | 28 | assertEquals(1, policy.getAttributes().size()); 29 | User paulo = User.fromName("paulo"); 30 | paulo.principal().put("amr", new JsonArray().add("mfa").add("pwd")); 31 | 32 | for (Attribute attribute : policy.getAttributes()) { 33 | assertTrue(attribute.match(paulo)); 34 | } 35 | } 36 | 37 | @Test 38 | public void testReadPolicyWithAttributes() { 39 | JsonObject json = new JsonObject( 40 | "{\n" + 41 | " \"name\" : \"EU users\",\n" + 42 | " \"attributes\" : {\n" + 43 | " \"/attributes/location\" : {\n" + 44 | " \"eq\" : \"EU\"\n" + 45 | " }\n" + 46 | " },\n" + 47 | " \"authorizations\" : [ {\n" + 48 | " \"type\" : \"wildcard\",\n" + 49 | " \"permission\" : \"web:GET\",\n" + 50 | " \"resource\" : \"/gdpr\"\n" + 51 | " } ]\n" + 52 | "}" 53 | ); 54 | 55 | Policy policy = new Policy(json); 56 | 57 | assertEquals(1, policy.getAttributes().size()); 58 | for (Attribute attribute : policy.getAttributes()) { 59 | User user = User.fromName("paulo"); 60 | user.attributes().put("location", "EU"); 61 | assertTrue(attribute.match(user)); 62 | } 63 | } 64 | } 65 | -------------------------------------------------------------------------------- /vertx-auth-htpasswd/src/main/java/io/vertx/ext/auth/htpasswd/HtpasswdAuthOptions.java: -------------------------------------------------------------------------------- 1 | /* 2 | * Copyright 2014 Red Hat, Inc. 3 | * 4 | * All rights reserved. This program and the accompanying materials 5 | * are made available under the terms of the Eclipse Public License v1.0 6 | * and Apache License v2.0 which accompanies this distribution. 7 | * 8 | * The Eclipse Public License is available at 9 | * http://www.eclipse.org/legal/epl-v10.html 10 | * 11 | * The Apache License v2.0 is available at 12 | * http://www.opensource.org/licenses/apache2.0.php 13 | * 14 | * You may elect to redistribute this code under either of these licenses. 15 | */ 16 | package io.vertx.ext.auth.htpasswd; 17 | 18 | import io.vertx.codegen.annotations.DataObject; 19 | import io.vertx.codegen.json.annotations.JsonGen; 20 | import io.vertx.core.json.JsonObject; 21 | 22 | /** 23 | * Options configuring htpasswd authentication. 24 | * 25 | * @author Neven Radovanović 26 | */ 27 | @DataObject 28 | @JsonGen(publicConverter = false) 29 | public class HtpasswdAuthOptions { 30 | 31 | private String htpasswdFile; 32 | private boolean plainTextEnabled; 33 | 34 | public HtpasswdAuthOptions() { 35 | htpasswdFile = ".htpasswd"; 36 | plainTextEnabled = false; 37 | } 38 | 39 | public HtpasswdAuthOptions(JsonObject json) { 40 | this(); 41 | HtpasswdAuthOptionsConverter.fromJson(json, this); 42 | } 43 | 44 | public HtpasswdAuthOptions(HtpasswdAuthOptions that) { 45 | this(); 46 | this.htpasswdFile = that.htpasswdFile; 47 | this.plainTextEnabled = that.plainTextEnabled; 48 | } 49 | 50 | public HtpasswdAuthOptions setPlainTextEnabled(boolean plainTextEnabled) { 51 | this.plainTextEnabled = plainTextEnabled; 52 | return this; 53 | } 54 | 55 | public boolean isPlainTextEnabled() { 56 | return plainTextEnabled; 57 | } 58 | 59 | public String getHtpasswdFile() { 60 | return htpasswdFile; 61 | } 62 | 63 | public HtpasswdAuthOptions setHtpasswdFile(String htpasswdFile) { 64 | this.htpasswdFile = htpasswdFile; 65 | return this; 66 | } 67 | } 68 | -------------------------------------------------------------------------------- /vertx-auth-webauthn4j/src/main/java/io/vertx/ext/auth/webauthn4j/COSEAlgorithm.java: -------------------------------------------------------------------------------- 1 | /* 2 | * Copyright 2019 Red Hat, Inc. 3 | * 4 | * All rights reserved. This program and the accompanying materials 5 | * are made available under the terms of the Eclipse Public License v1.0 6 | * and Apache License v2.0 which accompanies this distribution. 7 | * 8 | * The Eclipse Public License is available at 9 | * http://www.eclipse.org/legal/epl-v10.html 10 | * 11 | * The Apache License v2.0 is available at 12 | * http://www.opensource.org/licenses/apache2.0.php 13 | * 14 | * You may elect to redistribute this code under either of these licenses. 15 | */ 16 | package io.vertx.ext.auth.webauthn4j; 17 | 18 | import io.vertx.codegen.annotations.VertxGen; 19 | 20 | /** 21 | * PublicKeyCredential 22 | * https://www.iana.org/assignments/cose/cose.xhtml#algorithms 23 | */ 24 | @VertxGen 25 | public enum COSEAlgorithm { 26 | ES256(-7), 27 | ES384(-35), 28 | ES512(-36), 29 | PS256(-37), 30 | PS384(-38), 31 | PS512(-39), 32 | ES256K(-47), 33 | RS256(-257), 34 | RS384(-258), 35 | RS512(-259), 36 | RS1(-65535), 37 | EdDSA(-8); 38 | 39 | private final int coseId; 40 | 41 | COSEAlgorithm(int coseId) { 42 | this.coseId = coseId; 43 | } 44 | 45 | public static COSEAlgorithm valueOf(int coseId) { 46 | switch (coseId) { 47 | case -7: 48 | return ES256; 49 | case -35: 50 | return ES384; 51 | case -36: 52 | return ES512; 53 | case -37: 54 | return PS256; 55 | case -38: 56 | return PS384; 57 | case -39: 58 | return PS512; 59 | case -47: 60 | return ES256K; 61 | case -257: 62 | return RS256; 63 | case -258: 64 | return RS384; 65 | case -259: 66 | return RS512; 67 | case -65535: 68 | return RS1; 69 | case -8: 70 | return EdDSA; 71 | default: 72 | throw new IllegalArgumentException("Unknown cose-id: " + coseId); 73 | } 74 | } 75 | 76 | public int coseId() { 77 | return coseId; 78 | } 79 | } 80 | -------------------------------------------------------------------------------- /vertx-auth-common/src/main/java/io/vertx/ext/auth/impl/jose/algo/ThreadLocalSigningAlgorithm.java: -------------------------------------------------------------------------------- 1 | package io.vertx.ext.auth.impl.jose.algo; 2 | 3 | import io.netty.util.internal.PlatformDependent; 4 | 5 | import java.security.GeneralSecurityException; 6 | 7 | public class ThreadLocalSigningAlgorithm extends SigningAlgorithm { 8 | 9 | private final SigningAlgorithm algorithm; 10 | private final ThreadLocal localSigner = new ThreadLocal<>() { 11 | @Override 12 | protected Signer initialValue() { 13 | try { 14 | return algorithm.signer(); 15 | } catch (GeneralSecurityException e) { 16 | PlatformDependent.throwException(e); 17 | return null; 18 | } 19 | } 20 | }; 21 | private final ThreadLocal localVerifier = new ThreadLocal<>() { 22 | @Override 23 | protected Verifier initialValue() { 24 | try { 25 | return algorithm.verifier(); 26 | } catch (GeneralSecurityException e) { 27 | PlatformDependent.throwException(e); 28 | return null; 29 | } 30 | } 31 | }; 32 | 33 | public ThreadLocalSigningAlgorithm(SigningAlgorithm algorithm) { 34 | this.algorithm = algorithm; 35 | } 36 | 37 | @Override 38 | public SigningAlgorithm safe() { 39 | return this; 40 | } 41 | 42 | @Override 43 | public SigningAlgorithm unwrap() { 44 | return algorithm.unwrap(); 45 | } 46 | 47 | @Override 48 | public String name() { 49 | return algorithm.name(); 50 | } 51 | 52 | @Override 53 | public String id() { 54 | return algorithm.id(); 55 | } 56 | 57 | @Override 58 | public boolean canSign() { 59 | return algorithm.canSign(); 60 | } 61 | 62 | @Override 63 | public boolean canVerify() { 64 | return algorithm.canVerify(); 65 | } 66 | 67 | @Override 68 | public Signer signer() throws GeneralSecurityException { 69 | return payload -> localSigner.get().sign(payload); 70 | } 71 | 72 | @Override 73 | public Verifier verifier() throws GeneralSecurityException { 74 | return (signature, payload) -> localVerifier.get().verify(signature, payload); 75 | } 76 | } 77 | -------------------------------------------------------------------------------- /vertx-auth-common/src/main/java/io/vertx/ext/auth/authorization/impl/PermissionBasedAuthorizationConverter.java: -------------------------------------------------------------------------------- 1 | /******************************************************************************** 2 | * Copyright (c) 2019 Stephane Bastian 3 | * 4 | * This program and the accompanying materials are made available under the 2 5 | * terms of the Eclipse Public License 2.0 which is available at 6 | * http://www.eclipse.org/legal/epl-2.0. 7 | * 8 | * SPDX-License-Identifier: EPL-2.0 3 9 | * 10 | * Contributors: 4 11 | * Stephane Bastian - initial API and implementation 12 | ********************************************************************************/ 13 | package io.vertx.ext.auth.authorization.impl; 14 | 15 | import io.vertx.codegen.annotations.Nullable; 16 | import io.vertx.core.json.JsonObject; 17 | import io.vertx.ext.auth.authorization.PermissionBasedAuthorization; 18 | 19 | import java.util.Objects; 20 | 21 | import static io.vertx.ext.auth.authorization.impl.AuthorizationConverter.FIELD_TYPE; 22 | 23 | public class PermissionBasedAuthorizationConverter { 24 | 25 | public final static String TYPE = "permission"; 26 | private final static String FIELD_PERMISSION = "permission"; 27 | private final static String FIELD_RESOURCE = "resource"; 28 | 29 | public static JsonObject encode(PermissionBasedAuthorization value) throws IllegalArgumentException { 30 | Objects.requireNonNull(value); 31 | 32 | JsonObject result = new JsonObject(); 33 | result.put(FIELD_TYPE, TYPE); 34 | result.put(FIELD_PERMISSION, value.getPermission()); 35 | if (value.getResource() != null) { 36 | result.put(FIELD_RESOURCE, value.getResource()); 37 | } 38 | return result; 39 | } 40 | 41 | public static @Nullable PermissionBasedAuthorization decode(JsonObject json) throws IllegalArgumentException { 42 | Objects.requireNonNull(json); 43 | 44 | PermissionBasedAuthorization result = PermissionBasedAuthorization.create(json.getString(FIELD_PERMISSION)); 45 | if (json.getString(FIELD_RESOURCE) != null) { 46 | result.setResource(json.getString(FIELD_RESOURCE)); 47 | } 48 | return result; 49 | } 50 | } 51 | -------------------------------------------------------------------------------- /vertx-auth-webauthn4j/src/main/java/io/vertx/ext/auth/webauthn4j/RelyingParty.java: -------------------------------------------------------------------------------- 1 | /* 2 | * Copyright 2019 Red Hat, Inc. 3 | * 4 | * All rights reserved. This program and the accompanying materials 5 | * are made available under the terms of the Eclipse Public License v1.0 6 | * and Apache License v2.0 which accompanies this distribution. 7 | * 8 | * The Eclipse Public License is available at 9 | * http://www.eclipse.org/legal/epl-v10.html 10 | * 11 | * The Apache License v2.0 is available at 12 | * http://www.opensource.org/licenses/apache2.0.php 13 | * 14 | * You may elect to redistribute this code under either of these licenses. 15 | */ 16 | package io.vertx.ext.auth.webauthn4j; 17 | 18 | import io.vertx.codegen.annotations.DataObject; 19 | import io.vertx.codegen.json.annotations.JsonGen; 20 | import io.vertx.core.json.JsonObject; 21 | 22 | /** 23 | * Data object representing a Relying party (your server) 24 | * 25 | * @author Paulo Lopes 26 | */ 27 | @DataObject 28 | @JsonGen(publicConverter = false) 29 | public class RelyingParty { 30 | 31 | /** 32 | * The id (or domain name of your server) 33 | */ 34 | private String id; 35 | 36 | /** 37 | * A user friendly name for your server 38 | */ 39 | private String name; 40 | 41 | public RelyingParty() { 42 | } 43 | 44 | public RelyingParty(JsonObject json) { 45 | RelyingPartyConverter.fromJson(json, this); 46 | } 47 | 48 | public RelyingParty(RelyingParty other) { 49 | this.id = other.id; 50 | this.name = other.name; 51 | } 52 | 53 | public String getId() { 54 | return id; 55 | } 56 | 57 | public RelyingParty setId(String id) { 58 | this.id = id; 59 | return this; 60 | } 61 | 62 | public String getName() { 63 | return name; 64 | } 65 | 66 | public RelyingParty setName(String name) { 67 | this.name = name; 68 | return this; 69 | } 70 | 71 | @Override 72 | public String toString() { 73 | return toJson().encode(); 74 | } 75 | 76 | public JsonObject toJson() { 77 | JsonObject json = new JsonObject(); 78 | RelyingPartyConverter.toJson(this, json); 79 | return json; 80 | } 81 | } 82 | -------------------------------------------------------------------------------- /.github/maven-cd-settings.xml: -------------------------------------------------------------------------------- 1 | 16 | 17 | 18 | 19 | false 20 | 21 | 22 | 23 | vertx-snapshots-repository 24 | ${env.VERTX_NEXUS_USERNAME} 25 | ${env.VERTX_NEXUS_PASSWORD} 26 | 27 | 28 | 29 | 30 | 31 | google-mirror 32 | 33 | true 34 | 35 | 36 | 37 | google-maven-central 38 | GCS Maven Central mirror EU 39 | https://maven-central.storage-download.googleapis.com/maven2/ 40 | 41 | true 42 | 43 | 44 | false 45 | 46 | 47 | 48 | 49 | 50 | google-maven-central 51 | GCS Maven Central mirror 52 | https://maven-central.storage-download.googleapis.com/maven2/ 53 | 54 | true 55 | 56 | 57 | false 58 | 59 | 60 | 61 | 62 | 63 | 64 | -------------------------------------------------------------------------------- /vertx-auth-common/src/main/java/io/vertx/ext/auth/authorization/impl/WildcardPermissionBasedAuthorizationConverter.java: -------------------------------------------------------------------------------- 1 | /******************************************************************************** 2 | * Copyright (c) 2019 Stephane Bastian 3 | * 4 | * This program and the accompanying materials are made available under the 2 5 | * terms of the Eclipse Public License 2.0 which is available at 6 | * http://www.eclipse.org/legal/epl-2.0. 7 | * 8 | * SPDX-License-Identifier: EPL-2.0 3 9 | * 10 | * Contributors: 4 11 | * Stephane Bastian - initial API and implementation 12 | ********************************************************************************/ 13 | package io.vertx.ext.auth.authorization.impl; 14 | 15 | import io.vertx.codegen.annotations.Nullable; 16 | import io.vertx.core.json.JsonObject; 17 | import io.vertx.ext.auth.authorization.WildcardPermissionBasedAuthorization; 18 | 19 | import java.util.Objects; 20 | 21 | import static io.vertx.ext.auth.authorization.impl.AuthorizationConverter.FIELD_TYPE; 22 | 23 | public class WildcardPermissionBasedAuthorizationConverter { 24 | 25 | public final static String TYPE = "wildcard"; 26 | private final static String FIELD_PERMISSION = "permission"; 27 | private final static String FIELD_RESOURCE = "resource"; 28 | 29 | public static JsonObject encode(WildcardPermissionBasedAuthorization value) throws IllegalArgumentException { 30 | Objects.requireNonNull(value); 31 | 32 | JsonObject result = new JsonObject(); 33 | result.put(FIELD_TYPE, TYPE); 34 | result.put(FIELD_PERMISSION, value.getPermission()); 35 | if (value.getResource() != null) { 36 | result.put(FIELD_RESOURCE, value.getResource()); 37 | } 38 | return result; 39 | } 40 | 41 | public static @Nullable WildcardPermissionBasedAuthorization decode(JsonObject json) throws IllegalArgumentException { 42 | Objects.requireNonNull(json); 43 | 44 | WildcardPermissionBasedAuthorization result = 45 | WildcardPermissionBasedAuthorization.create(json.getString(FIELD_PERMISSION)); 46 | 47 | if (json.getString(FIELD_RESOURCE) != null) { 48 | result.setResource(json.getString(FIELD_RESOURCE)); 49 | } 50 | return result; 51 | } 52 | } 53 | -------------------------------------------------------------------------------- /vertx-auth-common/src/main/java/io/vertx/ext/auth/authorization/impl/NotAuthorizationImpl.java: -------------------------------------------------------------------------------- 1 | /******************************************************************************** 2 | * Copyright (c) 2019 Stephane Bastian 3 | * 4 | * This program and the accompanying materials are made available under the 2 5 | * terms of the Eclipse Public License 2.0 which is available at 6 | * http://www.eclipse.org/legal/epl-2.0. 7 | * 8 | * SPDX-License-Identifier: EPL-2.0 3 9 | * 10 | * Contributors: 4 11 | * Stephane Bastian - initial API and implementation 12 | ********************************************************************************/ 13 | package io.vertx.ext.auth.authorization.impl; 14 | 15 | import io.vertx.ext.auth.authorization.Authorization; 16 | import io.vertx.ext.auth.authorization.AuthorizationContext; 17 | import io.vertx.ext.auth.authorization.NotAuthorization; 18 | 19 | import java.util.Objects; 20 | 21 | public class NotAuthorizationImpl implements NotAuthorization { 22 | 23 | private Authorization authorization; 24 | 25 | public NotAuthorizationImpl() { 26 | } 27 | 28 | public NotAuthorizationImpl(Authorization authorization) { 29 | this.authorization = Objects.requireNonNull(authorization); 30 | } 31 | 32 | @Override 33 | public boolean equals(Object obj) { 34 | if (this == obj) 35 | return true; 36 | if (!(obj instanceof NotAuthorizationImpl)) 37 | return false; 38 | NotAuthorizationImpl other = (NotAuthorizationImpl) obj; 39 | return Objects.equals(authorization, other.authorization); 40 | } 41 | 42 | @Override 43 | public Authorization getAuthorization() { 44 | return authorization; 45 | } 46 | 47 | @Override 48 | public int hashCode() { 49 | return Objects.hash(authorization); 50 | } 51 | 52 | @Override 53 | public boolean match(AuthorizationContext context) { 54 | Objects.requireNonNull(context); 55 | 56 | return !this.authorization.match(context); 57 | } 58 | 59 | @Override 60 | public boolean verify(Authorization authorization) { 61 | return this.equals(authorization); 62 | } 63 | 64 | @Override 65 | public String toString() { 66 | return "NOT(" + authorization.toString() + ")"; 67 | } 68 | } 69 | --------------------------------------------------------------------------------