List of usage examples for org.springframework.boot.actuate.autoconfigure.cloudfoundry CloudFoundryAuthorizationException CloudFoundryAuthorizationException
public CloudFoundryAuthorizationException(Reason reason, String message)
From source file:org.springframework.boot.actuate.autoconfigure.cloudfoundry.CloudFoundrySecurityInterceptor.java
SecurityResponse preHandle(HttpServletRequest request, String endpointId) { if (CorsUtils.isPreFlightRequest(request)) { return SecurityResponse.success(); }//from w w w . j a v a 2 s . co m try { if (!StringUtils.hasText(this.applicationId)) { throw new CloudFoundryAuthorizationException( CloudFoundryAuthorizationException.Reason.SERVICE_UNAVAILABLE, "Application id is not available"); } if (this.cloudFoundrySecurityService == null) { throw new CloudFoundryAuthorizationException( CloudFoundryAuthorizationException.Reason.SERVICE_UNAVAILABLE, "Cloud controller URL is not available"); } if (HttpMethod.OPTIONS.matches(request.getMethod())) { return SUCCESS; } check(request, endpointId); } catch (Exception ex) { logger.error(ex); if (ex instanceof CloudFoundryAuthorizationException) { CloudFoundryAuthorizationException cfException = (CloudFoundryAuthorizationException) ex; return new SecurityResponse(cfException.getStatusCode(), "{\"security_error\":\"" + cfException.getMessage() + "\"}"); } return new SecurityResponse(HttpStatus.INTERNAL_SERVER_ERROR, ex.getMessage()); } return SecurityResponse.success(); }
From source file:org.springframework.boot.actuate.autoconfigure.cloudfoundry.CloudFoundrySecurityInterceptor.java
private void check(HttpServletRequest request, String path) throws Exception { Token token = getToken(request);//from ww w . j a v a 2s. co m this.tokenValidator.validate(token); AccessLevel accessLevel = this.cloudFoundrySecurityService.getAccessLevel(token.toString(), this.applicationId); if (!accessLevel.isAccessAllowed(path)) { throw new CloudFoundryAuthorizationException(CloudFoundryAuthorizationException.Reason.ACCESS_DENIED, "Access denied"); } accessLevel.put(request); }
From source file:org.springframework.boot.actuate.autoconfigure.cloudfoundry.CloudFoundrySecurityInterceptor.java
private Token getToken(HttpServletRequest request) { String authorization = request.getHeader("Authorization"); String bearerPrefix = "bearer "; if (authorization == null || !authorization.toLowerCase().startsWith(bearerPrefix)) { throw new CloudFoundryAuthorizationException( CloudFoundryAuthorizationException.Reason.MISSING_AUTHORIZATION, "Authorization header is missing or invalid"); }//w w w.j ava 2 s . co m return new Token(authorization.substring(bearerPrefix.length())); }
From source file:org.springframework.boot.actuate.autoconfigure.cloudfoundry.reactive.CloudFoundrySecurityInterceptor.java
Mono<SecurityResponse> preHandle(ServerWebExchange exchange, String endpointId) { ServerHttpRequest request = exchange.getRequest(); if (CorsUtils.isPreFlightRequest(request)) { return SUCCESS; }//from ww w . j av a 2 s .com if (!StringUtils.hasText(this.applicationId)) { return Mono.error(new CloudFoundryAuthorizationException(Reason.SERVICE_UNAVAILABLE, "Application id is not available")); } if (this.cloudFoundrySecurityService == null) { return Mono.error(new CloudFoundryAuthorizationException(Reason.SERVICE_UNAVAILABLE, "Cloud controller URL is not available")); } return check(exchange, endpointId).then(SUCCESS).doOnError(this::logError) .onErrorResume(this::getErrorResponse); }
From source file:org.springframework.boot.actuate.autoconfigure.cloudfoundry.reactive.CloudFoundrySecurityInterceptor.java
private Mono<Void> check(ServerWebExchange exchange, String path) { try {//from w ww . ja va 2s .com Token token = getToken(exchange.getRequest()); return this.tokenValidator.validate(token) .then(this.cloudFoundrySecurityService.getAccessLevel(token.toString(), this.applicationId)) .filter((accessLevel) -> accessLevel.isAccessAllowed(path)) .switchIfEmpty(Mono .error(new CloudFoundryAuthorizationException(Reason.ACCESS_DENIED, "Access denied"))) .doOnSuccess( (accessLevel) -> exchange.getAttributes().put("cloudFoundryAccessLevel", accessLevel)) .then(); } catch (CloudFoundryAuthorizationException ex) { return Mono.error(ex); } }
From source file:org.springframework.boot.actuate.autoconfigure.cloudfoundry.reactive.CloudFoundrySecurityInterceptor.java
private Token getToken(ServerHttpRequest request) { String authorization = request.getHeaders().getFirst("Authorization"); String bearerPrefix = "bearer "; if (authorization == null || !authorization.toLowerCase(Locale.ENGLISH).startsWith(bearerPrefix)) { throw new CloudFoundryAuthorizationException(Reason.MISSING_AUTHORIZATION, "Authorization header is missing or invalid"); }/*w ww . ja va 2s.co m*/ return new Token(authorization.substring(bearerPrefix.length())); }
From source file:org.springframework.boot.actuate.autoconfigure.cloudfoundry.reactive.ReactiveCloudFoundrySecurityInterceptor.java
private Token getToken(ServerHttpRequest request) { String authorization = request.getHeaders().getFirst("Authorization"); String bearerPrefix = "bearer "; if (authorization == null || !authorization.toLowerCase().startsWith(bearerPrefix)) { throw new CloudFoundryAuthorizationException(Reason.MISSING_AUTHORIZATION, "Authorization header is missing or invalid"); }/*from w w w . jav a2s. c om*/ return new Token(authorization.substring(bearerPrefix.length())); }
From source file:org.springframework.boot.actuate.autoconfigure.cloudfoundry.servlet.CloudFoundrySecurityInterceptor.java
SecurityResponse preHandle(HttpServletRequest request, String endpointId) { if (CorsUtils.isPreFlightRequest(request)) { return SecurityResponse.success(); }//from ww w .ja va 2 s . c o m try { if (!StringUtils.hasText(this.applicationId)) { throw new CloudFoundryAuthorizationException(Reason.SERVICE_UNAVAILABLE, "Application id is not available"); } if (this.cloudFoundrySecurityService == null) { throw new CloudFoundryAuthorizationException(Reason.SERVICE_UNAVAILABLE, "Cloud controller URL is not available"); } if (HttpMethod.OPTIONS.matches(request.getMethod())) { return SUCCESS; } check(request, endpointId); } catch (Exception ex) { logger.error(ex); if (ex instanceof CloudFoundryAuthorizationException) { CloudFoundryAuthorizationException cfException = (CloudFoundryAuthorizationException) ex; return new SecurityResponse(cfException.getStatusCode(), "{\"security_error\":\"" + cfException.getMessage() + "\"}"); } return new SecurityResponse(HttpStatus.INTERNAL_SERVER_ERROR, ex.getMessage()); } return SecurityResponse.success(); }
From source file:org.springframework.boot.actuate.autoconfigure.cloudfoundry.servlet.CloudFoundrySecurityInterceptor.java
private void check(HttpServletRequest request, String endpointId) throws Exception { Token token = getToken(request);/*from w w w . j a va2 s . co m*/ this.tokenValidator.validate(token); AccessLevel accessLevel = this.cloudFoundrySecurityService.getAccessLevel(token.toString(), this.applicationId); if (!accessLevel.isAccessAllowed(endpointId)) { throw new CloudFoundryAuthorizationException(Reason.ACCESS_DENIED, "Access denied"); } request.setAttribute(AccessLevel.REQUEST_ATTRIBUTE, accessLevel); }
From source file:org.springframework.boot.actuate.autoconfigure.cloudfoundry.servlet.CloudFoundrySecurityInterceptor.java
private Token getToken(HttpServletRequest request) { String authorization = request.getHeader("Authorization"); String bearerPrefix = "bearer "; if (authorization == null || !authorization.toLowerCase(Locale.ENGLISH).startsWith(bearerPrefix)) { throw new CloudFoundryAuthorizationException(Reason.MISSING_AUTHORIZATION, "Authorization header is missing or invalid"); }//from w w w . j av a2s . co m return new Token(authorization.substring(bearerPrefix.length())); }