View Javadoc

1   package com.atlassian.asap.core.server.filter;
2   
3   import com.atlassian.asap.api.server.http.RequestAuthenticator;
4   import com.atlassian.asap.core.server.AuthenticationContext;
5   import com.atlassian.asap.core.server.http.RequestAuthenticatorImpl;
6   import com.atlassian.asap.core.validator.JwtValidator;
7   import com.atlassian.asap.core.validator.JwtValidatorImpl;
8   
9   import javax.servlet.FilterConfig;
10  import java.util.Optional;
11  
12  /**
13   * Implements {@link AbstractRequestAuthenticationFilter} as a Java bean to make
14   * it easier to wire this filter using Spring.
15   */
16  public class RequestAuthenticationFilterBean extends AbstractRequestAuthenticationFilter {
17      private final Optional<RequestAuthenticator> requestAuthenticator;
18  
19      /**
20       * Using this constructor will try to automatically fetch your configuration from Spring.
21       * You must have defined a bean of type {@link AuthenticationContext}.
22       */
23      public RequestAuthenticationFilterBean() {
24          this.requestAuthenticator = Optional.empty();
25      }
26  
27      /**
28       * Using this constructor you must specify your own already configured RequestAuthenticator.
29       * Consider using one of the convenient {@link #createDefault} factory methods below.
30       */
31      public RequestAuthenticationFilterBean(RequestAuthenticator requestAuthenticator) {
32          this.requestAuthenticator = Optional.of(requestAuthenticator);
33      }
34  
35      /**
36       * A factory to instantiate the filter with minimal configuration.
37       *
38       * @param audience             the audience this filter will accept requests for
39       * @param publicKeyRepoBaseUrl the base URL of the public key repository
40       * @return a web filter
41       */
42      public static RequestAuthenticationFilterBean createDefault(String audience, String publicKeyRepoBaseUrl) {
43          AuthenticationContext authContext = new AuthenticationContext(audience, publicKeyRepoBaseUrl);
44          JwtValidator jwtValidator = JwtValidatorImpl.createDefault(authContext);
45          RequestAuthenticator requestAuthenticator = new RequestAuthenticatorImpl(jwtValidator);
46          return new RequestAuthenticationFilterBean(requestAuthenticator);
47      }
48  
49      @Override
50      protected RequestAuthenticator getRequestAuthenticator(final FilterConfig filterConfig) {
51          return requestAuthenticator.orElseGet(new SpringRequestAuthenticatorSupplier(filterConfig));
52      }
53  
54  }