[BREAKGLASS] Dropwizard library for simple @Auth annotations that support multiple types
|
|
||
|---|---|---|
| src | ||
| .gitignore | ||
| LICENSE | ||
| pom.xml | ||
| README.md | ||
dropwizard-simpleauth
A Dropwizard library that lets you use simple @Auth annotations for authenticating multiple
types, without having to deal with @RolesAllowed style authorizations.
Install from maven central:
<dependency>
<groupId>org.whispersystems</groupId>
<artifactId>dropwizard-simpleauth</artifactId>
<version>${latest_version}</version>
</dependency>
The details
This library allows writing an authenticated Dropwizard resource to look like this:
@Path("/api/v1/mail")
public class MailResource {
@Timed
@POST
@Path("/{destination}/")
@Consumes(MediaType.APPLICATION_JSON_TYPE)
public void sendMessage(@Auth User sender,
@PathParam("destination") String destination,
@Valid Message message)
{
...
}
@Timed
@DELETE
@Path("/{messageId}/")
public void sendMessage(@Auth Admin admin,
@PathParam("messageId") long messageId)
{
...
}
}
No "authorization" tags like @AllowAll, @DenyAll, @RolesAllowed are used. Instead,
the @Auth tag allows you to authenticate multiple different "principal" types (in this example
both User and Admin), neither of which have to extend Principal.
Registering authenticators
To support authenticating multiple types, register multiple AuthFilters:
@Override
public void run(ExampleConfiguration configuration,
Environment environment)
{
environment.jersey().register(new AuthDynamicFeature(
new BasicCredentialAuthFilter.Builder<User>()
.setAuthenticator(new UserAuthenticator())
.setPrincipal(User.class)
.buildAuthFilter(),
new BasicCredentialAuthFilter.Builder<Admin>()
.setAuthenticator(new AdminAuthenticator())
.setPrincipal(Admin.class)
.buildAuthFilter()));
environment.jersey().register(new AuthValueFactoryProvider.Binder());
}
That's it!