feat:support auth. (#1459)
parent
68bc49cd99
commit
3126743eee
@ -0,0 +1,106 @@
|
||||
<?xml version="1.0" encoding="UTF-8"?>
|
||||
<project xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
|
||||
xmlns="http://maven.apache.org/POM/4.0.0"
|
||||
xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
|
||||
<parent>
|
||||
<artifactId>spring-cloud-tencent</artifactId>
|
||||
<groupId>com.tencent.cloud</groupId>
|
||||
<version>${revision}</version>
|
||||
<relativePath>../pom.xml</relativePath>
|
||||
</parent>
|
||||
<modelVersion>4.0.0</modelVersion>
|
||||
<artifactId>spring-cloud-starter-tencent-polaris-auth</artifactId>
|
||||
<name>Spring Cloud Starter Tencent Polaris Auth</name>
|
||||
|
||||
<dependencies>
|
||||
<!-- Spring Cloud Tencent dependencies start -->
|
||||
<dependency>
|
||||
<groupId>com.tencent.cloud</groupId>
|
||||
<artifactId>spring-cloud-tencent-rpc-enhancement</artifactId>
|
||||
</dependency>
|
||||
|
||||
<dependency>
|
||||
<groupId>com.tencent.cloud</groupId>
|
||||
<artifactId>spring-cloud-starter-tencent-metadata-transfer</artifactId>
|
||||
</dependency>
|
||||
<!-- Spring Cloud Tencent dependencies end -->
|
||||
|
||||
<!-- Polaris dependencies start -->
|
||||
<dependency>
|
||||
<groupId>com.tencent.polaris</groupId>
|
||||
<artifactId>polaris-auth-factory</artifactId>
|
||||
</dependency>
|
||||
|
||||
<dependency>
|
||||
<groupId>com.tencent.polaris</groupId>
|
||||
<artifactId>auth-block-allow-list</artifactId>
|
||||
</dependency>
|
||||
|
||||
<dependency>
|
||||
<groupId>com.tencent.polaris</groupId>
|
||||
<artifactId>polaris-test-common</artifactId>
|
||||
<scope>test</scope>
|
||||
</dependency>
|
||||
|
||||
<dependency>
|
||||
<groupId>com.tencent.polaris</groupId>
|
||||
<artifactId>polaris-test-mock-discovery</artifactId>
|
||||
<scope>test</scope>
|
||||
<exclusions>
|
||||
<exclusion>
|
||||
<groupId>junit</groupId>
|
||||
<artifactId>junit</artifactId>
|
||||
</exclusion>
|
||||
</exclusions>
|
||||
</dependency>
|
||||
<!-- Polaris dependencies end -->
|
||||
|
||||
<dependency>
|
||||
<groupId>org.springframework.boot</groupId>
|
||||
<artifactId>spring-boot-starter-web</artifactId>
|
||||
<optional>true</optional>
|
||||
</dependency>
|
||||
|
||||
<dependency>
|
||||
<groupId>org.springframework.boot</groupId>
|
||||
<artifactId>spring-boot-starter-webflux</artifactId>
|
||||
<optional>true</optional>
|
||||
</dependency>
|
||||
|
||||
<dependency>
|
||||
<groupId>org.springframework.boot</groupId>
|
||||
<artifactId>spring-boot-starter-test</artifactId>
|
||||
<scope>test</scope>
|
||||
</dependency>
|
||||
|
||||
<dependency>
|
||||
<groupId>org.springframework.boot</groupId>
|
||||
<artifactId>spring-boot-actuator</artifactId>
|
||||
<optional>true</optional>
|
||||
</dependency>
|
||||
|
||||
<dependency>
|
||||
<groupId>org.springframework.boot</groupId>
|
||||
<artifactId>spring-boot-actuator-autoconfigure</artifactId>
|
||||
<optional>true</optional>
|
||||
</dependency>
|
||||
|
||||
<dependency>
|
||||
<groupId>org.mockito</groupId>
|
||||
<artifactId>mockito-inline</artifactId>
|
||||
<scope>test</scope>
|
||||
</dependency>
|
||||
|
||||
<dependency>
|
||||
<groupId>org.mockito</groupId>
|
||||
<artifactId>mockito-core</artifactId>
|
||||
<scope>test</scope>
|
||||
</dependency>
|
||||
|
||||
<dependency>
|
||||
<groupId>net.bytebuddy</groupId>
|
||||
<artifactId>byte-buddy</artifactId>
|
||||
<scope>test</scope>
|
||||
</dependency>
|
||||
</dependencies>
|
||||
</project>
|
@ -0,0 +1,46 @@
|
||||
/*
|
||||
* Tencent is pleased to support the open source community by making Spring Cloud Tencent available.
|
||||
*
|
||||
* Copyright (C) 2019 THL A29 Limited, a Tencent company. All rights reserved.
|
||||
*
|
||||
* Licensed under the BSD 3-Clause License (the "License");
|
||||
* you may not use this file except in compliance with the License.
|
||||
* You may obtain a copy of the License at
|
||||
*
|
||||
* https://opensource.org/licenses/BSD-3-Clause
|
||||
*
|
||||
* Unless required by applicable law or agreed to in writing, software distributed
|
||||
* under the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR
|
||||
* CONDITIONS OF ANY KIND, either express or implied. See the License for the
|
||||
* specific language governing permissions and limitations under the License.
|
||||
*/
|
||||
|
||||
package com.tencent.cloud.polaris.auth.config;
|
||||
|
||||
import com.tencent.cloud.common.constant.OrderConstant;
|
||||
import com.tencent.cloud.polaris.context.PolarisConfigModifier;
|
||||
import com.tencent.polaris.factory.config.ConfigurationImpl;
|
||||
|
||||
/**
|
||||
* Config modifier for auth.
|
||||
*
|
||||
* @author Haotian Zhang
|
||||
*/
|
||||
public class AuthConfigModifier implements PolarisConfigModifier {
|
||||
|
||||
private final PolarisAuthProperties polarisAuthProperties;
|
||||
|
||||
public AuthConfigModifier(PolarisAuthProperties polarisAuthProperties) {
|
||||
this.polarisAuthProperties = polarisAuthProperties;
|
||||
}
|
||||
|
||||
@Override
|
||||
public void modify(ConfigurationImpl configuration) {
|
||||
configuration.getProvider().getAuth().setEnable(polarisAuthProperties.isEnabled());
|
||||
}
|
||||
|
||||
@Override
|
||||
public int getOrder() {
|
||||
return OrderConstant.Modifier.AUTH_ORDER;
|
||||
}
|
||||
}
|
@ -0,0 +1,86 @@
|
||||
/*
|
||||
* Tencent is pleased to support the open source community by making Spring Cloud Tencent available.
|
||||
*
|
||||
* Copyright (C) 2019 THL A29 Limited, a Tencent company. All rights reserved.
|
||||
*
|
||||
* Licensed under the BSD 3-Clause License (the "License");
|
||||
* you may not use this file except in compliance with the License.
|
||||
* You may obtain a copy of the License at
|
||||
*
|
||||
* https://opensource.org/licenses/BSD-3-Clause
|
||||
*
|
||||
* Unless required by applicable law or agreed to in writing, software distributed
|
||||
* under the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR
|
||||
* CONDITIONS OF ANY KIND, either express or implied. See the License for the
|
||||
* specific language governing permissions and limitations under the License.
|
||||
*/
|
||||
|
||||
package com.tencent.cloud.polaris.auth.config;
|
||||
|
||||
import com.tencent.cloud.common.constant.OrderConstant;
|
||||
import com.tencent.cloud.polaris.auth.filter.AuthReactiveFilter;
|
||||
import com.tencent.cloud.polaris.auth.filter.AuthServletFilter;
|
||||
import com.tencent.cloud.polaris.context.PolarisSDKContextManager;
|
||||
import com.tencent.cloud.polaris.context.config.PolarisContextAutoConfiguration;
|
||||
|
||||
import org.springframework.boot.autoconfigure.AutoConfigureAfter;
|
||||
import org.springframework.boot.autoconfigure.condition.ConditionalOnMissingBean;
|
||||
import org.springframework.boot.autoconfigure.condition.ConditionalOnWebApplication;
|
||||
import org.springframework.boot.web.servlet.FilterRegistrationBean;
|
||||
import org.springframework.context.annotation.Bean;
|
||||
import org.springframework.context.annotation.Configuration;
|
||||
|
||||
import static com.tencent.cloud.polaris.auth.filter.AuthServletFilter.AUTH_FILTER_BEAN_NAME;
|
||||
import static jakarta.servlet.DispatcherType.ASYNC;
|
||||
import static jakarta.servlet.DispatcherType.ERROR;
|
||||
import static jakarta.servlet.DispatcherType.FORWARD;
|
||||
import static jakarta.servlet.DispatcherType.INCLUDE;
|
||||
import static jakarta.servlet.DispatcherType.REQUEST;
|
||||
|
||||
/**
|
||||
* Auto configuration for auth.
|
||||
*
|
||||
* @author Haotian Zhang
|
||||
*/
|
||||
@Configuration(proxyBeanMethods = false)
|
||||
@AutoConfigureAfter(PolarisContextAutoConfiguration.class)
|
||||
public class PolarisAuthAutoConfiguration {
|
||||
|
||||
/**
|
||||
* Create when web application type is SERVLET.
|
||||
*/
|
||||
@Configuration(proxyBeanMethods = false)
|
||||
@ConditionalOnWebApplication(type = ConditionalOnWebApplication.Type.SERVLET)
|
||||
protected static class AuthServletFilterConfig {
|
||||
|
||||
@Bean
|
||||
@ConditionalOnMissingBean
|
||||
public AuthServletFilter authServletFilter(PolarisSDKContextManager polarisSDKContextManager) {
|
||||
return new AuthServletFilter(polarisSDKContextManager.getAuthAPI());
|
||||
}
|
||||
|
||||
@Bean
|
||||
public FilterRegistrationBean<AuthServletFilter> authFilterRegistrationBean(
|
||||
AuthServletFilter authServletFilter) {
|
||||
FilterRegistrationBean<AuthServletFilter> registrationBean = new FilterRegistrationBean<>(
|
||||
authServletFilter);
|
||||
registrationBean.setDispatcherTypes(ASYNC, ERROR, FORWARD, INCLUDE, REQUEST);
|
||||
registrationBean.setName(AUTH_FILTER_BEAN_NAME);
|
||||
registrationBean.setOrder(OrderConstant.Server.Servlet.AUTH_FILTER_ORDER);
|
||||
return registrationBean;
|
||||
}
|
||||
}
|
||||
|
||||
/**
|
||||
* Create when web application type is REACTIVE.
|
||||
*/
|
||||
@Configuration(proxyBeanMethods = false)
|
||||
@ConditionalOnWebApplication(type = ConditionalOnWebApplication.Type.REACTIVE)
|
||||
protected static class AuthReactiveFilterConfig {
|
||||
|
||||
@Bean
|
||||
public AuthReactiveFilter authReactiveFilter(PolarisSDKContextManager polarisSDKContextManager) {
|
||||
return new AuthReactiveFilter(polarisSDKContextManager.getAuthAPI());
|
||||
}
|
||||
}
|
||||
}
|
@ -0,0 +1,40 @@
|
||||
/*
|
||||
* Tencent is pleased to support the open source community by making Spring Cloud Tencent available.
|
||||
*
|
||||
* Copyright (C) 2019 THL A29 Limited, a Tencent company. All rights reserved.
|
||||
*
|
||||
* Licensed under the BSD 3-Clause License (the "License");
|
||||
* you may not use this file except in compliance with the License.
|
||||
* You may obtain a copy of the License at
|
||||
*
|
||||
* https://opensource.org/licenses/BSD-3-Clause
|
||||
*
|
||||
* Unless required by applicable law or agreed to in writing, software distributed
|
||||
* under the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR
|
||||
* CONDITIONS OF ANY KIND, either express or implied. See the License for the
|
||||
* specific language governing permissions and limitations under the License.
|
||||
*
|
||||
*/
|
||||
|
||||
package com.tencent.cloud.polaris.auth.config;
|
||||
|
||||
import org.springframework.boot.context.properties.ConfigurationProperties;
|
||||
|
||||
/**
|
||||
* The properties for auth.
|
||||
*
|
||||
* @author Haotian Zhang
|
||||
*/
|
||||
@ConfigurationProperties("spring.cloud.polaris.auth")
|
||||
public class PolarisAuthProperties {
|
||||
|
||||
private boolean enabled = true;
|
||||
|
||||
public boolean isEnabled() {
|
||||
return enabled;
|
||||
}
|
||||
|
||||
public void setEnabled(boolean enabled) {
|
||||
this.enabled = enabled;
|
||||
}
|
||||
}
|
@ -0,0 +1,39 @@
|
||||
/*
|
||||
* Tencent is pleased to support the open source community by making Spring Cloud Tencent available.
|
||||
*
|
||||
* Copyright (C) 2019 THL A29 Limited, a Tencent company. All rights reserved.
|
||||
*
|
||||
* Licensed under the BSD 3-Clause License (the "License");
|
||||
* you may not use this file except in compliance with the License.
|
||||
* You may obtain a copy of the License at
|
||||
*
|
||||
* https://opensource.org/licenses/BSD-3-Clause
|
||||
*
|
||||
* Unless required by applicable law or agreed to in writing, software distributed
|
||||
* under the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR
|
||||
* CONDITIONS OF ANY KIND, either express or implied. See the License for the
|
||||
* specific language governing permissions and limitations under the License.
|
||||
*/
|
||||
|
||||
package com.tencent.cloud.polaris.auth.config;
|
||||
|
||||
import org.springframework.boot.autoconfigure.condition.ConditionalOnMissingBean;
|
||||
import org.springframework.boot.context.properties.EnableConfigurationProperties;
|
||||
import org.springframework.context.annotation.Bean;
|
||||
import org.springframework.context.annotation.Configuration;
|
||||
|
||||
/**
|
||||
* Properties auto configuration of auth.
|
||||
*
|
||||
* @author Haotian Zhang
|
||||
*/
|
||||
@Configuration(proxyBeanMethods = false)
|
||||
@EnableConfigurationProperties(PolarisAuthProperties.class)
|
||||
public class PolarisAuthPropertiesAutoConfiguration {
|
||||
|
||||
@Bean
|
||||
@ConditionalOnMissingBean
|
||||
public AuthConfigModifier authConfigModifier(PolarisAuthProperties polarisAuthProperties) {
|
||||
return new AuthConfigModifier(polarisAuthProperties);
|
||||
}
|
||||
}
|
@ -0,0 +1,34 @@
|
||||
/*
|
||||
* Tencent is pleased to support the open source community by making Spring Cloud Tencent available.
|
||||
*
|
||||
* Copyright (C) 2019 THL A29 Limited, a Tencent company. All rights reserved.
|
||||
*
|
||||
* Licensed under the BSD 3-Clause License (the "License");
|
||||
* you may not use this file except in compliance with the License.
|
||||
* You may obtain a copy of the License at
|
||||
*
|
||||
* https://opensource.org/licenses/BSD-3-Clause
|
||||
*
|
||||
* Unless required by applicable law or agreed to in writing, software distributed
|
||||
* under the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR
|
||||
* CONDITIONS OF ANY KIND, either express or implied. See the License for the
|
||||
* specific language governing permissions and limitations under the License.
|
||||
*/
|
||||
|
||||
package com.tencent.cloud.polaris.auth.config;
|
||||
|
||||
import org.springframework.boot.autoconfigure.condition.ConditionalOnProperty;
|
||||
import org.springframework.context.annotation.Configuration;
|
||||
import org.springframework.context.annotation.Import;
|
||||
|
||||
/**
|
||||
* Autoconfiguration of auth at bootstrap phase.
|
||||
*
|
||||
* @author Haotian Zhang
|
||||
*/
|
||||
@Configuration(proxyBeanMethods = false)
|
||||
@ConditionalOnProperty("spring.cloud.polaris.enabled")
|
||||
@Import(PolarisAuthPropertiesAutoConfiguration.class)
|
||||
public class PolarisAuthPropertiesBootstrapConfiguration {
|
||||
|
||||
}
|
@ -0,0 +1,70 @@
|
||||
/*
|
||||
* Tencent is pleased to support the open source community by making Spring Cloud Tencent available.
|
||||
*
|
||||
* Copyright (C) 2019 THL A29 Limited, a Tencent company. All rights reserved.
|
||||
*
|
||||
* Licensed under the BSD 3-Clause License (the "License");
|
||||
* you may not use this file except in compliance with the License.
|
||||
* You may obtain a copy of the License at
|
||||
*
|
||||
* https://opensource.org/licenses/BSD-3-Clause
|
||||
*
|
||||
* Unless required by applicable law or agreed to in writing, software distributed
|
||||
* under the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR
|
||||
* CONDITIONS OF ANY KIND, either express or implied. See the License for the
|
||||
* specific language governing permissions and limitations under the License.
|
||||
*/
|
||||
|
||||
package com.tencent.cloud.polaris.auth.filter;
|
||||
|
||||
import com.tencent.cloud.common.constant.OrderConstant;
|
||||
import com.tencent.cloud.common.metadata.MetadataContext;
|
||||
import com.tencent.cloud.polaris.auth.utils.AuthenticateUtils;
|
||||
import com.tencent.polaris.api.plugin.auth.AuthResult;
|
||||
import com.tencent.polaris.auth.api.core.AuthAPI;
|
||||
import com.tencent.polaris.auth.api.rpc.AuthResponse;
|
||||
import reactor.core.publisher.Mono;
|
||||
|
||||
import org.springframework.core.Ordered;
|
||||
import org.springframework.core.io.buffer.DataBuffer;
|
||||
import org.springframework.http.HttpStatus;
|
||||
import org.springframework.http.server.reactive.ServerHttpResponse;
|
||||
import org.springframework.web.server.ServerWebExchange;
|
||||
import org.springframework.web.server.WebFilter;
|
||||
import org.springframework.web.server.WebFilterChain;
|
||||
|
||||
import static org.springframework.core.io.buffer.DefaultDataBufferFactory.DEFAULT_INITIAL_CAPACITY;
|
||||
|
||||
/**
|
||||
* Reactive filter to authenticate.
|
||||
*
|
||||
* @author Haotian Zhang
|
||||
*/
|
||||
public class AuthReactiveFilter implements WebFilter, Ordered {
|
||||
|
||||
private final AuthAPI authAPI;
|
||||
|
||||
public AuthReactiveFilter(AuthAPI authAPI) {
|
||||
this.authAPI = authAPI;
|
||||
}
|
||||
|
||||
@Override
|
||||
public int getOrder() {
|
||||
return OrderConstant.Server.Reactive.AUTH_FILTER_ORDER;
|
||||
}
|
||||
|
||||
@Override
|
||||
public Mono<Void> filter(ServerWebExchange exchange, WebFilterChain chain) {
|
||||
AuthResponse authResponse = AuthenticateUtils.authenticate(authAPI, MetadataContext.LOCAL_NAMESPACE,
|
||||
MetadataContext.LOCAL_SERVICE, exchange.getRequest().getURI().getPath(), "HTTP",
|
||||
exchange.getRequest().getMethod().name());
|
||||
if (authResponse != null && authResponse.getAuthResult().getCode()
|
||||
.equals(AuthResult.Code.AuthResultForbidden)) {
|
||||
ServerHttpResponse response = exchange.getResponse();
|
||||
response.setRawStatusCode(HttpStatus.FORBIDDEN.value());
|
||||
DataBuffer dataBuffer = response.bufferFactory().allocateBuffer(DEFAULT_INITIAL_CAPACITY);
|
||||
return response.writeWith(Mono.just(dataBuffer));
|
||||
}
|
||||
return chain.filter(exchange);
|
||||
}
|
||||
}
|
@ -0,0 +1,67 @@
|
||||
/*
|
||||
* Tencent is pleased to support the open source community by making Spring Cloud Tencent available.
|
||||
*
|
||||
* Copyright (C) 2019 THL A29 Limited, a Tencent company. All rights reserved.
|
||||
*
|
||||
* Licensed under the BSD 3-Clause License (the "License");
|
||||
* you may not use this file except in compliance with the License.
|
||||
* You may obtain a copy of the License at
|
||||
*
|
||||
* https://opensource.org/licenses/BSD-3-Clause
|
||||
*
|
||||
* Unless required by applicable law or agreed to in writing, software distributed
|
||||
* under the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR
|
||||
* CONDITIONS OF ANY KIND, either express or implied. See the License for the
|
||||
* specific language governing permissions and limitations under the License.
|
||||
*/
|
||||
|
||||
package com.tencent.cloud.polaris.auth.filter;
|
||||
|
||||
import java.io.IOException;
|
||||
|
||||
import com.tencent.cloud.common.constant.OrderConstant;
|
||||
import com.tencent.cloud.common.metadata.MetadataContext;
|
||||
import com.tencent.cloud.polaris.auth.utils.AuthenticateUtils;
|
||||
import com.tencent.polaris.api.plugin.auth.AuthResult;
|
||||
import com.tencent.polaris.auth.api.core.AuthAPI;
|
||||
import com.tencent.polaris.auth.api.rpc.AuthResponse;
|
||||
import jakarta.servlet.FilterChain;
|
||||
import jakarta.servlet.ServletException;
|
||||
import jakarta.servlet.http.HttpServletRequest;
|
||||
import jakarta.servlet.http.HttpServletResponse;
|
||||
|
||||
import org.springframework.core.annotation.Order;
|
||||
import org.springframework.http.HttpStatus;
|
||||
import org.springframework.web.filter.OncePerRequestFilter;
|
||||
|
||||
/**
|
||||
* Servlet filter to authenticate.
|
||||
*
|
||||
* @author Haotian Zhang
|
||||
*/
|
||||
@Order(OrderConstant.Server.Servlet.AUTH_FILTER_ORDER)
|
||||
public class AuthServletFilter extends OncePerRequestFilter {
|
||||
|
||||
/**
|
||||
* Default Filter Registration Bean Name Defined .
|
||||
*/
|
||||
public static final String AUTH_FILTER_BEAN_NAME = "authFilterRegistrationBean";
|
||||
|
||||
private final AuthAPI authAPI;
|
||||
|
||||
public AuthServletFilter(AuthAPI authAPI) {
|
||||
this.authAPI = authAPI;
|
||||
}
|
||||
|
||||
@Override
|
||||
protected void doFilterInternal(HttpServletRequest request, HttpServletResponse response, FilterChain filterChain) throws ServletException, IOException {
|
||||
AuthResponse authResponse = AuthenticateUtils.authenticate(authAPI, MetadataContext.LOCAL_NAMESPACE,
|
||||
MetadataContext.LOCAL_SERVICE, request.getRequestURI(), "HTTP", request.getMethod());
|
||||
if (authResponse != null && authResponse.getAuthResult().getCode()
|
||||
.equals(AuthResult.Code.AuthResultForbidden)) {
|
||||
response.setStatus(HttpStatus.FORBIDDEN.value());
|
||||
return;
|
||||
}
|
||||
filterChain.doFilter(request, response);
|
||||
}
|
||||
}
|
@ -0,0 +1,53 @@
|
||||
/*
|
||||
* Tencent is pleased to support the open source community by making Spring Cloud Tencent available.
|
||||
*
|
||||
* Copyright (C) 2019 THL A29 Limited, a Tencent company. All rights reserved.
|
||||
*
|
||||
* Licensed under the BSD 3-Clause License (the "License");
|
||||
* you may not use this file except in compliance with the License.
|
||||
* You may obtain a copy of the License at
|
||||
*
|
||||
* https://opensource.org/licenses/BSD-3-Clause
|
||||
*
|
||||
* Unless required by applicable law or agreed to in writing, software distributed
|
||||
* under the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR
|
||||
* CONDITIONS OF ANY KIND, either express or implied. See the License for the
|
||||
* specific language governing permissions and limitations under the License.
|
||||
*/
|
||||
|
||||
package com.tencent.cloud.polaris.auth.utils;
|
||||
|
||||
import com.tencent.cloud.common.metadata.MetadataContextHolder;
|
||||
import com.tencent.polaris.api.plugin.auth.AuthResult;
|
||||
import com.tencent.polaris.auth.api.core.AuthAPI;
|
||||
import com.tencent.polaris.auth.api.rpc.AuthRequest;
|
||||
import com.tencent.polaris.auth.api.rpc.AuthResponse;
|
||||
import org.slf4j.Logger;
|
||||
import org.slf4j.LoggerFactory;
|
||||
|
||||
/**
|
||||
* Utils for authenticate.
|
||||
*
|
||||
* @author Haotian Zhang
|
||||
*/
|
||||
public final class AuthenticateUtils {
|
||||
|
||||
private static final Logger LOG = LoggerFactory.getLogger(AuthenticateUtils.class);
|
||||
|
||||
private AuthenticateUtils() {
|
||||
|
||||
}
|
||||
|
||||
public static AuthResponse authenticate(AuthAPI authAPI, String namespace, String service, String path, String protocol, String method) {
|
||||
// build auth request
|
||||
AuthRequest authRequest = new AuthRequest(namespace, service, path, protocol, method, MetadataContextHolder.get());
|
||||
|
||||
try {
|
||||
return authAPI.authenticate(authRequest);
|
||||
}
|
||||
catch (Throwable throwable) {
|
||||
LOG.error("fail to invoke authenticate of AuthAPI with AuthRequest[{}].", authRequest, throwable);
|
||||
return new AuthResponse(new AuthResult(AuthResult.Code.AuthResultOk));
|
||||
}
|
||||
}
|
||||
}
|
@ -0,0 +1,10 @@
|
||||
{
|
||||
"properties": [
|
||||
{
|
||||
"name": "spring.cloud.polaris.auth.enabled",
|
||||
"type": "java.lang.Boolean",
|
||||
"defaultValue": true,
|
||||
"description": "Enable polaris auth or not."
|
||||
}
|
||||
]
|
||||
}
|
@ -0,0 +1,2 @@
|
||||
org.springframework.cloud.bootstrap.BootstrapConfiguration=\
|
||||
com.tencent.cloud.polaris.auth.config.PolarisAuthPropertiesBootstrapConfiguration
|
@ -0,0 +1,2 @@
|
||||
com.tencent.cloud.polaris.auth.config.PolarisAuthPropertiesAutoConfiguration
|
||||
com.tencent.cloud.polaris.auth.config.PolarisAuthAutoConfiguration
|
Loading…
Reference in new issue