fix: better role authorized (#41)
Release package / release (push) Failing after 2m18s

Co-authored-by: TakahashiNg <83152264+TakahashiNguyen@users.noreply.github.com>
Reviewed-on: #41
This commit was merged in pull request #41.
This commit is contained in:
2026-05-04 02:31:45 +00:00
parent c593d88103
commit 9711ea045e
20 changed files with 238 additions and 132 deletions
+4 -1
View File
@@ -24,7 +24,10 @@
<dependency>
<groupId>io.quarkus</groupId>
<artifactId>quarkus-security</artifactId>
<scope>provided</scope>
</dependency>
<dependency>
<groupId>io.quarkus</groupId>
<artifactId>quarkus-vertx-http</artifactId>
</dependency>
<dependency>
<groupId>com.fasterxml.jackson.core</groupId>
@@ -0,0 +1,40 @@
package com.drinkool.lib.utils;
import com.drinkool.InternalValue;
import io.quarkus.security.identity.IdentityProviderManager;
import io.quarkus.security.identity.SecurityIdentity;
import io.quarkus.security.runtime.QuarkusSecurityIdentity;
import io.quarkus.vertx.http.runtime.security.ChallengeData;
import io.quarkus.vertx.http.runtime.security.HttpAuthenticationMechanism;
import io.smallrye.mutiny.Uni;
import io.vertx.ext.web.RoutingContext;
public abstract class BaseHeaderAuthentication
implements HttpAuthenticationMechanism
{
@Override
public Uni<SecurityIdentity> authenticate(
RoutingContext context,
IdentityProviderManager identityProviderManager
) {
String role = context.request().getHeader(InternalValue.role);
String userId = context.request().getHeader(InternalValue.userId);
if (role != null && !role.isEmpty()) {
return Uni.createFrom().item(
QuarkusSecurityIdentity.builder()
.setPrincipal(() -> userId)
.addRole(role)
.build()
);
}
return Uni.createFrom().nullItem();
}
@Override
public Uni<ChallengeData> getChallenge(RoutingContext context) {
return Uni.createFrom().nullItem();
}
}
@@ -1,38 +0,0 @@
package com.drinkool.lib.utils;
import com.drinkool.InternalValue;
import io.quarkus.security.identity.AuthenticationRequestContext;
import io.quarkus.security.identity.IdentityProvider;
import io.quarkus.security.identity.SecurityIdentity;
import io.quarkus.security.identity.request.TrustedAuthenticationRequest;
import io.quarkus.security.runtime.QuarkusSecurityIdentity;
import io.smallrye.mutiny.Uni;
import io.vertx.core.http.HttpServerRequest;
import jakarta.enterprise.context.ApplicationScoped;
import jakarta.inject.Inject;
@ApplicationScoped
public class HeaderIdentityProvider
implements IdentityProvider<TrustedAuthenticationRequest>
{
@Inject
HttpServerRequest httpServerRequest;
@Override
public Class<TrustedAuthenticationRequest> getRequestType() {
return TrustedAuthenticationRequest.class;
}
@Override
public Uni<SecurityIdentity> authenticate(
TrustedAuthenticationRequest request,
AuthenticationRequestContext context
) {
String role = httpServerRequest.getHeader(InternalValue.role);
return Uni.createFrom().item(
QuarkusSecurityIdentity.builder().addRole(role).build()
);
}
}