All Downloads are FREE. Search and download functionalities are using the official Maven repository.

io.gravitee.gateway.handlers.api.security.PlanBasedAuthenticationHandlerEnhancer Maven / Gradle / Ivy

/*
 * Copyright © 2015 The Gravitee team (http://gravitee.io)
 *
 * Licensed under the Apache License, Version 2.0 (the "License");
 * you may not use this file except in compliance with the License.
 * You may obtain a copy of the License at
 *
 *     http://www.apache.org/licenses/LICENSE-2.0
 *
 * Unless required by applicable law or agreed to in writing, software
 * distributed under the License is distributed on an "AS IS" BASIS,
 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 * See the License for the specific language governing permissions and
 * limitations under the License.
 */
package io.gravitee.gateway.handlers.api.security;

import io.gravitee.definition.model.Api;
import io.gravitee.gateway.api.service.SubscriptionService;
import io.gravitee.gateway.security.core.AuthenticationHandler;
import io.gravitee.gateway.security.core.AuthenticationHandlerEnhancer;
import java.util.ArrayList;
import java.util.List;
import java.util.Optional;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/**
 * @author David BRASSELY (david.brassely at graviteesource.com)
 * @author GraviteeSource Team
 */
public class PlanBasedAuthenticationHandlerEnhancer implements AuthenticationHandlerEnhancer {

    private final Logger logger = LoggerFactory.getLogger(PlanBasedAuthenticationHandlerEnhancer.class);

    protected SubscriptionService subscriptionService;

    private final Api api;

    public PlanBasedAuthenticationHandlerEnhancer(Api api, SubscriptionService subscriptionService) {
        this.api = api;
        this.subscriptionService = subscriptionService;
    }

    @Override
    public List filter(List authenticationHandlers) {
        logger.debug("Filtering authentication handlers according to published API's plans");

        List providers = new ArrayList<>();

        // Look into all plans for required authentication providers.
        api
            .getPlans()
            .forEach(plan -> {
                Optional optionalProvider = authenticationHandlers
                    .stream()
                    .filter(provider -> provider.name().equalsIgnoreCase(plan.getSecurity()))
                    .findFirst();
                if (optionalProvider.isPresent()) {
                    AuthenticationHandler provider = optionalProvider.get();
                    logger.debug(
                        "Authentication handler [{}] is required by the plan [{}]. Installing...",
                        provider.name(),
                        plan.getName()
                    );

                    if ("api_key".equals(provider.name())) {
                        providers.add(new ApiKeyPlanBasedAuthenticationHandler(provider, plan, subscriptionService));
                    } else if ("jwt".equals(provider.name())) {
                        providers.add(new JwtPlanBasedAuthenticationHandler(provider, plan, subscriptionService));
                    } else {
                        providers.add(new DefaultPlanBasedAuthenticationHandler(provider, plan));
                    }
                }
            });

        if (!providers.isEmpty()) {
            logger.debug("{} requires the following authentication handlers:", api);
            providers.forEach(authenticationProvider -> logger.debug("\t* {}", authenticationProvider.name()));
        } else {
            logger.warn("No authentication handler is provided for {}", api);
        }

        return providers;
    }

    protected Api getApi() {
        return this.api;
    }
}




© 2015 - 2025 Weber Informatics LLC | Privacy Policy