• Home
• io.inverno.mod
• inverno-security-http
• 1.11.0
• source code
• HttpAuthenticationErrorInterceptor.java

×

Project download

Many resources are needed to download a project. Please understand that we have to compensate our server costs. Thank you in advance.
Project price only 1 $

You can buy this project and download/modify it how often you want.

io.inverno.mod.security.http.HttpAuthenticationErrorInterceptor Maven / Gradle / Ivy

/*
 * Copyright 2022 Jeremy Kuhn
 *
 * Licensed under the Apache License, Version 2.0 (the "License");
 * you may not use this file except in compliance with the License.
 * You may obtain a copy of the License at
 *
 *    http://www.apache.org/licenses/LICENSE-2.0
 *
 * Unless required by applicable law or agreed to in writing, software
 * distributed under the License is distributed on an "AS IS" BASIS,
 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 * See the License for the specific language governing permissions and
 * limitations under the License.
 */
package io.inverno.mod.security.http;

import io.inverno.mod.http.base.ExchangeContext;
import io.inverno.mod.http.base.HttpException;
import io.inverno.mod.http.base.Status;
import io.inverno.mod.http.base.header.Headers;
import io.inverno.mod.http.server.ErrorExchange;

/**
 * 

 * An authentication error interceptor that implements RFC 7235 HTTP authentication.
 * 
 * 
 * 

 * As per RFC 7235, this interceptor sends a challenge to the requester in the {@code www-authenticate} HTTP header on an {@code UNAUTHORIZED(401)} error.
 * 
 *
 * @author Jeremy Kuhn
 * @since 1.5
 * 
 * @param  the context type
 * @param  the error exchange type
 */
public abstract class HttpAuthenticationErrorInterceptor> extends AuthenticationErrorInterceptor {

	@Override
	protected void interceptUnauthorized(B exchange) throws HttpException {
		final String challenge;
		if(exchange.getError().getCause() != null && exchange.getError().getCause() instanceof io.inverno.mod.security.SecurityException) {
			challenge = this.createChallenge((io.inverno.mod.security.SecurityException)exchange.getError().getCause());
		}
		else {
			challenge = this.createChallenge(null);
		}
		
		exchange.response()
			.headers(headers -> headers
				.status(Status.UNAUTHORIZED)
				.add(Headers.NAME_WWW_AUTHENTICATE, challenge)
			)
			.body().empty();
	}
	
	/**
	 * 

	 * Creates the challenge to send to the requester.
	 * 
	 * 
	 * @param cause the cause of the error (can be null)
	 * 
	 * @return a challenge
	 */
	protected abstract String createChallenge(io.inverno.mod.security.SecurityException cause);
	
}