• Home
• io.quarkus
• quarkus-security
• 3.16.2
• source code
• X509IdentityProvider.java

×

Project download

Many resources are needed to download a project. Please understand that we have to compensate our server costs. Thank you in advance.
Project price only 1 $

You can buy this project and download/modify it how often you want.

io.quarkus.security.runtime.X509IdentityProvider Maven / Gradle / Ivy

package io.quarkus.security.runtime;

import java.security.cert.X509Certificate;
import java.util.Set;
import java.util.function.Function;

import jakarta.inject.Singleton;

import io.quarkus.security.identity.AuthenticationRequestContext;
import io.quarkus.security.identity.IdentityProvider;
import io.quarkus.security.identity.SecurityIdentity;
import io.quarkus.security.identity.request.CertificateAuthenticationRequest;
import io.smallrye.mutiny.Uni;

@Singleton
public class X509IdentityProvider implements IdentityProvider {
    private static final String ROLES_MAPPER_ATTRIBUTE = "roles_mapper";

    @Override
    public Class getRequestType() {
        return CertificateAuthenticationRequest.class;
    }

    @Override
    public Uni authenticate(CertificateAuthenticationRequest request, AuthenticationRequestContext context) {
        X509Certificate certificate = request.getCertificate().getCertificate();
        return Uni.createFrom().item(QuarkusSecurityIdentity.builder()
                .setPrincipal(certificate.getSubjectX500Principal())
                .addCredential(request.getCertificate())
                .addRoles(extractRoles(certificate, request.getAttribute(ROLES_MAPPER_ATTRIBUTE)))
                .build());
    }

    private static Set extractRoles(X509Certificate certificate,
            Function> certificateToRoles) {
        return certificateToRoles == null ? Set.of() : certificateToRoles.apply(certificate);
    }
}