All Downloads are FREE. Search and download functionalities are using the official Maven repository.

io.quarkus.security.runtime.X509IdentityProvider Maven / Gradle / Ivy

package io.quarkus.security.runtime;

import java.security.cert.X509Certificate;
import java.util.Set;
import java.util.function.Function;

import jakarta.inject.Singleton;

import io.quarkus.security.identity.AuthenticationRequestContext;
import io.quarkus.security.identity.IdentityProvider;
import io.quarkus.security.identity.SecurityIdentity;
import io.quarkus.security.identity.request.CertificateAuthenticationRequest;
import io.smallrye.mutiny.Uni;

@Singleton
public class X509IdentityProvider implements IdentityProvider {
    private static final String ROLES_MAPPER_ATTRIBUTE = "roles_mapper";

    @Override
    public Class getRequestType() {
        return CertificateAuthenticationRequest.class;
    }

    @Override
    public Uni authenticate(CertificateAuthenticationRequest request, AuthenticationRequestContext context) {
        X509Certificate certificate = request.getCertificate().getCertificate();
        return Uni.createFrom().item(QuarkusSecurityIdentity.builder()
                .setPrincipal(certificate.getSubjectX500Principal())
                .addCredential(request.getCertificate())
                .addRoles(extractRoles(certificate, request.getAttribute(ROLES_MAPPER_ATTRIBUTE)))
                .build());
    }

    private static Set extractRoles(X509Certificate certificate,
            Function> certificateToRoles) {
        return certificateToRoles == null ? Set.of() : certificateToRoles.apply(certificate);
    }
}




© 2015 - 2025 Weber Informatics LLC | Privacy Policy