@Deprecated public class Auth extends Object implements Jooby.Module
Authentication module via: pac4j.
ClientsWebContext as RequestScopedRoute.Filter per each registered ClientRoute.Filter {
get("/public", () -> ..);
use(new Auth());
get("/private", () -> ..);
}
Previous example adds a very basic but ready to use form login auth every time you try to access to /private or any route defined below the auth module.
pac4j is a powerful library that supports multiple clients and/or authentication protocols. In the next example, we will see how to configure the most basic of them, but also some complex protocols.
If basic auth is all you need, then:
{
use(new Auth().basic());
}
A IndirectBasicAuthClient depends on Authenticator, default is SimpleTestUsernamePasswordAuthenticator which is great for development, but nothing good for other environments. Next example setup a basic auth with a custom Authenticator:
{
use(new Auth().basic("*", MyUsernamePasswordAuthenticator.class));
}
Form authentication will be activated by calling form():
{
use(new Auth().form());
}
Form is the default authentication method so previous example is the same as:
{
use(new Auth());
}
Like basic auth, form auth depends on a Authenticator.
A login form will be ready under the path: /login. Again, it is a very basic login form useful for development. If you need a custom login page, just add a route before the Auth module, like:
{
get("/login", () -> Results.html("login"));
use(new Auth());
}
Simply and easy!
Twitter, example:
{
use(new Auth()
.client(conf ->
new TwitterClient(conf.getString("twitter.key"), conf.getString("twitter.secret"))));
}
Keep in mind you will have to add the require Maven dependency to your project, beside that it is pretty straight forward.
By default a Client will protect all the urls defined below the module, because routes in Jooby are executed in the order they where defined.
You can customize what urls are protected by specifying a path pattern:
{
use(new Auth().form("/private/**"));
get("/hello", () -> "no auth");
get("/private", () -> "auth");
}
Here the /hello path is un-protected, because the client will intercept everything under /private.
Jooby relies on AuthStore for saving and retrieving a CommonProfile. By default, the CommonProfile is stored in the Session via AuthSessionStore.
After a successful authentication the CommonProfile is accessible as a request scoped attribute:
{
use(new Auth().form());
get("/private", req -> req.require(HttpProfile.class));
}
facebook (or any oauth, openid, etc...)
{
use(new Auth().client(new FacebookClient(key, secret));
get("/private", req -> req.require(FacebookProfile.class));
}
Custom AuthStore is provided via store(Class) method:
{
use(new Auth().store(MyDbStore.class));
get("/private", req -> req.require(HttpProfile.class));
}
A default /logout handler is provided it too. The handler will remove the profile from AuthStore by calling the AuthStore.unset(String) method. The default login will redirect to /.
A custom logout and redirect urls can be set via .conf file or programmatically:
{
use(new Auth().logout("/mylogout", "/redirectTo"));
}
| Modifier and Type | Field and Description |
|---|---|
static String |
CNAME
Deprecated.
|
static String |
ID
Deprecated.
Name of the local request variable that holds the username.
|
| Constructor and Description |
|---|
Auth()
Deprecated.
|
| Modifier and Type | Method and Description |
|---|---|
Auth |
authorizer(String name, String pattern, org.pac4j.core.authorization.authorizer.Authorizer<?> authorizer)
Deprecated.
Protect one or more urls with an Authorizer.
|
Auth |
authorizer(String name, String pattern, Class<? extends org.pac4j.core.authorization.authorizer.Authorizer> authorizer)
Deprecated.
Protect one or more urls with an Authorizer.
|
Auth |
basic()
Deprecated.
Add a basic auth client, protecting all the urls *.
|
Auth |
basic(String pattern)
Deprecated.
Add a basic auth client.
|
Auth |
basic(String pattern, Class<? extends org.pac4j.core.credentials.authenticator.Authenticator<org.pac4j.core.credentials.UsernamePasswordCredentials>> authenticator)
Deprecated.
Add a basic auth client.
|
<C extends org.pac4j.core.credentials.Credentials,U extends org.pac4j.core.profile.CommonProfile> |
client(Class<? extends org.pac4j.core.client.Client<C,U>> client)
Deprecated.
Add an auth client, like facebook, twitter, github, etc...Please note the require dependency must be in the classpath.
|
<C extends org.pac4j.core.credentials.Credentials,U extends org.pac4j.core.profile.CommonProfile> |
client(org.pac4j.core.client.Client<C,U> client)
Deprecated.
Add an auth client, like facebook, twitter, github, etc...Please note the require dependency must be in the classpath.
|
<C extends org.pac4j.core.credentials.Credentials,U extends org.pac4j.core.profile.CommonProfile> |
client(Function<com.typesafe.config.Config,org.pac4j.core.client.Client<C,U>> provider)
Deprecated.
Add an auth client, like facebook, twitter, github, etc...Please note the require dependency must be in the classpath.
|
<C extends org.pac4j.core.credentials.Credentials,U extends org.pac4j.core.profile.CommonProfile> |
client(String pattern, Class<? extends org.pac4j.core.client.Client<C,U>> client)
Deprecated.
Add an auth client, like facebook, twitter, github, etc...Please note the require dependency must be in the classpath.
|
<C extends org.pac4j.core.credentials.Credentials,U extends org.pac4j.core.profile.CommonProfile> |
client(String pattern, org.pac4j.core.client.Client<C,U> client)
Deprecated.
Add an auth client, like facebook, twitter, github, etc...Please note the require dependency must be in the classpath.
|
<C extends org.pac4j.core.credentials.Credentials,U extends org.pac4j.core.profile.CommonProfile> |
client(String pattern, Function<com.typesafe.config.Config,org.pac4j.core.client.Client<C,U>> provider)
Deprecated.
Add an auth client, like facebook, twitter, github, etc...Please note the require dependency must be in the classpath.
|
com.typesafe.config.Config |
config()
Deprecated.
|
void |
configure(Env env, com.typesafe.config.Config conf, com.google.inject.Binder binder)
Deprecated.
Configure and produces bindings for the underlying application.
|
Auth |
form()
Deprecated.
Add a form auth client, protecting all the urls *.
|
Auth |
form(String pattern)
Deprecated.
Add a form auth client.
|
Auth |
form(String pattern, Class<? extends org.pac4j.core.credentials.authenticator.Authenticator<org.pac4j.core.credentials.UsernamePasswordCredentials>> authenticator)
Deprecated.
Add a form auth client.
|
Auth |
logout(String logoutUrl)
Deprecated.
Set the logout and redirect URL patterns.
|
Auth |
logout(String logoutUrl, String redirecTo)
Deprecated.
Set the logout and redirect URL patterns.
|
<U extends org.pac4j.core.profile.CommonProfile> |
store(Class<? extends AuthStore<U>> store)
Deprecated.
Setup the AuthStore to use.
|
public static final String ID
public static final String CNAME
public Auth authorizer(String name, String pattern, org.pac4j.core.authorization.authorizer.Authorizer<?> authorizer)
Authorizer. For example:
{
use(new Auth()
.form("*")
.authorizer("admin", "/admin/**", new RequireAnyRoleAuthorizer("admin"))
);
}
Previous example will protect any url with form authentication and require and admin role for /admin/ or subpath of it.
NOTE: make sure url is protected by one pac4j client.
name - Authorizer name.
pattern - URL pattern to protected.
authorizer - Authorizer to apply.
public Auth authorizer(String name, String pattern, Class<? extends org.pac4j.core.authorization.authorizer.Authorizer> authorizer)
Authorizer. For example:
{
use(new Auth()
.form("*")
.authorizer("admin", "/admin/**", MyAuthorizer.class)
);
}
Previous example will protect any url with form authentication and require and admin role for /admin/ or subpath of it.
NOTE: make sure url is protected by one pac4j client.
name - Authorizer name.
pattern - URL pattern to protected.
authorizer - Authorizer to apply.
public Auth form(String pattern, Class<? extends org.pac4j.core.credentials.authenticator.Authenticator<org.pac4j.core.credentials.UsernamePasswordCredentials>> authenticator)
pattern - URL pattern to protect.
authenticator - Authenticator to use.
public Auth form(String pattern)
SimpleTestUsernamePasswordAuthenticator. Useful for development.
pattern - URL pattern to protect.
public Auth form()
*. It setup a SimpleTestUsernamePasswordAuthenticator. Useful for development.
public Auth basic(String pattern, Class<? extends org.pac4j.core.credentials.authenticator.Authenticator<org.pac4j.core.credentials.UsernamePasswordCredentials>> authenticator)
pattern - URL pattern to protect.
authenticator - Authenticator to use.
public Auth basic(String pattern)
SimpleTestUsernamePasswordAuthenticator. Useful for development.
pattern - URL pattern to protect.
public Auth basic()
*. It setup a SimpleTestUsernamePasswordAuthenticator. Useful for development.
public <C extends org.pac4j.core.credentials.Credentials,U extends org.pac4j.core.profile.CommonProfile> Auth client(org.pac4j.core.client.Client<C,U> client)
C - Credentials.
U - CommonProfile.
client - Client to add.
public <C extends org.pac4j.core.credentials.Credentials,U extends org.pac4j.core.profile.CommonProfile> Auth client(Class<? extends org.pac4j.core.client.Client<C,U>> client)
C - Credentials.
U - CommonProfile.
client - Client to add.
public <C extends org.pac4j.core.credentials.Credentials,U extends org.pac4j.core.profile.CommonProfile> Auth client(String pattern, org.pac4j.core.client.Client<C,U> client)
C - Credentials.
U - CommonProfile.
pattern - URL pattern to protect.
client - Client to add.
public <C extends org.pac4j.core.credentials.Credentials,U extends org.pac4j.core.profile.CommonProfile> Auth client(Function<com.typesafe.config.Config,org.pac4j.core.client.Client<C,U>> provider)
C - Credentials.
U - CommonProfile.
provider - Client to add.
public <C extends org.pac4j.core.credentials.Credentials,U extends org.pac4j.core.profile.CommonProfile> Auth client(String pattern, Function<com.typesafe.config.Config,org.pac4j.core.client.Client<C,U>> provider)
C - Credentials.
U - CommonProfile.
pattern - URL pattern to protect.
provider - Client to add.
public <C extends org.pac4j.core.credentials.Credentials,U extends org.pac4j.core.profile.CommonProfile> Auth client(String pattern, Class<? extends org.pac4j.core.client.Client<C,U>> client)
C - Credentials.
U - CommonProfile.
pattern - URL pattern to protect.
client - Client to add.
public <U extends org.pac4j.core.profile.CommonProfile> Auth store(Class<? extends AuthStore<U>> store)
AuthStore to use. Keep in mind the store is binded it as singleton.
store - Store to use.
public Auth logout(String logoutUrl, String redirecTo)
logoutUrl - Logout url, default is /logout.
redirecTo - Redirect url, default is /.
public Auth logout(String logoutUrl)
logoutUrl - Logout url, default is /logout.
public void configure(Env env, com.typesafe.config.Config conf, com.google.inject.Binder binder)
Jooby.Module
application env and/or the current application properties available from Config.
configure in interface Jooby.Module
env - The current application's env. Not null.
conf - The current config object. Not null.
binder - A guice binder. Not null.
public com.typesafe.config.Config config()
config in interface Jooby.Module
Copyright © 2019. All rights reserved.