From 7fa2417e220596fce25367313ef2104c891884c1 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Michal=20Vav=C5=99=C3=ADk?= Date: Tue, 5 Nov 2024 12:56:44 +0100 Subject: [PATCH] Vert.x HTTP Security - address depracations and remove unused classes --- .../HttpSecurityPolicyBuildItem.java | 2 +- .../deployment/HttpSecurityProcessor.java | 12 ++++---- ...bstractPathMatchingHttpSecurityPolicy.java | 11 +------ .../security/HttpAuthenticationMechanism.java | 2 +- .../runtime/security/HttpAuthenticator.java | 2 +- .../http/runtime/security/HttpAuthorizer.java | 2 +- .../security/HttpSecurityRecorder.java | 6 ++-- .../security/MtlsAuthenticationMechanism.java | 2 +- .../security/QuarkusHttpSecurityContext.java | 8 ----- .../runtime/security/QuarkusHttpUser.java | 1 + .../http/runtime/security/SupplierImpl.java | 29 ------------------- 11 files changed, 15 insertions(+), 62 deletions(-) delete mode 100644 extensions/vertx-http/runtime/src/main/java/io/quarkus/vertx/http/runtime/security/QuarkusHttpSecurityContext.java delete mode 100644 extensions/vertx-http/runtime/src/main/java/io/quarkus/vertx/http/runtime/security/SupplierImpl.java diff --git a/extensions/vertx-http/deployment/src/main/java/io/quarkus/vertx/http/deployment/HttpSecurityPolicyBuildItem.java b/extensions/vertx-http/deployment/src/main/java/io/quarkus/vertx/http/deployment/HttpSecurityPolicyBuildItem.java index eea7841fecdb9..d86028cfd668f 100644 --- a/extensions/vertx-http/deployment/src/main/java/io/quarkus/vertx/http/deployment/HttpSecurityPolicyBuildItem.java +++ b/extensions/vertx-http/deployment/src/main/java/io/quarkus/vertx/http/deployment/HttpSecurityPolicyBuildItem.java @@ -9,7 +9,7 @@ * @deprecated Define {@link io.quarkus.vertx.http.runtime.security.HttpSecurityPolicy} CDI bean with {@link #name} * set as the {@link HttpSecurityPolicy#name()}. */ -@Deprecated +@Deprecated(since = "3.6", forRemoval = true) public final class HttpSecurityPolicyBuildItem extends MultiBuildItem { final String name; diff --git a/extensions/vertx-http/deployment/src/main/java/io/quarkus/vertx/http/deployment/HttpSecurityProcessor.java b/extensions/vertx-http/deployment/src/main/java/io/quarkus/vertx/http/deployment/HttpSecurityProcessor.java index 2b1ed130e4d1f..80a2f6f2ee832 100644 --- a/extensions/vertx-http/deployment/src/main/java/io/quarkus/vertx/http/deployment/HttpSecurityProcessor.java +++ b/extensions/vertx-http/deployment/src/main/java/io/quarkus/vertx/http/deployment/HttpSecurityProcessor.java @@ -1,7 +1,6 @@ package io.quarkus.vertx.http.deployment; import static io.quarkus.arc.processor.DotNames.APPLICATION_SCOPED; -import static io.quarkus.arc.processor.DotNames.DEFAULT_BEAN; import static io.quarkus.arc.processor.DotNames.SINGLETON; import static io.quarkus.vertx.http.deployment.HttpSecurityUtils.AUTHORIZATION_POLICY; import static io.quarkus.vertx.http.runtime.security.HttpAuthenticator.BASIC_AUTH_ANNOTATION_DETECTED; @@ -28,6 +27,7 @@ import org.jboss.jandex.AnnotationInstance; import org.jboss.jandex.AnnotationTarget; +import org.jboss.jandex.AnnotationTransformation; import org.jboss.jandex.ClassInfo; import org.jboss.jandex.DotName; import org.jboss.jandex.IndexView; @@ -37,6 +37,7 @@ import org.jboss.jandex.TypeVariable; import org.objectweb.asm.Opcodes; +import io.quarkus.arc.DefaultBean; import io.quarkus.arc.deployment.AdditionalBeanBuildItem; import io.quarkus.arc.deployment.AnnotationsTransformerBuildItem; import io.quarkus.arc.deployment.BeanContainerBuildItem; @@ -44,7 +45,6 @@ import io.quarkus.arc.deployment.GeneratedBeanBuildItem; import io.quarkus.arc.deployment.GeneratedBeanGizmoAdaptor; import io.quarkus.arc.deployment.SyntheticBeanBuildItem; -import io.quarkus.arc.processor.AnnotationsTransformer; import io.quarkus.arc.processor.BeanInfo; import io.quarkus.builder.item.SimpleBuildItem; import io.quarkus.deployment.Capabilities; @@ -192,10 +192,10 @@ AdditionalBeanBuildItem initBasicAuth(HttpBuildTimeConfig buildTimeConfig, if (makeBasicAuthMechDefaultBean(buildTimeConfig)) { //if not explicitly enabled we make this a default bean, so it is the fallback if nothing else is defined - annotationsTransformerProducer.produce(new AnnotationsTransformerBuildItem(AnnotationsTransformer - .appliedToClass() - .whenClass(cl -> BASIC_AUTH_MECH_NAME.equals(cl.name())) - .thenTransform(t -> t.add(DEFAULT_BEAN)))); + annotationsTransformerProducer.produce(new AnnotationsTransformerBuildItem(AnnotationTransformation + .forClasses() + .whenClass(BASIC_AUTH_MECH_NAME) + .transform(ctx -> ctx.add(DefaultBean.class)))); } if (buildTimeConfig.auth.basic.isPresent() && buildTimeConfig.auth.basic.get()) { diff --git a/extensions/vertx-http/runtime/src/main/java/io/quarkus/vertx/http/runtime/security/AbstractPathMatchingHttpSecurityPolicy.java b/extensions/vertx-http/runtime/src/main/java/io/quarkus/vertx/http/runtime/security/AbstractPathMatchingHttpSecurityPolicy.java index 004cb13bfbe1d..091c1e4432adb 100644 --- a/extensions/vertx-http/runtime/src/main/java/io/quarkus/vertx/http/runtime/security/AbstractPathMatchingHttpSecurityPolicy.java +++ b/extensions/vertx-http/runtime/src/main/java/io/quarkus/vertx/http/runtime/security/AbstractPathMatchingHttpSecurityPolicy.java @@ -386,16 +386,7 @@ private void addAction(String action) { } } - static class HttpMatcher { + record HttpMatcher(String authMechanism, Set methods, HttpSecurityPolicy checker) { - final String authMechanism; - final Set methods; - final HttpSecurityPolicy checker; - - HttpMatcher(String authMechanism, Set methods, HttpSecurityPolicy checker) { - this.methods = methods; - this.checker = checker; - this.authMechanism = authMechanism; - } } } diff --git a/extensions/vertx-http/runtime/src/main/java/io/quarkus/vertx/http/runtime/security/HttpAuthenticationMechanism.java b/extensions/vertx-http/runtime/src/main/java/io/quarkus/vertx/http/runtime/security/HttpAuthenticationMechanism.java index 18598de37f640..cc53a28c2b78f 100644 --- a/extensions/vertx-http/runtime/src/main/java/io/quarkus/vertx/http/runtime/security/HttpAuthenticationMechanism.java +++ b/extensions/vertx-http/runtime/src/main/java/io/quarkus/vertx/http/runtime/security/HttpAuthenticationMechanism.java @@ -45,7 +45,7 @@ default Uni sendChallenge(RoutingContext context) { * * May be null if this mechanism cannot interfere with other mechanisms */ - @Deprecated + @Deprecated(since = "2.8", forRemoval = true) default HttpCredentialTransport getCredentialTransport() { throw new UnsupportedOperationException(); } diff --git a/extensions/vertx-http/runtime/src/main/java/io/quarkus/vertx/http/runtime/security/HttpAuthenticator.java b/extensions/vertx-http/runtime/src/main/java/io/quarkus/vertx/http/runtime/security/HttpAuthenticator.java index 362b60fbd1c8d..0dfbc8f392975 100644 --- a/extensions/vertx-http/runtime/src/main/java/io/quarkus/vertx/http/runtime/security/HttpAuthenticator.java +++ b/extensions/vertx-http/runtime/src/main/java/io/quarkus/vertx/http/runtime/security/HttpAuthenticator.java @@ -50,7 +50,7 @@ * Class that is responsible for running the HTTP based authentication */ @Singleton -public class HttpAuthenticator { +public final class HttpAuthenticator { /** * Special handling for the basic authentication mechanism, for user convenience, we add the mechanism when: * - not explicitly disabled or enabled diff --git a/extensions/vertx-http/runtime/src/main/java/io/quarkus/vertx/http/runtime/security/HttpAuthorizer.java b/extensions/vertx-http/runtime/src/main/java/io/quarkus/vertx/http/runtime/security/HttpAuthorizer.java index 9b6ea4461c787..cdf1e861e3700 100644 --- a/extensions/vertx-http/runtime/src/main/java/io/quarkus/vertx/http/runtime/security/HttpAuthorizer.java +++ b/extensions/vertx-http/runtime/src/main/java/io/quarkus/vertx/http/runtime/security/HttpAuthorizer.java @@ -20,7 +20,7 @@ * Class that is responsible for running the HTTP based permission checks */ @Singleton -public class HttpAuthorizer extends AbstractHttpAuthorizer { +public final class HttpAuthorizer extends AbstractHttpAuthorizer { HttpAuthorizer(HttpAuthenticator httpAuthenticator, IdentityProviderManager identityProviderManager, AuthorizationController controller, Instance installedPolicies, diff --git a/extensions/vertx-http/runtime/src/main/java/io/quarkus/vertx/http/runtime/security/HttpSecurityRecorder.java b/extensions/vertx-http/runtime/src/main/java/io/quarkus/vertx/http/runtime/security/HttpSecurityRecorder.java index 19ad7c368cf13..3ec1ae277341f 100644 --- a/extensions/vertx-http/runtime/src/main/java/io/quarkus/vertx/http/runtime/security/HttpSecurityRecorder.java +++ b/extensions/vertx-http/runtime/src/main/java/io/quarkus/vertx/http/runtime/security/HttpSecurityRecorder.java @@ -181,8 +181,7 @@ public void accept(RoutingContext event, Throwable throwable) { } throwable = extractRootCause(throwable); //auth failed - if (throwable instanceof AuthenticationFailedException) { - AuthenticationFailedException authenticationFailedException = (AuthenticationFailedException) throwable; + if (throwable instanceof AuthenticationFailedException authenticationFailedException) { getAuthenticator(event).sendChallenge(event).subscribe().with(new Consumer() { @Override public void accept(Boolean aBoolean) { @@ -200,8 +199,7 @@ public void accept(Throwable throwable) { log.debug("Authentication has failed, returning HTTP status 401"); event.response().setStatusCode(401); proceed(throwable); - } else if (throwable instanceof AuthenticationRedirectException) { - AuthenticationRedirectException redirectEx = (AuthenticationRedirectException) throwable; + } else if (throwable instanceof AuthenticationRedirectException redirectEx) { event.response().setStatusCode(redirectEx.getCode()); event.response().headers().set(HttpHeaders.LOCATION, redirectEx.getRedirectUri()); event.response().headers().set(HttpHeaders.CACHE_CONTROL, "no-store"); diff --git a/extensions/vertx-http/runtime/src/main/java/io/quarkus/vertx/http/runtime/security/MtlsAuthenticationMechanism.java b/extensions/vertx-http/runtime/src/main/java/io/quarkus/vertx/http/runtime/security/MtlsAuthenticationMechanism.java index e651aead7c94a..fa7d77c449dec 100644 --- a/extensions/vertx-http/runtime/src/main/java/io/quarkus/vertx/http/runtime/security/MtlsAuthenticationMechanism.java +++ b/extensions/vertx-http/runtime/src/main/java/io/quarkus/vertx/http/runtime/security/MtlsAuthenticationMechanism.java @@ -62,7 +62,7 @@ public Uni authenticate(RoutingContext context, context.put(HttpAuthenticationMechanism.class.getName(), this); AuthenticationRequest authRequest = new CertificateAuthenticationRequest( - new CertificateCredential(X509Certificate.class.cast(certificate))); + new CertificateCredential((X509Certificate) certificate)); authRequest.setAttribute(ROLES_MAPPER_ATTRIBUTE, certificateToRoles); return identityProviderManager .authenticate(HttpSecurityUtils.setRoutingContextAttribute(authRequest, context)); diff --git a/extensions/vertx-http/runtime/src/main/java/io/quarkus/vertx/http/runtime/security/QuarkusHttpSecurityContext.java b/extensions/vertx-http/runtime/src/main/java/io/quarkus/vertx/http/runtime/security/QuarkusHttpSecurityContext.java deleted file mode 100644 index ff14ed7d6bb23..0000000000000 --- a/extensions/vertx-http/runtime/src/main/java/io/quarkus/vertx/http/runtime/security/QuarkusHttpSecurityContext.java +++ /dev/null @@ -1,8 +0,0 @@ -package io.quarkus.vertx.http.runtime.security; - -/** - * Security context that is attached to the request. - * - */ -public class QuarkusHttpSecurityContext { -} diff --git a/extensions/vertx-http/runtime/src/main/java/io/quarkus/vertx/http/runtime/security/QuarkusHttpUser.java b/extensions/vertx-http/runtime/src/main/java/io/quarkus/vertx/http/runtime/security/QuarkusHttpUser.java index cd1d864046e4c..faf7fc9578f56 100644 --- a/extensions/vertx-http/runtime/src/main/java/io/quarkus/vertx/http/runtime/security/QuarkusHttpUser.java +++ b/extensions/vertx-http/runtime/src/main/java/io/quarkus/vertx/http/runtime/security/QuarkusHttpUser.java @@ -49,6 +49,7 @@ public User isAuthorized(Authorization authority, Handler> } @Override + @Deprecated public User isAuthorized(String authority, Handler> resultHandler) { resultHandler.handle(Future.succeededFuture(securityIdentity.hasRole(authority))); return this; diff --git a/extensions/vertx-http/runtime/src/main/java/io/quarkus/vertx/http/runtime/security/SupplierImpl.java b/extensions/vertx-http/runtime/src/main/java/io/quarkus/vertx/http/runtime/security/SupplierImpl.java deleted file mode 100644 index 4c9e1e9a8ab2c..0000000000000 --- a/extensions/vertx-http/runtime/src/main/java/io/quarkus/vertx/http/runtime/security/SupplierImpl.java +++ /dev/null @@ -1,29 +0,0 @@ -package io.quarkus.vertx.http.runtime.security; - -import java.util.function.Supplier; - -public class SupplierImpl implements Supplier { - - T value; - - public SupplierImpl() { - } - - public SupplierImpl(T value) { - this.value = value; - } - - public T getValue() { - return value; - } - - public SupplierImpl setValue(T value) { - this.value = value; - return this; - } - - @Override - public T get() { - return value; - } -}