From 698be0c9645bacb34a789b97825955bc3b4cfa4d Mon Sep 17 00:00:00 2001
From: Stuart Douglas <stuart.w.douglas@gmail.com>
Date: Fri, 15 Nov 2019 12:05:15 +1100
Subject: [PATCH] Remove Servlet specific auth from JAX-RS

This is no longer needed after the changes in how challenges are handled.

Partial fix for #5419
---
 .../runtime/UnauthorizedExceptionMapper.java  | 39 ++++---------------
 1 file changed, 8 insertions(+), 31 deletions(-)

diff --git a/extensions/resteasy/runtime/src/main/java/io/quarkus/resteasy/runtime/UnauthorizedExceptionMapper.java b/extensions/resteasy/runtime/src/main/java/io/quarkus/resteasy/runtime/UnauthorizedExceptionMapper.java
index 7a44146744a6e..6c71f86a42406 100644
--- a/extensions/resteasy/runtime/src/main/java/io/quarkus/resteasy/runtime/UnauthorizedExceptionMapper.java
+++ b/extensions/resteasy/runtime/src/main/java/io/quarkus/resteasy/runtime/UnauthorizedExceptionMapper.java
@@ -1,18 +1,18 @@
 package io.quarkus.resteasy.runtime;
 
-import java.lang.reflect.Method;
 import java.util.concurrent.ExecutionException;
 
 import javax.annotation.Priority;
+import javax.enterprise.inject.spi.CDI;
 import javax.ws.rs.Priorities;
 import javax.ws.rs.core.Response;
 import javax.ws.rs.ext.ExceptionMapper;
 import javax.ws.rs.ext.Provider;
 
 import org.jboss.logging.Logger;
-import org.jboss.resteasy.core.ResteasyContext;
 
 import io.quarkus.security.UnauthorizedException;
+import io.quarkus.vertx.http.runtime.CurrentVertxRequest;
 import io.quarkus.vertx.http.runtime.security.ChallengeData;
 import io.quarkus.vertx.http.runtime.security.HttpAuthenticator;
 import io.vertx.ext.web.RoutingContext;
@@ -28,41 +28,18 @@ public class UnauthorizedExceptionMapper implements ExceptionMapper<Unauthorized
 
     private static final Logger log = Logger.getLogger(UnauthorizedExceptionMapper.class.getName());
 
-    //Servlet API may not be present
-    private static final Class<?> HTTP_SERVLET_REQUEST;
-    private static final Class<?> HTTP_SERVLET_RESPONSE;
-    private static final Method AUTHENTICATE;
-
-    static {
-        Class<?> httpServletReq = null;
-        Class<?> httpServletResp = null;
-        Method auth = null;
-        try {
-            httpServletReq = Class.forName("javax.servlet.http.HttpServletRequest");
-            httpServletResp = Class.forName("javax.servlet.http.HttpServletResponse");
-            auth = httpServletReq.getMethod("authenticate", httpServletResp);
-        } catch (Exception ignored) {
+    private volatile CurrentVertxRequest currentVertxRequest;
 
+    CurrentVertxRequest currentVertxRequest() {
+        if (currentVertxRequest == null) {
+            currentVertxRequest = CDI.current().select(CurrentVertxRequest.class).get();
         }
-        AUTHENTICATE = auth;
-        HTTP_SERVLET_REQUEST = httpServletReq;
-        HTTP_SERVLET_RESPONSE = httpServletResp;
+        return currentVertxRequest;
     }
 
     @Override
     public Response toResponse(UnauthorizedException exception) {
-        if (HTTP_SERVLET_REQUEST != null) {
-            Object httpServletRequest = ResteasyContext.getContextData(HTTP_SERVLET_REQUEST);
-            if (httpServletRequest != null) {
-                Object httpServletResponse = ResteasyContext.getContextData(HTTP_SERVLET_RESPONSE);
-                try {
-                    AUTHENTICATE.invoke(httpServletRequest, httpServletResponse);
-                } catch (Exception e) {
-                    throw new RuntimeException(e);
-                }
-            }
-        }
-        RoutingContext context = ResteasyContext.getContextData(RoutingContext.class);
+        RoutingContext context = currentVertxRequest().getCurrent();
         if (context != null) {
             HttpAuthenticator authenticator = context.get(HttpAuthenticator.class.getName());
             if (authenticator != null) {