Giter VIP home page Giter VIP logo

Comments (12)

gemmell avatar gemmell commented on July 17, 2024

Hrrm. Looks to me like it's expecting a shiro SimplePrincipalCollection. The stormpath ApplicationRealm.java has the following function:

protected PrincipalCollection createPrincipals(Account account) {

    LinkedHashMap<String, String> props = new LinkedHashMap<String, String>();

    props.put("href", account.getHref());
    nullSafePut(props, "username", account.getUsername());
    nullSafePut(props, "email", account.getEmail());
    nullSafePut(props, "givenName", account.getGivenName());
    nullSafePut(props, "middleName", account.getMiddleName());
    nullSafePut(props, "surname", account.getSurname());

    Collection<Object> principals = new ArrayList<Object>(2);
    principals.add(account.getHref());
    principals.add(props);

    return new SimplePrincipalCollection(principals, getName());
}

And then you see the getAccountHref function doing this:

protected String getAccountHref(PrincipalCollection principals) {
    Collection c = principals.fromRealm(getName());
    //Based on the createPrincipals implementation above, the first one is the Account href:

And then shiro's SimplePrincipalCollection does this:

public Collection fromRealm(String realmName) {
    if (realmPrincipals == null || realmPrincipals.isEmpty()) {
        return Collections.EMPTY_SET;
    }
    Set principals = realmPrincipals.get(realmName);
    if (principals == null || principals.isEmpty()) {
        principals = Collections.EMPTY_SET;
    }
    return Collections.unmodifiableSet(principals);
}

i.e. if it were using the shiro SimplePrincipalCollection it created it'd be fine, but it's somehow getting back to the vertx implementation...

from vertx-auth.

pmlopes avatar pmlopes commented on July 17, 2024

Which auth provider are you using? Stormpath does not seem to be a auth provider implemented in this project, can you provide a full test case?

from vertx-auth.

gemmell avatar gemmell commented on July 17, 2024

Yep. I posted how to do set it up in the linked google group. Will gather the info and post here.

from vertx-auth.

gemmell avatar gemmell commented on July 17, 2024

I am using gradle, so I needed to add the following dependencies:

dependencies {
...
   /* For auth */
    compile 'io.vertx:vertx-auth-shiro:3.0.0-milestone6'
    compile 'com.stormpath.shiro:stormpath-shiro-core:0.6.0'
    compile 'com.stormpath.sdk:stormpath-sdk-httpclient:1.0.RC4.3'
...
}

Imports look like this:

import com.stormpath.sdk.api.ApiKey;
import com.stormpath.shiro.realm.ApplicationRealm;
import com.stormpath.sdk.client.Client;
import com.stormpath.sdk.api.ApiKeys;
import com.stormpath.sdk.client.Clients;

And then in your code it's as simple as this:

// Setup our shiro+stormpath+vertx integration
String path = System.getProperty("user.home") + "/.stormpath/apiKey.properties";
ApiKey apiKey = ApiKeys.builder().setFileLocation(path).build();
Client client = Clients.builder().setApiKey(apiKey).build();
ApplicationRealm stormpathAppRealm = new ApplicationRealm();
stormpathAppRealm.setClient(client);
stormpathAppRealm.setApplicationRestUrl("<insert your application endpoint here>");
AuthProvider authProvider = ShiroAuth.create(vertx, stormpathAppRealm);
// Secure all routes with basic auth
AuthHandler basicAuthHandler = BasicAuthHandler.create(authProvider);
router.route().handler(basicAuthHandler);

from vertx-auth.

gemmell avatar gemmell commented on July 17, 2024

You will have to sign up for stormpath to get your apiKey but it is free and obligation free.

from vertx-auth.

gemmell avatar gemmell commented on July 17, 2024

To ease your pain, just use this temporary information:
apiKey.properties contains:

apiKey.id = 2SCNWP6RUOU9POBRSTWKG1AY4
apiKey.secret = DxxmPSCOKOXPPgvtVBfwp4M5uZl9keF9lv/8rpzMFCg

and the "insert your application endpoint here" is this

https://api.stormpath.com/v1/accounts/5W1RoooMzoo0XqKMx15IEi

Let me know when you're done and I'll remove the key. It is a dummy setup used for testing so it gives users no access to anything.

from vertx-auth.

gemmell avatar gemmell commented on July 17, 2024

Oh and to make it actually hit that exception you try to do some authorisation:

router.route().handler((RoutingContext context) -> {
    context.user().isAuthorised("role:84c2a410-b761-44cd-88c7-a8bba0e976cb+admins", (AsyncResult<Boolean> res) -> {
       if (res.succeeded()) {
          boolean hasPermission = res.result();
          if (hasPermission) {
             context.next();
          } else {
             context.response().setStatusCode(403).end("You do not have access to that group!");
          }
       } else {
          context.response().setStatusCode(403).end("Error asking if authorised");
       }
    });
 });

from vertx-auth.

gemmell avatar gemmell commented on July 17, 2024

This resource may be of use:
https://github.com/stormpath/stormpath-shiro/wiki

from vertx-auth.

gemmell avatar gemmell commented on July 17, 2024

Awesome. Should I wait for M7 or is that a fair way off?

from vertx-auth.

pmlopes avatar pmlopes commented on July 17, 2024

The plan is to have the final 3.0 release soon, either you can test by fetching the snapshots from sonatype or wait a bit more :)

from vertx-auth.

gemmell avatar gemmell commented on July 17, 2024

Excuse my extreme ignorance - where are these snapshots? I am not particularly familiar with the java ecosystem.

from vertx-auth.

gemmell avatar gemmell commented on July 17, 2024

For the naive (like me) - add the following to your gradle.conf

repositories {
    mavenCentral()
    maven {
      url 'http://oss.sonatype.org/content/repositories/snapshots'
    }
}

And use the following dependency:

compile 'io.vertx:vertx-auth-shiro:3.0.0-SNAPSHOT'

from vertx-auth.

Related Issues (20)

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. 📊📈🎉

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google ❤️ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.