Skip to content

Commit

Permalink
Add API to add user info
Browse files Browse the repository at this point in the history
  • Loading branch information
ligangty committed Jan 15, 2024
1 parent 82d4e47 commit b195e50
Show file tree
Hide file tree
Showing 3 changed files with 130 additions and 0 deletions.
Original file line number Diff line number Diff line change
Expand Up @@ -15,7 +15,16 @@
*/
package org.commonjava.indy.service.ui.jaxrs.auth;

import io.quarkus.security.identity.SecurityIdentity;
import org.apache.commons.lang3.StringUtils;
import org.commonjava.indy.service.ui.models.auth.UserInfo;
import org.eclipse.microprofile.jwt.JsonWebToken;
import org.eclipse.microprofile.openapi.annotations.media.Content;
import org.eclipse.microprofile.openapi.annotations.media.Schema;
import org.eclipse.microprofile.openapi.annotations.responses.APIResponse;
import org.eclipse.microprofile.openapi.annotations.responses.APIResponses;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

import javax.inject.Inject;
import javax.ws.rs.GET;
Expand All @@ -26,13 +35,21 @@
import javax.ws.rs.core.Response;
import javax.ws.rs.core.UriInfo;
import java.net.URI;
import java.security.Principal;
import java.util.Collections;
import java.util.Set;

@Path( "/api/admin/auth" )
public class AuthResource
{
private final Logger logger = LoggerFactory.getLogger( this.getClass() );

@Inject
JsonWebToken accessToken;

@Inject
SecurityIdentity identity;

@Path( "accesstoken" )
@GET
@Produces( MediaType.TEXT_HTML )
Expand All @@ -57,4 +74,28 @@ public Response getAccessToken( @Context UriInfo uriInfo )
.append( "</html>" );
return Response.ok( contentBuilder.toString() ).build();
}

@APIResponses( { @APIResponse( responseCode = "200",
content = @Content( schema = @Schema( implementation = UserInfo.class ) ),
description = "Return the current user information" ),
@APIResponse( responseCode = "401", description = "User not authenticated" ) } )
@Path( "userinfo" )
@GET
@Produces( MediaType.APPLICATION_JSON )
public Response getUserInfo( @Context UriInfo uriInfo )
{
Set<String> roles = identity.getRoles() == null ? Collections.emptySet() : identity.getRoles();
Principal user = identity.getPrincipal();
if ( user != null && StringUtils.isNotBlank( user.getName() ) )
{
logger.debug( "User: {}", user.getName() );
final UserInfo userInfo = new UserInfo( user.getName(), roles );
return Response.ok( userInfo ).build();
}
else
{
logger.warn( "User name is not got correctly, please check the security configuration." );
return Response.status( Response.Status.UNAUTHORIZED ).build();
}
}
}
Original file line number Diff line number Diff line change
@@ -0,0 +1,46 @@
/**
* Copyright (C) 2024 Red Hat, Inc.
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
package org.commonjava.indy.service.ui.models.auth;

import org.eclipse.microprofile.openapi.annotations.media.Schema;

import java.util.Set;

@Schema( description = "The user information. Contains the user name and user roles" )
public class UserInfo
{
@Schema( description = "User name for current user" )
private final String userName;

@Schema( description = "User roles for current user" )
private final Set<String> roles;

public UserInfo( String userName, Set<String> roles )
{
this.userName = userName;
this.roles = roles;
}

public String getUserName()
{
return userName;
}

public Set<String> getRoles()
{
return roles;
}
}
Original file line number Diff line number Diff line change
@@ -0,0 +1,43 @@
/**
* Copyright (C) 2024 Red Hat, Inc.
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
package org.commonjava.indy.service.ui.jaxrs.auth;

import io.quarkus.test.junit.QuarkusTest;
import io.quarkus.test.security.TestSecurity;
import io.restassured.path.json.JsonPath;
import org.junit.jupiter.api.Test;

import javax.ws.rs.core.Response;

import static io.restassured.RestAssured.given;
import static org.hamcrest.CoreMatchers.hasItems;
import static org.hamcrest.CoreMatchers.is;
import static org.hamcrest.MatcherAssert.assertThat;

@QuarkusTest
public class AuthResourceTest
{
@TestSecurity( roles = { "power", "admin" }, user = "user" )
@Test
public void testGetUserInfo()
{
given().when().get( "/api/admin/auth/userinfo" ).then().statusCode( Response.Status.OK.getStatusCode() );
final JsonPath resultPath = given().get( "/api/admin/auth/userinfo" ).thenReturn().jsonPath();
assertThat( resultPath.getString( "userName" ), is( "user" ) );
assertThat( resultPath.getInt( "roles.size" ), is( 2 ) );
assertThat( resultPath.getList( "roles" ), hasItems( "power", "admin" ) );
}
}

0 comments on commit b195e50

Please sign in to comment.