apply AuthenticationFilter only to /api requests
This commit is contained in:
parent
b1a785eda5
commit
1685221567
@ -1,9 +1,6 @@
|
|||||||
package net.hostsharing.hsadminng.config;
|
package net.hostsharing.hsadminng.config;
|
||||||
|
|
||||||
import jakarta.servlet.Filter;
|
|
||||||
import jakarta.servlet.FilterChain;
|
import jakarta.servlet.FilterChain;
|
||||||
import jakarta.servlet.ServletRequest;
|
|
||||||
import jakarta.servlet.ServletResponse;
|
|
||||||
import jakarta.servlet.http.HttpServletRequest;
|
import jakarta.servlet.http.HttpServletRequest;
|
||||||
import jakarta.servlet.http.HttpServletResponse;
|
import jakarta.servlet.http.HttpServletResponse;
|
||||||
|
|
||||||
@ -11,29 +8,37 @@ import lombok.SneakyThrows;
|
|||||||
import org.springframework.beans.factory.annotation.Autowired;
|
import org.springframework.beans.factory.annotation.Autowired;
|
||||||
import org.springframework.security.authentication.BadCredentialsException;
|
import org.springframework.security.authentication.BadCredentialsException;
|
||||||
import org.springframework.stereotype.Component;
|
import org.springframework.stereotype.Component;
|
||||||
|
import org.springframework.web.filter.OncePerRequestFilter;
|
||||||
|
|
||||||
|
|
||||||
@Component
|
@Component
|
||||||
public class AuthenticationFilter implements Filter {
|
public class AuthenticationFilter extends OncePerRequestFilter {
|
||||||
|
|
||||||
@Autowired
|
@Autowired
|
||||||
private Authenticator authenticator;
|
private Authenticator authenticator;
|
||||||
|
|
||||||
@Override
|
@Override
|
||||||
@SneakyThrows
|
@SneakyThrows
|
||||||
public void doFilter(final ServletRequest request, final ServletResponse response, final FilterChain chain) {
|
protected void doFilterInternal(
|
||||||
final var httpRequest = (HttpServletRequest) request;
|
HttpServletRequest request, HttpServletResponse response, FilterChain filterChain) {
|
||||||
final var httpResponse = (HttpServletResponse) response;
|
|
||||||
|
if ( !request.getRequestURI().startsWith("/api/") ) {
|
||||||
|
final var authenticatedRequest = new AuthenticatedHttpServletRequestWrapper(request);
|
||||||
|
authenticatedRequest.addHeader("current-subject", "nobody");
|
||||||
|
filterChain.doFilter(authenticatedRequest, response);
|
||||||
|
return;
|
||||||
|
}
|
||||||
|
|
||||||
try {
|
try {
|
||||||
final var currentSubject = authenticator.authenticate(httpRequest);
|
final var currentSubject = authenticator.authenticate(request);
|
||||||
|
|
||||||
final var authenticatedRequest = new AuthenticatedHttpServletRequestWrapper(httpRequest);
|
final var authenticatedRequest = new AuthenticatedHttpServletRequestWrapper(request);
|
||||||
authenticatedRequest.addHeader("current-subject", currentSubject);
|
authenticatedRequest.addHeader("current-subject", currentSubject);
|
||||||
|
|
||||||
chain.doFilter(authenticatedRequest, response);
|
filterChain.doFilter(authenticatedRequest, response);
|
||||||
} catch (final BadCredentialsException exc) {
|
} catch (final BadCredentialsException exc) {
|
||||||
// TODO.impl: should not be necessary if ResponseStatusException worked
|
// TODO.impl: should not be necessary if ResponseStatusException worked - FIXME: try removing
|
||||||
httpResponse.setStatus(HttpServletResponse.SC_UNAUTHORIZED);
|
response.setStatus(HttpServletResponse.SC_UNAUTHORIZED);
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
Loading…
x
Reference in New Issue
Block a user