org.jooby.pac4j

Class Auth

java.lang.Object

org.jooby.pac4j.Auth

All Implemented Interfaces:

Jooby.Module

public class Auth
extends Object
implements Jooby.Module

pac4j module

Authentication module via: pac4j.

exposes

• Clients
• WebContext as RequestScoped
• Route.Filter per each registered Client
• Callback Route.Filter

usage

 {

   get("/public", ()  -> ..);

   use(new Auth());

   get("/private", ()  -> ..);
 }
 

Previous example adds a very basic but ready to use form login auth every time you try to access to /private or any route defined below the auth module.

clients

pac4j is a powerful library that supports multiple clients and/or authentication protocols. In the next example, we will see how to configure the most basic of them, but also some complex protocols.

basic auth

If basic auth is all you need, then:

 {
   use(new Auth().basic());
 }
 

A BasicAuthClient depends on UsernamePasswordAuthenticator, default is SimpleTestUsernamePasswordAuthenticator which is great for development, but nothing good for other environments. Next example setup a basic auth with a custom: UsernamePasswordAuthenticator:

 {
   use(new Auth().basic("*", MyUsernamePasswordAuthenticator.class));
 }
 

form auth

Form authentication will be activated by calling form():

 {
   use(new Auth().form());
 }
 

Form is the default authentication method so previous example is the same as:

 {
   use(new Auth());
 }
 

Like basic auth, form auth depends UsernamePasswordAuthenticator and a UsernameProfileCreator.

A login form will be ready under the path: /login. Again, it is a very basic login form useful for development. If you need a custom login page, just add a route before the Auth module, like:

 {
   get("/login", ()  -> Results.html("login"));

   use(new Auth());
 }
 

Simply and easy!

oauth, openid, etc...

Twitter, example:

 {
   use(new Auth()
     .client(conf  ->
        new TwitterClient(conf.getString("twitter.key"), conf.getString("twitter.secret"))));
 }
 

Keep in mind you will have to add the require Maven dependency to your project, beside that it is pretty straight forward.

protecting urls

By default a Client will protect all the urls defined below the module, because routes in Jooby are executed in the order they where defined.

You can customize what urls are protected by specifying a path pattern:

 {
   use(new Auth().form("/private/**"));

   get("/hello", ()  -> "no auth");

   get("/private", ()  -> "auth");
 }
 

Here the /hello path is un-protected, because the client will intercept everything under /private.

user profile

Jooby relies on AuthStore for saving and retrieving a UserProfile. By default, the UserProfile is stored in the Session via AuthSessionStore.

After a successful authentication the UserProfile is accessible as a request scoped attribute:

 {
   use(new Auth().form());

   get("/private", req  -> req.require(HttpProfile.class));
 }
 

facebook (or any oauth, openid, etc...)

 {
   use(new Auth().client(new FacebookClient(key, secret));

   get("/private", req  -> req.require(FacebookProfile.class));
 }
 

Custom AuthStore is provided via store(Class) method:

 {
   use(new Auth().store(MyDbStore.class));

   get("/private", req  -> req.require(HttpProfile.class));
 }
 

logout

A default /logout handler is provided it too. The handler will remove the profile from AuthStore by calling the AuthStore.unset(String) method. The default login will redirect to /.

A custom logout and redirect urls can be set via .conf file or programmatically:

 {
   use(new Auth().logout("/mylogout", "/redirectTo"));
 }
 

Since:

0.6.0

Author:

edgar

Field Summary

Fields

Modifier and Type	Field and Description
static String	ID

Constructor Summary

Constructors

Constructor and Description
Auth()

Method Summary

Modifier and Type	Method and Description
Auth	basic() Add a basic auth client, protecting all the urls *.
Auth	basic(String pattern) Add a basic auth client.
Auth	basic(String pattern, Class<? extends org.pac4j.http.credentials.UsernamePasswordAuthenticator> authenticator) Add a basic auth client.
Auth	basic(String pattern, Class<? extends org.pac4j.http.credentials.UsernamePasswordAuthenticator> authenticator, Class<? extends org.pac4j.http.profile.UsernameProfileCreator> profileCreator) Add a basic auth client.
<C extends org.pac4j.core.credentials.Credentials,U extends org.pac4j.core.profile.UserProfile> Auth	client(org.pac4j.core.client.Client<C,U> client) Add an auth client, like facebook, twitter, github, etc...Please note the require dependency must be in the classpath.
<C extends org.pac4j.core.credentials.Credentials,U extends org.pac4j.core.profile.UserProfile> Auth	client(Function<com.typesafe.config.Config,org.pac4j.core.client.Client<C,U>> provider) Add an auth client, like facebook, twitter, github, etc...Please note the require dependency must be in the classpath.
<C extends org.pac4j.core.credentials.Credentials,U extends org.pac4j.core.profile.UserProfile> Auth	client(String pattern, org.pac4j.core.client.Client<C,U> client) Add an auth client, like facebook, twitter, github, etc...Please note the require dependency must be in the classpath.
<C extends org.pac4j.core.credentials.Credentials,U extends org.pac4j.core.profile.UserProfile> Auth	client(String pattern, Function<com.typesafe.config.Config,org.pac4j.core.client.Client<C,U>> provider) Add an auth client, like facebook, twitter, github, etc...Please note the require dependency must be in the classpath.
com.typesafe.config.Config	config()
void	configure(Env env, com.typesafe.config.Config config, com.google.inject.Binder binder)
Auth	form() Add a form auth client, protecting all the urls *.
Auth	form(String pattern) Add a form auth client.
Auth	form(String pattern, Class<? extends org.pac4j.http.credentials.UsernamePasswordAuthenticator> authenticator) Add a form auth client.
Auth	form(String pattern, Class<? extends org.pac4j.http.credentials.UsernamePasswordAuthenticator> authenticator, Class<? extends org.pac4j.http.profile.UsernameProfileCreator> profileCreator) Add a form auth client.
Auth	logout(String logoutUrl) Set the logout and redirect URL patterns.
Auth	logout(String logoutUrl, String redirecTo) Set the logout and redirect URL patterns.
<U extends org.pac4j.core.profile.UserProfile> Auth	store(Class<? extends AuthStore<U>> store) Setup the AuthStore to use.

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Field Detail

ID

public static final String ID

Constructor Detail

Auth

public Auth()

Method Detail

form

public Auth form(String pattern,
                 Class<? extends org.pac4j.http.credentials.UsernamePasswordAuthenticator> authenticator,
                 Class<? extends org.pac4j.http.profile.UsernameProfileCreator> profileCreator)

Add a form auth client.

Parameters:

pattern - URL pattern to protect.

authenticator - Authenticator to use.

profileCreator - Profile creator to use.

Returns:

This module.

form

public Auth form(String pattern,
                 Class<? extends org.pac4j.http.credentials.UsernamePasswordAuthenticator> authenticator)

Add a form auth client. It setup a UsernameProfileCreator.

Parameters:

pattern - URL pattern to protect.

authenticator - Authenticator to use.

Returns:

This module.

form

public Auth form(String pattern)

Add a form auth client. It setup a SimpleTestUsernamePasswordAuthenticator and a UsernameProfileCreator. Useful for development.

Parameters:

pattern - URL pattern to protect.

Returns:

This module.

form

public Auth form()

Add a form auth client, protecting all the urls *. It setup a SimpleTestUsernamePasswordAuthenticator and a UsernameProfileCreator. Useful for development.

Returns:

This module.

basic

public Auth basic(String pattern,
                  Class<? extends org.pac4j.http.credentials.UsernamePasswordAuthenticator> authenticator,
                  Class<? extends org.pac4j.http.profile.UsernameProfileCreator> profileCreator)

Add a basic auth client.

Parameters:

pattern - URL pattern to protect.

authenticator - Authenticator to use.

profileCreator - Profile creator to use.

Returns:

This module.

basic

public Auth basic(String pattern,
                  Class<? extends org.pac4j.http.credentials.UsernamePasswordAuthenticator> authenticator)

Add a basic auth client. It setup a UsernameProfileCreator.

Parameters:

pattern - URL pattern to protect.

authenticator - Authenticator to use.

Returns:

This module.

basic

public Auth basic(String pattern)

Add a basic auth client. It setup a SimpleTestUsernamePasswordAuthenticator and a UsernameProfileCreator. Useful for development.

Parameters:

pattern - URL pattern to protect.

Returns:

This module.

basic

public Auth basic()

Add a basic auth client, protecting all the urls *. It setup a SimpleTestUsernamePasswordAuthenticator and a UsernameProfileCreator. Useful for development.

Returns:

This module.

client

public <C extends org.pac4j.core.credentials.Credentials,U extends org.pac4j.core.profile.UserProfile> Auth client(org.pac4j.core.client.Client<C,U> client)

Add an auth client, like facebook, twitter, github, etc...Please note the require dependency must be in the classpath.

Type Parameters:

C - Credentials.

U - UserProfile.

Parameters:

client - Client to add.

Returns:

This module.

client

public <C extends org.pac4j.core.credentials.Credentials,U extends org.pac4j.core.profile.UserProfile> Auth client(String pattern,
                                                                                                                   org.pac4j.core.client.Client<C,U> client)

Add an auth client, like facebook, twitter, github, etc...Please note the require dependency must be in the classpath.

Type Parameters:

C - Credentials.

U - UserProfile.

Parameters:

pattern - URL pattern to protect.

client - Client to add.

Returns:

This module.

client

public <C extends org.pac4j.core.credentials.Credentials,U extends org.pac4j.core.profile.UserProfile> Auth client(Function<com.typesafe.config.Config,org.pac4j.core.client.Client<C,U>> provider)

Add an auth client, like facebook, twitter, github, etc...Please note the require dependency must be in the classpath.

Type Parameters:

C - Credentials.

U - UserProfile.

Parameters:

provider - Client to add.

Returns:

This module.

client

public <C extends org.pac4j.core.credentials.Credentials,U extends org.pac4j.core.profile.UserProfile> Auth client(String pattern,
                                                                                                                   Function<com.typesafe.config.Config,org.pac4j.core.client.Client<C,U>> provider)

Add an auth client, like facebook, twitter, github, etc...Please note the require dependency must be in the classpath.

Type Parameters:

C - Credentials.

U - UserProfile.

Parameters:

pattern - URL pattern to protect.

provider - Client to add.

Returns:

This module.

store

public <U extends org.pac4j.core.profile.UserProfile> Auth store(Class<? extends AuthStore<U>> store)

Setup the AuthStore to use. Keep in mind the store is binded it as singleton.

Parameters:

store - Store to use.

Returns:

This module.

logout

public Auth logout(String logoutUrl,
                   String redirecTo)

Set the logout and redirect URL patterns.

Parameters:

logoutUrl - Logout url, default is /logout.

redirecTo - Redirect url, default is /.

Returns:

This module.

logout

public Auth logout(String logoutUrl)

Set the logout and redirect URL patterns.

Parameters:

logoutUrl - Logout url, default is /logout.

Returns:

This module.

configure

public void configure(Env env,
                      com.typesafe.config.Config config,
                      com.google.inject.Binder binder)

Specified by:

configure in interface Jooby.Module

config

public com.typesafe.config.Config config()

Specified by:

config in interface Jooby.Module