org.jooby.pac4j

Class Pac4j

java.lang.Object

org.jooby.pac4j.Pac4j

All Implemented Interfaces:

Jooby.Module

public class Pac4j
extends Object
implements Jooby.Module

pac4j module

Authentication module via: pac4j.

usage

Display a basic login-form and restrict access to all the routes defined after the Pac4j module:

 {
   get("/public", () {@literal ->} {
     ...
   });

   use(new Pac4j());

   get("/private", () {@literal ->} {
     ...
   });

 }
 

clients

A Client represents an authentication mechanism. It performs the login process and returns (if successful) a user profile

Clients are configured at bootstrap time using the Pac4j DSL:

 {
   use(new Pac4j()
     .client(conf -> {
       return new FacebookClient(conf.getString("fb.key"), conf.getString("fb.secret"));
     })
   );
 }
 

You can chain calls to add multiple clients:

 {
   use(new Pac4j()
     .client(conf -> {
       return new FormClient("/login", new SimpleTestSimpleTestUsernamePasswordAuthenticator());
     })
     .client(conf -> {
       return new FacebookClient(conf.getString("fb.key"), conf.getString("fb.secret"));
     })
     .client(conf -> {
       return new TwitterClient(conf.getString("twitter.key"), conf.getString("twitter.secret"));
     })
   );
 }
 

protecting urls

By default Pac4j restrict access to all the routes defined after the Pac4j module. You can specify what url must be protected using a path pattern:

 {
   use(new Pac4j()
     .client("/admin/**", conf -> {
       return new FormClient("/login", new SimpleTestSimpleTestUsernamePasswordAuthenticator());
    }));
 }
 

Now all the routes under /admin are protected by Pac4j.

user profile

After login the user profile (current logged user) is accessible via require calls:

 {
   use(new Pac4j().form());

   get("/profile", () -> {
     CommonProfile profile = require(CommonProfile.class);
     ...
   });
 }
 

Access to specific profile type depends on the authentication client:

 {
   use(new Pac4j()
     .client(conf -> {
       return new FacebookClient(conf.getString("fb.key"), conf.getString("fb.secret"));
     })
   );

   get("/profile", () -> {
     FacebookProfile profile = require(FacebookProfile.class);
     ...
   });
 }
 

Or if you prefer the pac4j API:

 {
   use(new Pac4j()
     .client(conf -> {
       return new FacebookClient(conf.getString("fb.key"), conf.getString("fb.secret"));
     })
   );

   get("/profile", req -> {
     ProfileManager pm = require(ProfileManager.class);
     List<CommonProfile> profiles = pm.getAll(req.ifSession().isPresent());
     ...
   });
 }
 

authorizer

Authorizers are provided via client DSL. You can provider an instance of an auhtorizer or class reference to an authorizer.

 {
   use(new Pac4j()
     .client("*", MyAuthorizer.class, conf -> {
       return new FacebookClient(conf.getString("fb.key"), conf.getString("fb.secret"));
     })
   );
 }
 

Here MyAuthorizer will be provisioned by Guice.

advanced usage

For advanced usage is available via doWith(Consumer) method:

 {
   use(new Pac4j()
     .doWith(pac4j -> {
       pac4j.setSecurityLogic(...);
       pac4j.setHttpActionAdapter(...);
     })
   );
 }
 

Since:

1.3.0

Author:

edgar

Constructor Summary

Constructors

Constructor and Description
Pac4j() Creates a new Pac4j module.

Method Summary

Modifier and Type	Method and Description
<C extends org.pac4j.core.credentials.Credentials,U extends org.pac4j.core.profile.CommonProfile> Pac4j	client(Function<com.typesafe.config.Config,org.pac4j.core.client.Client<C,U>> client) Add a pac4j client and protected all the routes defined after the module:
<C extends org.pac4j.core.credentials.Credentials,U extends org.pac4j.core.profile.CommonProfile> Pac4j	client(String pattern, org.pac4j.core.authorization.authorizer.Authorizer<U> authorizer, Function<com.typesafe.config.Config,org.pac4j.core.client.Client<C,U>> client) Add a pac4j client, protected all the routes defined after that matches the pattern and attach an authorizer:
<C extends org.pac4j.core.credentials.Credentials,U extends org.pac4j.core.profile.CommonProfile> Pac4j	client(String pattern, Class<? extends org.pac4j.core.authorization.authorizer.Authorizer> authorizer, Function<com.typesafe.config.Config,org.pac4j.core.client.Client<C,U>> client) Add a pac4j client, protected all the routes defined after that matches the pattern and attach an authorizer:
<C extends org.pac4j.core.credentials.Credentials,U extends org.pac4j.core.profile.CommonProfile> Pac4j	client(String pattern, Function<com.typesafe.config.Config,org.pac4j.core.client.Client<C,U>> client) Add a pac4j client and protected all the routes defined after that matches the pattern:
com.typesafe.config.Config	config()
void	configure(Env env, com.typesafe.config.Config conf, com.google.inject.Binder binder)
Pac4j	doWith(BiConsumer<org.pac4j.core.config.Config,com.typesafe.config.Config> configurer) Configurer pa4j options, only necessary it you want to provide your own pac4j components.
Pac4j	doWith(Consumer<org.pac4j.core.config.Config> configurer) Configurer pa4j options, only necessary it you want to provide your own pac4j components.
Pac4j	form() Add a simple login form.
Pac4j	form(String pattern) Add a simple login form.
Pac4j	multiProfile(boolean multiProfile) Set pac4j option multiProfile.
Pac4j	unauthenticated(Function<Request,org.pac4j.core.profile.UserProfile> provider) Set a default action which is execute when no user is logged in.
Pac4j	unauthenticated(Supplier<org.pac4j.core.profile.UserProfile> provider) Set a default action which is execute when no user is logged in.

Methods inherited from class java.lang.Object

equals, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Constructor Detail

Pac4j

public Pac4j()

Creates a new Pac4j module.

Method Detail

doWith

public Pac4j doWith(Consumer<org.pac4j.core.config.Config> configurer)

Configurer pa4j options, only necessary it you want to provide your own pac4j components.

 {
   use(new Pac4j()
     .doWith(pac4j -> {
       pac4j.setSecurityLogic(...);
       pac4j.setHttpActionAdapter(...);
     })
   );
 }
 

Parameters:

configurer - Configurer callback.

Returns:

This module.

doWith

public Pac4j doWith(BiConsumer<org.pac4j.core.config.Config,com.typesafe.config.Config> configurer)

Configurer pa4j options, only necessary it you want to provide your own pac4j components.

 {
   use(new Pac4j()
     .doWith((pac4j, conf) -> {
       pac4j.setSecurityLogic(...);
       pac4j.setHttpActionAdapter(...);
     })
   );
 }
 

Parameters:

configurer - Configurer callback.

Returns:

This module.

client

public <C extends org.pac4j.core.credentials.Credentials,U extends org.pac4j.core.profile.CommonProfile> Pac4j client(Function<com.typesafe.config.Config,org.pac4j.core.client.Client<C,U>> client)

Add a pac4j client and protected all the routes defined after the module:

 {
   use(new Pac4j()
     .client(conf -> {
       return new FacebookClient(conf.getString("fb.key"), conf.getString("fb.secret"));
     })
   );

   // protected routes
 }
 

Type Parameters:

C - Credential type.

U - User profile type.

Parameters:

client - Client provider.

Returns:

This module.

client

public <C extends org.pac4j.core.credentials.Credentials,U extends org.pac4j.core.profile.CommonProfile> Pac4j client(String pattern,
                                                                                                                      Function<com.typesafe.config.Config,org.pac4j.core.client.Client<C,U>> client)

Add a pac4j client and protected all the routes defined after that matches the pattern:

 {
   use(new Pac4j()
     .client("/admin/**", conf -> {
       return new FacebookClient(conf.getString("fb.key"), conf.getString("fb.secret"));
     })
   );

   // all routes at /admin are now protected.
 }
 

Type Parameters:

C - Credential type.

U - User profile type.

Parameters:

pattern - Pattern to protect.

client - Client provider.

Returns:

This module.

client

public <C extends org.pac4j.core.credentials.Credentials,U extends org.pac4j.core.profile.CommonProfile> Pac4j client(String pattern,
                                                                                                                      Class<? extends org.pac4j.core.authorization.authorizer.Authorizer> authorizer,
                                                                                                                      Function<com.typesafe.config.Config,org.pac4j.core.client.Client<C,U>> client)

Add a pac4j client, protected all the routes defined after that matches the pattern and attach an authorizer:

 {
   use(new Pac4j()
     .client("*", MyAuthorizer.class, conf -> {
       return new FacebookClient(conf.getString("fb.key"), conf.getString("fb.secret"));
     })
   );
 }
 

The authorizer will be provisioned by Guice.

Type Parameters:

C - Credential type.

U - User profile type.

Parameters:

pattern - Pattern to protect.

authorizer - Authorizer.

client - Client provider.

Returns:

This module.

client

public <C extends org.pac4j.core.credentials.Credentials,U extends org.pac4j.core.profile.CommonProfile> Pac4j client(String pattern,
                                                                                                                      org.pac4j.core.authorization.authorizer.Authorizer<U> authorizer,
                                                                                                                      Function<com.typesafe.config.Config,org.pac4j.core.client.Client<C,U>> client)

Add a pac4j client, protected all the routes defined after that matches the pattern and attach an authorizer:

 {
   use(new Pac4j()
     .client("*", new MyAuthorizer(), conf -> {
       return new FacebookClient(conf.getString("fb.key"), conf.getString("fb.secret"));
     })
   );
 }
 

Type Parameters:

C - Credential type.

U - User profile type.

Parameters:

pattern - Pattern to protect.

authorizer - Authorizer.

client - Client provider.

Returns:

This module.

unauthenticated

public Pac4j unauthenticated(Function<Request,org.pac4j.core.profile.UserProfile> provider)

Set a default action which is execute when no user is logged in.

 {
   use(new Pac4j()
     .unauthenticated(req -> {
       UserProfile anonymous = ...
       return anonymous;
     })
   );

   get("/", () -> {
     // might or might not be anonymous
     UserProfile profile = require(UserProfile.class);
     return ...;
   }
 }
 

The default action throws a 403 error.

Parameters:

provider - Unauthenticated user provider.

Returns:

This module.

unauthenticated

public Pac4j unauthenticated(Supplier<org.pac4j.core.profile.UserProfile> provider)

Set a default action which is execute when no user is logged in.

 {
   use(new Pac4j()
     .unauthenticated(() -> {
       UserProfile anonymous = ...
       return anonymous;
     })
   );

   get("/", () -> {
     // might or might not be anonymous
     UserProfile profile = require(UserProfile.class);
     return ...;
   }
 }
 

The default action throws a 403 error.

Parameters:

provider - Unauthenticated user provider.

Returns:

This module.

multiProfile

public Pac4j multiProfile(boolean multiProfile)

Set pac4j option multiProfile.

Parameters:

multiProfile - True for multiprofile.

Returns:

This module.

form

public Pac4j form()

Add a simple login form. Useful for development and quick startup.

Returns:

This module.

form

public Pac4j form(String pattern)

Add a simple login form. Useful for development and quick startup.

Parameters:

pattern - Pattern to protect.ver

Returns:

This module.

configure

public void configure(Env env,
                      com.typesafe.config.Config conf,
                      com.google.inject.Binder binder)
               throws Throwable

Specified by:

configure in interface Jooby.Module

Throws:

Throwable

config

public com.typesafe.config.Config config()

Specified by:

config in interface Jooby.Module