0

我目前正在使用 quarkus 开发基于微服务的应用程序。我需要修改 SecurityIdentity(用户通过 oidc 进行身份验证)以注入从另一个微服务检索到的权限列表。我目前将其用于以下目的:

@ApplicationScoped
public class RolesAugmentor implements SecurityIdentityAugmentor {

    @Inject
    @RestClient
    CoreServiceClient coreServiceClient;

    @Override
    public Uni<SecurityIdentity> augment(SecurityIdentity identity, AuthenticationRequestContext context) {
        return context.runBlocking(build(identity));
    }

    private Supplier<SecurityIdentity> build(SecurityIdentity identity) {
        if (identity.isAnonymous()) {
            return () -> identity;
        } else {
            QuarkusSecurityIdentity.Builder builder = QuarkusSecurityIdentity.builder(identity);
            var permissions = coreServiceClient.getPermissions();
            builder.addRoles(new HashSet<>(permissions));
            return builder::build;
        }
    }

}

其中 CoreServiceClient 是用于检索用户权限的 RestEasy RestClient,但是当我运行代码时,我得到一个 javax.ws.rs.ProcessingException:javax.enterprise.context.ContextNotActiveException

关于如何完成这项任务的任何想法?

谢谢尤克斯

4

1 回答 1

2

好的。我现在正在使用上下文传播,它似乎有效。这是更新的代码。

@ApplicationScoped
public class RolesAugmentor implements SecurityIdentityAugmentor {

    @Inject
    @RestClient
    CoreServiceClient coreServiceClient;

    @Inject
    ThreadContext threadContext;

    @Override
    public Uni<SecurityIdentity> augment(SecurityIdentity identity, AuthenticationRequestContext context) {
        return context.runBlocking(build(identity));
    }

    private Supplier<SecurityIdentity> build(SecurityIdentity identity) {
        return threadContext.contextualSupplier(() -> {
            if (identity.isAnonymous()) {
                return identity;
            } else {
                JsonWebToken jwt = (JsonWebToken) identity.getPrincipal();
                QuarkusSecurityIdentity.Builder builder = QuarkusSecurityIdentity.builder(identity);
                var permissions = coreServiceClient.getPermissions("Bearer " + jwt.getRawToken());
                builder.addRoles(new HashSet<>(permissions));
                return builder.build();
            }
        });
    }

}
于 2021-04-22T19:51:32.473 回答