Auth Adapter
Last updated
Was this helpful?
Last updated
Was this helpful?
Auth adapter is a package that needs to be injected into Mosip's applications exposing REST API's inorder to secure them.
Auth Adapter includes following class definitions:
Holds the main configuration for authentication and authorization using spring security.
Inclusions:
AuthenticationManager bean configuration:
RETURNS an instance of the ProviderManager.
This extends AbstractAuthenticationProcessingFilter.
Binds the AuthenticationManager instance created with the filter.
RestTemplate bean configuration:
RETURNS an instance of the RestTemplate.
Secures endpoints using antMatchers and adds filters in a sequence for execution.
AuthFilter is bound with AuthenticationManager to attempt authentication.
Attempt Authentication tasks:
Receives "Authorization" Header from request headers.
Use the assigned Authentication manager to authenticate with the token.
Tasks:
Sets headers to allow cross origin requests.
Sets header to allow and expose "Authorization" header.
Contacts auth server to verify token validity.
Tasks:
Contacts auth server to verify token validity.
Updates token into SecurityContext.
Handles successful authentication. If any action needs to be done after successful authentication, this is where you have to do it.
Captures and sends "UnAuthorized" error.
This extends UsernamePasswordAuthenticationToken class.
Used by spring security to store user details like roles and use this across the application for Authorization purpose.
It is used to intercept any http calls made using rest template from this application.
Config:
Tasks:
Intercept all the requests from the application and do the below tasks.
Intercept a request to add auth token to the "Authorization" header.
Intercept a response to modify the stored token with the "Authorization" header of the response.
Mosip user is the standard spec that will be tuned based on the details stored in ldap for a user.
Adds latest token to the response headers before it is committed.
This is assigned an that we implemented.
bean configuration:
Instance of the is created.
This filter comes in line after the .
Binds the created with the filter.
RETURNS an instance of the .
Binds the instance with the RestTemplate instance created.
This filter is going to act as a CORS filter. It is assigned before in the filter chain.
Stores the response body in an instance of .
Bind instance details with the that extends Spring Security's UserDetails.
Used in for token details.
This is added to the list of interceptors in the RestTemplate bean created in the .
