RequireToken.java

/*
 * Copyright (c) 2015 the original author or authors
 *
 * Licensed under the Apache License, Version 2.0 (the "License");
 * you may not use this file except in compliance with the License.
 * You may obtain a copy of the License at
 *
 *     http://www.apache.org/licenses/LICENSE-2.0
 *
 * Unless required by applicable law or agreed to in writing, software
 * distributed under the License is distributed on an "AS IS" BASIS,
 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 * See the License for the specific language governing permissions and
 * limitations under the License.
 */
package io.werval.modules.jose.filters;

import java.lang.annotation.Documented;
import java.lang.annotation.ElementType;
import java.lang.annotation.Inherited;
import java.lang.annotation.Retention;
import java.lang.annotation.RetentionPolicy;
import java.lang.annotation.Target;
import java.util.Map;
import java.util.Optional;
import java.util.concurrent.CompletableFuture;

import io.werval.api.context.Context;
import io.werval.api.filters.FilterChain;
import io.werval.api.filters.FilterWith;
import io.werval.api.outcomes.Outcome;
import io.werval.modules.jose.JWT;

/**
 * RequireToken Filter Annotation.
 */
@FilterWith( RequireToken.Filter.class )
@Target( { ElementType.TYPE, ElementType.METHOD } )
@Retention( RetentionPolicy.RUNTIME )
@Inherited
@Documented
public @interface RequireToken
{
    /**
     * RequireToken Filter.
     */
    public static class Filter
        implements io.werval.api.filters.Filter<RequireToken>
    {
        @Override
        public CompletableFuture<Outcome> filter( FilterChain chain, Context context, Optional<RequireToken> annotation )
        {
            String jwtHeader = context.application().config().string( JWT.HTTP_HEADER_CONFIG_KEY );
            if( !context.request().headers().has( jwtHeader ) )
            {
                return CompletableFuture.completedFuture( context.outcomes().unauthorized().build() );
            }
            String token = context.request().headers().singleValue( jwtHeader );
            Map<String, Object> claims = context.application().plugin( JWT.class ).claimsOfToken( token );
            context.metaData().put( JWT.TOKEN_METADATA_KEY, token );
            context.metaData().put( JWT.CLAIMS_METADATA_KEY, claims );
            return chain.next( context );
        }
    }
}