I'm currently using quarkus to develop a microservice based application. I need to modify the SecurityIdentity (the user is authenticated with oidc) to inject a list of permissions retrieved from another microservice. I'm currently using this for the purpose:
@ApplicationScoped
public class RolesAugmentor implements SecurityIdentityAugmentor {
@Inject
@RestClient
CoreServiceClient coreServiceClient;
@Override
public Uni<SecurityIdentity> augment(SecurityIdentity identity, AuthenticationRequestContext context) {
return context.runBlocking(build(identity));
}
private Supplier<SecurityIdentity> build(SecurityIdentity identity) {
if (identity.isAnonymous()) {
return () -> identity;
} else {
QuarkusSecurityIdentity.Builder builder = QuarkusSecurityIdentity.builder(identity);
var permissions = coreServiceClient.getPermissions();
builder.addRoles(new HashSet<>(permissions));
return builder::build;
}
}
}
where CoreServiceClient is a RestEasy RestClient used to retrieve the user permissions, but when I run the code I get a javax.ws.rs.ProcessingException:javax.enterprise.context.ContextNotActiveException
Any idea on how to accomplish this task?
Thanks euks
Ok. I'm using context propagation now and it seems to work. Here's the updated code.
@ApplicationScoped
public class RolesAugmentor implements SecurityIdentityAugmentor {
@Inject
@RestClient
CoreServiceClient coreServiceClient;
@Inject
ThreadContext threadContext;
@Override
public Uni<SecurityIdentity> augment(SecurityIdentity identity, AuthenticationRequestContext context) {
return context.runBlocking(build(identity));
}
private Supplier<SecurityIdentity> build(SecurityIdentity identity) {
return threadContext.contextualSupplier(() -> {
if (identity.isAnonymous()) {
return identity;
} else {
JsonWebToken jwt = (JsonWebToken) identity.getPrincipal();
QuarkusSecurityIdentity.Builder builder = QuarkusSecurityIdentity.builder(identity);
var permissions = coreServiceClient.getPermissions("Bearer " + jwt.getRawToken());
builder.addRoles(new HashSet<>(permissions));
return builder.build();
}
});
}
}