search

Matthias247 / jawampa

Web Application Messaging Protocol (WAMP v2) support for Java
Apache License 2.0
148 stars 56 forks source link

Authorization feature #73

Closed marvin-bitterlich closed 8 years ago

marvin-bitterlich commented 8 years ago

I am trying to implement dynamic authorization with crossbar.io and jawampa as a guest worker. But I cannot find anything on what I will get as parameters.

from docs http://crossbar.io/docs/Authorization/

@wamp.register('com.example.authorize')
def custom_authorize(session, uri, action):
   ## your custom authorization logic to determine whether client
   ## session should be allowed to perform action on uri
   if ...
      ## allow action
      return True
   else:
      ## deny action
      return False

with the session being this:

{
   "realm": "realm1",
   "authprovider": None,
   "authid": "VA-TKRAaIT44meQKZ6n5y7wk",
   "authrole": "frontend",
   "authmethod": "anonymous",
   "session": 1849286409148650
}

how can I replicate this in java?

                request -> {
                    if (request.arguments() == null || request.arguments().size() != 3) {
                        try {
                            request.replyError(new ApplicationError(ApplicationError.INVALID_PARAMETER));
                        } catch (ApplicationError e) {
                            LOGGER.log(Level.FINE, "There was an ApplicationError", e);
                        }
                    } else {
                        //Something?
                    }
                }
Matthias247 commented 8 years ago

Don't understand it correctly: Do you need client or server side authentication? I guess that's server side? Unfortunatly currently there are no server-side auth features implemented. For the client side some parts were contributed here: https://github.com/Matthias247/jawampa/pull/39

marvin-bitterlich commented 8 years ago

I habe a jawampa client connecting to a crossbar.io router. And the crossbar.io router has a dynamic authorisation feature, so that my client becomes the approver if someone can register a procedure etc. (explained in the linked docs)

What I have to do is register a procedure, which will get a call for each request other clients make an can approve or decline them.

But the parameters were unclear in what they are, so I was hoping, someone has some example code on how to make these procedures.

Am 29.10.2015 22:48 schrieb Matthias Einwag notifications@github.com:

Don't understand it correctly: Do you need client or server side authentication? I guess that's server side? Unfortunatly currently there are no server-side auth features implemented. For the client side some parts were contributed here: #39

— Reply to this email directly or view it on GitHub.

marvin-bitterlich commented 8 years ago

Got it to work with:

request -> {
    if (request.arguments() == null || request.arguments().size() != 3) {
        try {
            request.replyError(new ApplicationError(ApplicationError.INVALID_PARAMETER));
        } catch (ApplicationError e) {
            LOGGER.log(Level.FINE, "There was an ApplicationError", e);
        }
    } else {
        String user = request.arguments().get(0).findValue("authid").asText();
        String URI = request.arguments().get(1).asText();
        String action = request.arguments().get(2).asText();
        LOGGER.info("User " + user + " tries to " + action + " on " + URI);
        if (user.equals("joe") && URI.startsWith("com")) {
            request.reply(true);
        }
        request.reply(false);
    }
}