Open TheHett opened 2 years ago
Currently these aren't implemented yet (only non reactive).
You have to convert this class to reactive for it to work https://github.com/yidongnan/grpc-spring-boot-starter/blob/master/grpc-server-spring-boot-autoconfigure/src/main/java/net/devh/boot/grpc/server/security/interceptors/DefaultAuthenticatingServerInterceptor.java
It would be nice, if you could contribute it once you have implemented it.
Hm, I'm sorry, it working now. I just didn't implement AuthenticationManager
.
My knowlege of spring is poor.
Context may be accessed like this, it works too.
val auth: Authentication = SecurityContextHolder.getContext().authentication
Maybe it will be better to prevent work without registered AuthenticationManager
?
I'm not sure what you are suggesting. Could you please explain your idea in more detail?
If AuthenticationManager
isn't registered in DI container then the application started but we will get the error in runtime:
An Authentication object was not found in the SecurityContext
It possible to check existence AuthenticationManager
on boot stage?
It's just an idea, maybe not correct.
AFAICT the grpc security parts only gets activated if there is such an AuthenticationManager
.
https://github.com/yidongnan/grpc-spring-boot-starter/blob/master/grpc-server-spring-boot-autoconfigure/src/main/java/net/devh/boot/grpc/server/autoconfigure/GrpcServerSecurityAutoConfiguration.java#L63
I don't see any grpc-spring-boot-starter lines in the stacktrace so this is a spring security/config bug.
I think it can be closed, since everything works fine? Just one thing that I added:
@GrpcGlobalServerInterceptor
fun contextCoroutineInterceptor(): ServerInterceptor {
return object : CoroutineContextServerInterceptor() {
override fun coroutineContext(call: ServerCall<*, *>, headers: Metadata): CoroutineContext {
return Dispatchers.Default + SecurityCoroutineContext()
}
}
}
class SecurityCoroutineContext(
private val securityContext: SecurityContext = SecurityContextHolder.getContext()
) : ThreadContextElement<SecurityContext?> {
companion object Key : CoroutineContext.Key<SecurityCoroutineContext>
override val key: CoroutineContext.Key<SecurityCoroutineContext> get() = Key
override fun updateThreadContext(context: CoroutineContext): SecurityContext? {
val previousSecurityContext = SecurityContextHolder.getContext()
SecurityContextHolder.setContext(securityContext)
return previousSecurityContext.takeIf { it.authentication != null }
}
override fun restoreThreadContext(context: CoroutineContext, oldState: SecurityContext?) {
if (oldState == null) {
SecurityContextHolder.clearContext()
} else {
SecurityContextHolder.setContext(oldState)
}
}
}
I don't know if this should be added to the project?
I don't know if this should be added to the project?
I leave this open until we have decided to either add it, document it or discard it.
Hi. I trying to use annotation @security checks, my config:
Also added
SecurityCoroutineContext
from here https://github.com/yidongnan/grpc-spring-boot-starter/issues/462#issuecomment-921140929Service
But error occurs
The method
ApiTokenAuthenticationReader.readAuthentication
was not called, therefore I suspect that problem not in my reader.The question
Stacktraces and logs
The application's environment