java - How do I expose a User in Cloud Endpoints without passing around the reference? -


in google cloud endpoint can inject custom authenticator , user shown below. expose instance of user service methods in way similar apache shiro's securityutils.getsubject().

i have tried executing userservicefactory.getuserservice().getcurrentuser(), no avail (returns null).

i've implemented annotations perform authentication logic on services , i'd keep separate actual business logic inside services. therefore helpful if retrieve current user belonging request being processed anywhere. i'm implementing without spring security or apache shiro.

is there clean way this?

@apimethod(authenticators = {jwtauthenticator.class}, name = "find", path="foobars", httpmethod = get) public foobar getfoobar(user user, long id) {     // i'd rid of passing user reference     return foobars.get(id, user);  // performs checks on user }

unfortunately, due way endpoints implemented, not possible cleanly using framework idioms. if stop including user parameters in api methods, authenticators not run in first place, making useless implement authenticator.

if write own auth code independently of endpoints framework, can have static helpers use threadlocal variables store current users, filled through servlet filter or other mechanism.


Comments

Post a Comment

Popular posts from this blog

php - Vagrant up error - Uncaught Reflection Exception: Class DOMDocument does not exist -

i've set bento/ubuntu-16.04 vagrant box using php 5.6, , getting following error quite few times when try , run shell script: "uncaught reflection exception: class domdocument not exist". i've tried adding following top of script (not together), each no success: "sudo apt-get install php5.6-xml", "sudo apt-get install php5-xml", "sudo apt-get install php-dom" i've tried resetting server "sudo service apache2 restart". does have suggestions?
Read more

vue.js - Create hooks for automated testing -

Image
qa guys complained can't automate frontend testing. because our html looks same outside. lazy hack did this <template> <div :role="$options.name"> ... </div> </template> <script> export default { name: 'vmcomponentname' } </script> which takes name script , applies html. in browser get: <div role="vmcomponentname"> ... </div> line :role="$options.name" goes in every component. is there dry er solutions? please share. additional details i'll explain in details looking for. imagine have vmusercreate form creates user. test case can create user . to automatically test without role, have use following selector: .wrapper > .wrapper > .wrapper > .submit-button the test extremely brittle (will break lot). if use roles can use [role="vmusercreateform"] .submit-button selector. many folds less brittle. so basically, i'm
Read more

.htaccess - ERR_TOO_MANY_REDIRECTS htaccess -

could can explain me .htaccess code doing? rewriterule ([0-9]+)/([^t]{1}[a-za-z0-9_-]{0,})\.([^s]{1}[a-za-z0-9]+)$ ../items/go.php?u=$1/$2.$3 i have folder : mywebsite.com/download/folder1/ .htaccess file in uplevel mywebsite.com/download/ folder contains code above. when access file directly path mywebsite.com/download/folder1/file.mp4 returns error : mywebsite.com redirected many times. try clearing cookies. err_too_many_redirects i tried clear browser cookies issue persist. issue solved when commented out htaccess line above. this rule appears looking specific pattern consisting of: <numbers>/<alphanumeric string not starting t , other conditions applied>.<alphanumeric string not starting s> then redirecting user's browser go.php parsed filename passed file arguments. err_too_many_redirects due infinite redirect loop. without knowing other rewriterule statements present difficult narrow down exact cause. can narrow down
Read more