Avoid deprecations

Signed-off-by: Paulo Lopes <[email protected]>
cescoffier · Mar 8, 2023 · b93fd69 · b93fd69
1 parent bb18de5
commit b93fd69
Show file tree

Hide file tree

Showing 2 changed files with 57 additions and 85 deletions.
diff --git a/vertx-web/src/main/java/io/vertx/ext/web/handler/impl/WebAuthnHandlerImpl.java b/vertx-web/src/main/java/io/vertx/ext/web/handler/impl/WebAuthnHandlerImpl.java
@@ -180,7 +180,7 @@ public void onOrder(int order) {
 
   private void mountRegister() {
     register
-    // force a post if otherwise
+      // force a post if otherwise
       .method(HttpMethod.POST)
       .order(order - 1)
       .handler(ctx -> {
@@ -202,21 +202,16 @@ private void mountRegister() {
               return;
             }
 
-            authProvider.createCredentialsOptions(webauthnRegister, createCredentialsOptions -> {
-              if (createCredentialsOptions.failed()) {
-                ctx.fail(createCredentialsOptions.cause());
-                return;
-              }
-
-              final JsonObject credentialsOptions = createCredentialsOptions.result();
-
-              // save challenge to the session
-              session
-                .put("challenge", credentialsOptions.getString("challenge"))
-                .put("username", webauthnRegister.getString("name"));
+            authProvider.createCredentialsOptions(webauthnRegister)
+              .onFailure(ctx::fail)
+              .onSuccess(credentialsOptions -> {
+                // save challenge to the session
+                session
+                  .put("challenge", credentialsOptions.getString("challenge"))
+                  .put("username", webauthnRegister.getString("name"));
 
-              ok(ctx, credentialsOptions);
-            });
+                ok(ctx, credentialsOptions);
+              });
           }
         } catch (IllegalArgumentException e) {
           ctx.fail(400, e);
@@ -228,7 +223,7 @@ private void mountRegister() {
 
   private void mountLogin() {
     login
-    // force a post if otherwise
+      // force a post if otherwise
       .method(HttpMethod.POST)
       .order(order - 1)
       .handler(ctx -> {
@@ -247,20 +242,15 @@ private void mountLogin() {
           }
 
           // STEP 18 Generate assertion
-          authProvider.getCredentialsOptions(username, generateServerGetAssertion -> {
-            if (generateServerGetAssertion.failed()) {
-              ctx.fail(generateServerGetAssertion.cause());
-              return;
-            }
-
-            final JsonObject getAssertion = generateServerGetAssertion.result();
-
-            session
-              .put("challenge", getAssertion.getString("challenge"))
-              .put("username", username);
+          authProvider.getCredentialsOptions(username)
+            .onFailure(ctx::fail)
+            .onSuccess(getAssertion -> {
+              session
+                .put("challenge", getAssertion.getString("challenge"))
+                .put("username", username);
 
-            ok(ctx, getAssertion);
-          });
+              ok(ctx, getAssertion);
+            });
         } catch (IllegalArgumentException e) {
           ctx.fail(400, e);
         } catch (RuntimeException e) {
@@ -271,7 +261,7 @@ private void mountLogin() {
 
   private void mountResponse() {
     response
-    // force a post if otherwise
+      // force a post if otherwise
       .method(HttpMethod.POST)
       .order(order - 1)
       .handler(ctx -> {
@@ -302,32 +292,26 @@ private void mountResponse() {
           }
 
           authProvider.authenticate(
-            // authInfo
-            new WebAuthnCredentials()
-              .setOrigin(origin)
-              .setDomain(domain)
-              .setChallenge(session.get("challenge"))
-              .setUsername(session.get("username"))
-              .setWebauthn(webauthnResp), authenticate -> {
-
-              // invalidate the challenge
-              session.remove("challenge");
-
-              if (authenticate.succeeded()) {
-                final User user = authenticate.result();
-                // save the user into the context
-                ctx.setUser(user);
-                // the user has upgraded from unauthenticated to authenticated
-                // session should be upgraded as recommended by owasp
-                session.regenerateId();
-                ok(ctx);
+              // authInfo
+              new WebAuthnCredentials()
+                .setOrigin(origin)
+                .setDomain(domain)
+                .setChallenge(session.remove("challenge"))
+                .setUsername(session.get("username"))
+                .setWebauthn(webauthnResp))
+            .onSuccess(user -> {
+              // save the user into the context
+              ctx.setUser(user);
+              // the user has upgraded from unauthenticated to authenticated
+              // session should be upgraded as recommended by owasp
+              session.regenerateId();
+              ok(ctx);
+            })
+            .onFailure(cause -> {
+              if (cause instanceof AttestationException) {
+                ctx.fail(400, cause);
               } else {
-                Throwable cause = authenticate.cause();
-                if (cause instanceof AttestationException) {
-                  ctx.fail(400, cause);
-                } else {
-                  ctx.fail(cause);
-                }
+                ctx.fail(cause);
               }
             });
         } catch (IllegalArgumentException e) {

diff --git a/vertx-web/src/main/java/io/vertx/ext/web/handler/sockjs/impl/EventBusBridgeImpl.java b/vertx-web/src/main/java/io/vertx/ext/web/handler/sockjs/impl/EventBusBridgeImpl.java
@@ -233,20 +233,18 @@ private void internalHandleRegister(SockJSSocket sock, JsonObject rawMsg, Map<St
             Match curMatch = checkMatches(false, address, msg.body());
             if (curMatch.doesMatch) {
               if (curMatch.requiredAuthority != null) {
-                authorise(curMatch, sock.webUser(), res -> {
-                  if (res.succeeded()) {
-                    if (res.result()) {
+                authorise(curMatch, sock.webUser())
+                  .onSuccess(ok -> {
+                    if (ok) {
                       checkAddAccceptedReplyAddress(msg);
                       deliverMessage(sock, address, msg);
                     } else {
                       if (debug) {
                         LOG.debug("Outbound message for address " + address + " rejected because auth is required and socket is not authed");
                       }
                     }
-                  } else {
-                    LOG.error(res.cause());
-                  }
-                });
+                  })
+                  .onFailure(LOG::error);
 
               } else {
                 checkAddAccceptedReplyAddress(msg);
@@ -440,21 +438,21 @@ private void doSendOrPub(boolean send, SockJSSocket sock, String address,
       if (curMatch.requiredAuthority != null) {
         User webUser = sock.webUser();
         if (webUser != null) {
-          authorise(curMatch, webUser, res -> {
-            if (res.succeeded()) {
-              if (res.result()) {
+          authorise(curMatch, webUser)
+            .onSuccess(ok -> {
+              if (ok) {
                 checkAndSend(send, address, body, headers, sock, replyAddress, awaitingReply);
               } else {
                 replyError(sock, "access_denied");
                 if (debug) {
                   LOG.debug("Inbound message for address " + address + " rejected because is not authorised");
                 }
               }
-            } else {
+            })
+            .onFailure(err -> {
               replyError(sock, "auth_error");
-              LOG.error("Error in performing authorization", res.cause());
-            }
-          });
+              LOG.error("Error in performing authorization", err);
+            });
         } else {
           // no web session
           replyError(sock, "not_logged_in");
@@ -545,31 +543,21 @@ private void checkAndSend(boolean send, String address, Object body,
     }
   }
 
-  private void authorise(Match curMatch, User webUser, Handler<AsyncResult<Boolean>> handler) {
+  private Future<Boolean> authorise(Match curMatch, User webUser) {
     // step 1: match against the raw user, if a AuthZ handler is in the path it could have already
     //         loaded the authorizations
     if (curMatch.requiredAuthority.match(webUser)) {
-      handler.handle(Future.succeededFuture(true));
-      return;
+      return Future.succeededFuture(true);
     }
 
     if (authzProvider == null) {
       // can't load, there's no provider
-      handler.handle(Future.succeededFuture(false));
-      return;
+      return Future.succeededFuture(false);
     }
     // step 2: load authorizations
-    authzProvider.getAuthorizations(webUser, res -> {
-      if (res.succeeded()) {
-        if (curMatch.requiredAuthority.match(webUser)) {
-          handler.handle(Future.succeededFuture(true));
-        } else {
-          handler.handle(Future.succeededFuture(false));
-        }
-      } else {
-        handler.handle(Future.failedFuture(res.cause()));
-      }
-    });
+    return authzProvider
+      .getAuthorizations(webUser)
+      .map(res -> curMatch.requiredAuthority.match(webUser));
   }
 
   /*