Remove Servlet specific auth from JAX-RS

This is no longer needed after the changes in how challenges are handled. Partial fix for #5419
2026-03-10 08:41:22 +00:00 · 2019-11-15 12:05:15 +11:00
parent 732e3464d1
commit 60ea7e723e
1 changed files with 8 additions and 31 deletions
--- a/extensions/resteasy/runtime/src/main/java/io/quarkus/resteasy/runtime/UnauthorizedExceptionMapper.java
+++ b/extensions/resteasy/runtime/src/main/java/io/quarkus/resteasy/runtime/UnauthorizedExceptionMapper.java
@@ -1,18 +1,18 @@
 package io.quarkus.resteasy.runtime;

-import java.lang.reflect.Method;
 import java.util.concurrent.ExecutionException;

 import javax.annotation.Priority;
+import javax.enterprise.inject.spi.CDI;
 import javax.ws.rs.Priorities;
 import javax.ws.rs.core.Response;
 import javax.ws.rs.ext.ExceptionMapper;
 import javax.ws.rs.ext.Provider;

 import org.jboss.logging.Logger;
-import org.jboss.resteasy.core.ResteasyContext;

 import io.quarkus.security.UnauthorizedException;
+import io.quarkus.vertx.http.runtime.CurrentVertxRequest;
 import io.quarkus.vertx.http.runtime.security.ChallengeData;
 import io.quarkus.vertx.http.runtime.security.HttpAuthenticator;
 import io.vertx.ext.web.RoutingContext;
@@ -28,41 +28,18 @@ public class UnauthorizedExceptionMapper implements ExceptionMapper<Unauthorized

    private static final Logger log = Logger.getLogger(UnauthorizedExceptionMapper.class.getName());

-    //Servlet API may not be present
-    private static final Class<?> HTTP_SERVLET_REQUEST;
-    private static final Class<?> HTTP_SERVLET_RESPONSE;
-    private static final Method AUTHENTICATE;
-
-    static {
-        Class<?> httpServletReq = null;
-        Class<?> httpServletResp = null;
-        Method auth = null;
-        try {
-            httpServletReq = Class.forName("javax.servlet.http.HttpServletRequest");
-            httpServletResp = Class.forName("javax.servlet.http.HttpServletResponse");
-            auth = httpServletReq.getMethod("authenticate", httpServletResp);
-        } catch (Exception ignored) {
+    private volatile CurrentVertxRequest currentVertxRequest;

+    CurrentVertxRequest currentVertxRequest() {
+        if (currentVertxRequest == null) {
+            currentVertxRequest = CDI.current().select(CurrentVertxRequest.class).get();
        }
-        AUTHENTICATE = auth;
-        HTTP_SERVLET_REQUEST = httpServletReq;
-        HTTP_SERVLET_RESPONSE = httpServletResp;
+        return currentVertxRequest;
    }

    @Override
    public Response toResponse(UnauthorizedException exception) {
-        if (HTTP_SERVLET_REQUEST != null) {
-            Object httpServletRequest = ResteasyContext.getContextData(HTTP_SERVLET_REQUEST);
-            if (httpServletRequest != null) {
-                Object httpServletResponse = ResteasyContext.getContextData(HTTP_SERVLET_RESPONSE);
-                try {
-                    AUTHENTICATE.invoke(httpServletRequest, httpServletResponse);
-                } catch (Exception e) {
-                    throw new RuntimeException(e);
-                }
-            }
-        }
-        RoutingContext context = ResteasyContext.getContextData(RoutingContext.class);
+        RoutingContext context = currentVertxRequest().getCurrent();
        if (context != null) {
            HttpAuthenticator authenticator = context.get(HttpAuthenticator.class.getName());
            if (authenticator != null) {