我正在尝试在AuthenticationFetcher
实现中获取客户端证书以具有自定义授权实现。
@Singleton
public class SslAuthenticationFetcher implements AuthenticationFetcher {
private static final Logger LOGGER = LoggerFactory.getLogger(SslAuthenticationFetcher.class);
private static final String AUTHENTICATION = "AUTHENTICATION";
private final SessionStore<? extends Session> sessionStore;
private final X509CertificateParser x509CertificateParser;
@Inject
public SslAuthenticationFetcher(X509CertificateParser x509CertificateParser,
SessionStore<? extends Session> sessionStore) {
this.x509CertificateParser = x509CertificateParser;
this.sessionStore = sessionStore;
}
@Override
public Publisher<Authentication> fetchAuthentication(HttpRequest<?> request) {
// Code to check if user-session already exist
UserDetails userDetails = getAuthentication(request);
session.put(AUTHENTICATION, userDetails);
return Flowable.just(userDetails);
}
@NotNull
private UserDetails getAuthentication(HttpRequest<?> request) {
Optional<Certificate> certificate = request.getCertificate(); // This always returns empty
if (!certificate.isPresent()) {
throw new AuthenticationException("No certificate chain found");
}
// Code to parse the certificate to create UserDetails
}
}
我有一个集成测试,该测试会触发对/hello
端点的GET请求
@MicronautTest
class HelloControllerTest {
@Inject
@Client("/")
private HttpClient httpClient;
@Test
void testHelloEndpoint(){
HttpResponse<String> response = httpClient.toBlocking()
.exchange(HttpRequest.GET("/hello"), String.class);
assertEquals("Hello", response.body());
}
}
下面是application-test.yml
文件中我的客户端ssl配置
micronaut:
http:
client:
ssl:
enabled: true
client-authentication: need
key-store:
path: <key-store file path>.p12
password: <key-store file password>
type: PKCS12
trust-store:
path: <trust-store file path>.jks
password: <trust-store file password>
type: JKS
protocol: TLS
问题是,在SslAuthenticationFetcher
中,当我尝试从request
获取证书时,它总是返回Optional.empty
。这里可能是什么问题?