Search code examples
quarkusquarkus-rest-clientquarkus-oidc

ContextNotActiveException when using RestClient


I'm currently using quarkus to develop a microservice based application. I need to modify the SecurityIdentity (the user is authenticated with oidc) to inject a list of permissions retrieved from another microservice. I'm currently using this for the purpose:

@ApplicationScoped
public class RolesAugmentor implements SecurityIdentityAugmentor {

    @Inject
    @RestClient
    CoreServiceClient coreServiceClient;

    @Override
    public Uni<SecurityIdentity> augment(SecurityIdentity identity, AuthenticationRequestContext context) {
        return context.runBlocking(build(identity));
    }

    private Supplier<SecurityIdentity> build(SecurityIdentity identity) {
        if (identity.isAnonymous()) {
            return () -> identity;
        } else {
            QuarkusSecurityIdentity.Builder builder = QuarkusSecurityIdentity.builder(identity);
            var permissions = coreServiceClient.getPermissions();
            builder.addRoles(new HashSet<>(permissions));
            return builder::build;
        }
    }

}

where CoreServiceClient is a RestEasy RestClient used to retrieve the user permissions, but when I run the code I get a javax.ws.rs.ProcessingException:javax.enterprise.context.ContextNotActiveException

Any idea on how to accomplish this task?

Thanks euks


Solution

  • Ok. I'm using context propagation now and it seems to work. Here's the updated code.

    @ApplicationScoped
    public class RolesAugmentor implements SecurityIdentityAugmentor {
    
        @Inject
        @RestClient
        CoreServiceClient coreServiceClient;
    
        @Inject
        ThreadContext threadContext;
    
        @Override
        public Uni<SecurityIdentity> augment(SecurityIdentity identity, AuthenticationRequestContext context) {
            return context.runBlocking(build(identity));
        }
    
        private Supplier<SecurityIdentity> build(SecurityIdentity identity) {
            return threadContext.contextualSupplier(() -> {
                if (identity.isAnonymous()) {
                    return identity;
                } else {
                    JsonWebToken jwt = (JsonWebToken) identity.getPrincipal();
                    QuarkusSecurityIdentity.Builder builder = QuarkusSecurityIdentity.builder(identity);
                    var permissions = coreServiceClient.getPermissions("Bearer " + jwt.getRawToken());
                    builder.addRoles(new HashSet<>(permissions));
                    return builder.build();
                }
            });
        }
    
    }