Refactor: Authentication, authorization

Refactored classes related to auth
entication and authorization by <br> 1.Having seperate handlers for authentication, authorization <br> 2. Having seperate AuthHandler for verify policy <br> 3. Changed AuthHandler to have non-static create method <br> 4. Static methods in RoutingContextHelper to add and get info from routing context

src/main/java/iudx/apd/acl/server/aaaService/AuthClient.java

@@ -1,4 +1,4 @@
-package iudx.apd.acl.server.authentication;
+package iudx.apd.acl.server.aaaService;
 
 import static iudx.apd.acl.server.apiserver.util.Constants.EMAIL_ID;
 import static iudx.apd.acl.server.apiserver.util.Constants.FIRST_NAME;

src/main/java/iudx/apd/acl/server/aaaService/AuthClientInterface.java

@@ -1,4 +1,4 @@
-package iudx.apd.acl.server.authentication;
+package iudx.apd.acl.server.aaaService;
 
 import io.vertx.core.Future;
 import io.vertx.core.json.JsonObject;

src/main/java/iudx/apd/acl/server/apiserver/ApiServerVerticle.java

@@ -25,12 +25,14 @@
 import io.vertx.ext.web.handler.CorsHandler;
 import io.vertx.ext.web.handler.TimeoutHandler;
 import io.vertx.ext.web.openapi.RouterBuilder;
+import iudx.apd.acl.server.aaaService.AuthClient;
 import iudx.apd.acl.server.apiserver.util.User;
 import iudx.apd.acl.server.auditing.AuditingService;
-import iudx.apd.acl.server.authentication.AuthClient;
 import iudx.apd.acl.server.authentication.AuthHandler;
 import iudx.apd.acl.server.authentication.Authentication;
 import iudx.apd.acl.server.authentication.AuthenticationService;
+import iudx.apd.acl.server.authentication.VerifyAuthHandler;
+import iudx.apd.acl.server.authentication.authorization.UserAccessHandler;
 import iudx.apd.acl.server.common.Api;
 import iudx.apd.acl.server.common.HttpStatusCode;
 import iudx.apd.acl.server.common.ResponseUrn;
@@ -81,7 +83,9 @@ public class ApiServerVerticle extends AbstractVerticle {
   private PostgresService pgService;
   private WebClient webClient;
   private WebClientOptions webClientOptions;
-  private RoutingContextHelper routingContextHelper;
+  private AuthHandler authHandler;
+  private UserAccessHandler userAccessHandler;
+  private VerifyAuthHandler verifyAuthHandler;
 
   /**
    * This method is used to start the Verticle. It deploys a verticle in a cluster, reads the
@@ -107,8 +111,11 @@ public void start() throws Exception {
     authenticator = AuthenticationService.createProxy(vertx, AUTH_SERVICE_ADDRESS);
     authClient = new AuthClient(config(), webClient);
     pgService = new PostgresService(config(), vertx);
-    routingContextHelper = new RoutingContextHelper();
     FailureHandler failureHandler = new FailureHandler();
+    authHandler = new AuthHandler(api, authenticator);
+    verifyAuthHandler = new VerifyAuthHandler(api, authenticator);
+
+    userAccessHandler = new UserAccessHandler(pgService, authClient);
 
     /* Initialize Router builder */
     RouterBuilder.create(vertx, "docs/openapi.yaml")
@@ -118,49 +125,57 @@ public void start() throws Exception {
 
               routerBuilder
                   .operation(CREATE_POLICY_API)
-                  .handler(AuthHandler.create(api, authenticator, authClient, pgService, routingContextHelper))
+                  .handler(authHandler)
+                  .handler(userAccessHandler)
                   .handler(this::postPoliciesHandler)
                   .failureHandler(failureHandler);
 
               routerBuilder
                   .operation(GET_POLICY_API)
-                  .handler(AuthHandler.create(api, authenticator, authClient, pgService, routingContextHelper))
+                  .handler(authHandler)
+                  .handler(userAccessHandler)
                   .handler(this::getPoliciesHandler)
                   .failureHandler(failureHandler);
 
               routerBuilder
                   .operation(DELETE_POLICY_API)
-                  .handler(AuthHandler.create(api, authenticator, authClient, pgService, routingContextHelper))
+                  .handler(authHandler)
+                  .handler(userAccessHandler)
                   .handler(this::deletePoliciesHandler)
                   .failureHandler(failureHandler);
 
               routerBuilder
                   .operation(CREATE_NOTIFICATIONS_API)
-                  .handler(AuthHandler.create(api, authenticator, authClient, pgService, routingContextHelper))
+                  .handler(authHandler)
+                  .handler(userAccessHandler)
                   .handler(this::postAccessRequestHandler)
                   .failureHandler(failureHandler);
 
               routerBuilder
                   .operation(UPDATE_NOTIFICATIONS_API)
-                  .handler(AuthHandler.create(api, authenticator, authClient, pgService, routingContextHelper))
+                  .handler(authHandler)
+                  .handler(userAccessHandler)
                   .handler(this::putAccessRequestHandler)
                   .failureHandler(failureHandler);
 
               routerBuilder
                   .operation(GET_NOTIFICATIONS_API)
-                  .handler(AuthHandler.create(api, authenticator, authClient, pgService, routingContextHelper))
+                  .handler(authHandler)
+                  .handler(userAccessHandler)
                   .handler(this::getAccessRequestHandler)
                   .failureHandler(failureHandler);
 
               routerBuilder
                   .operation(DELETE_NOTIFICATIONS_API)
-                  .handler(AuthHandler.create(api, authenticator, authClient, pgService, routingContextHelper))
+                  .handler(authHandler)
+                  .handler(userAccessHandler)
                   .handler(this::deleteAccessRequestHandler)
                   .failureHandler(failureHandler);
 
               routerBuilder
                   .operation(VERIFY_API)
-                  .handler(AuthHandler.create(api, authenticator, authClient, pgService, routingContextHelper))
+                  .handler(authHandler)
+                  .handler(userAccessHandler)
                   .handler(this::verifyRequestHandler)
                   .failureHandler(failureHandler);
 
@@ -231,7 +246,7 @@ private void verifyRequestHandler(RoutingContext routingContext) {
   private void postAccessRequestHandler(RoutingContext routingContext) {
     JsonObject request = routingContext.body().asJsonObject();
     HttpServerResponse response = routingContext.response();
-    User user = routingContextHelper.getUser();
+    User user = RoutingContextHelper.getUser(routingContext);
     notificationService
         .createNotification(request, user)
         .onComplete(
@@ -264,7 +279,7 @@ private void printDeployedEndpoints(Router router) {
   private void putAccessRequestHandler(RoutingContext routingContext) {
     JsonObject notification = routingContext.body().asJsonObject();
     HttpServerResponse response = routingContext.response();
-    User user = routingContextHelper.getUser();
+    User user = RoutingContextHelper.getUser(routingContext);
     notificationService
         .updateNotification(notification, user)
         .onComplete(
@@ -289,7 +304,7 @@ private void putAccessRequestHandler(RoutingContext routingContext) {
   private void deleteAccessRequestHandler(RoutingContext routingContext) {
     JsonObject notification = routingContext.body().asJsonObject();
     HttpServerResponse response = routingContext.response();
-    User user = routingContextHelper.getUser();
+    User user = RoutingContextHelper.getUser(routingContext);
     notificationService
         .deleteNotification(notification, user)
         .onComplete(
@@ -313,7 +328,7 @@ private void deleteAccessRequestHandler(RoutingContext routingContext) {
 
   private void getAccessRequestHandler(RoutingContext routingContext) {
     HttpServerResponse response = routingContext.response();
-    User user = routingContextHelper.getUser();
+    User user = RoutingContextHelper.getUser(routingContext);
     notificationService
         .getNotification(user)
         .onComplete(
@@ -330,7 +345,7 @@ private void getAccessRequestHandler(RoutingContext routingContext) {
   private void postPoliciesHandler(RoutingContext routingContext) {
     JsonObject requestBody = routingContext.body().asJsonObject();
     HttpServerResponse response = routingContext.response();
-    User user = routingContextHelper.getUser();
+    User user = RoutingContextHelper.getUser(routingContext);
     policyService
         .createPolicy(requestBody, user)
         .onComplete(
@@ -351,7 +366,7 @@ private void deletePoliciesHandler(RoutingContext routingContext) {
     JsonObject policy = routingContext.body().asJsonObject();
     HttpServerResponse response = routingContext.response();
 
-    User user = routingContextHelper.getUser();
+    User user = RoutingContextHelper.getUser(routingContext);
     policyService
         .deletePolicy(policy, user)
         .onComplete(
@@ -376,7 +391,7 @@ private void deletePoliciesHandler(RoutingContext routingContext) {
   private void getPoliciesHandler(RoutingContext routingContext) {
     HttpServerResponse response = routingContext.response();
 
-    User user = routingContextHelper.getUser();
+    User user = RoutingContextHelper.getUser(routingContext);
     policyService
         .getPolicy(user)
         .onComplete(
@@ -537,7 +552,7 @@ private Future<Void> handleAuditLogs(RoutingContext context) {
     LOGGER.debug("handleAuditLogs started");
     HttpServerRequest request = context.request();
     HttpServerResponse response = context.response();
-    User user = routingContextHelper.getUser();
+    User user = RoutingContextHelper.getUser(context);
     JsonObject requestBody = context.body().asJsonObject();
     String userId = user.getUserId();
     long size = response.bytesWritten();