LogoLogo
Home
Core Platform
Core Platform
  • Introduction
    • Overview
    • Use Cases
    • Architecture
    • Built with ML & AI
    • Quick Start
  • Examples
    • Training Examples
      • API Flow Examples
      • Microservice Examples
      • UI Example
      • Exercise: Hello World API
      • Exercise: Test State
      • Exercise: Test UI
    • Exercise: To-do List
      • To-do List Runner
      • To-do List Gateway
      • To-do List UI
      • To-do List Query
  • Troubleshooting
    • Rierino Packages
    • Release Notes
    • Useful Checks
    • Error Codes
  • Devops
    • Overview
    • API Flows
      • Using the Saga Screen
      • Defining a Saga
      • Configuring Saga Steps
        • Event Step
        • Transform Step
          • Transform Classes
        • Condition Step
          • Condition Classes
        • Step Link
      • Injecting Variables
    • Microservices
      • Runners
        • Using the Runner Screen
        • Defining a Runner
        • Managing Runner Settings
        • Adding Runner Elements
        • Deploying Runners
          • Spring Runners
          • Samza Runners
          • Camel Runners
      • Elements
        • Systems
        • State Managers
          • Typical Use Cases
          • State Data Structure
          • Local States
            • In-Memory Map
            • Caffeine Cache
            • Samza Based
            • Lucene Based
            • Single File
            • Multiple Files
            • Selected IDs Map
            • Indexed Map
          • Shared States
            • MongoDB Collection
            • Jooq (SQL) Table
            • Redis Map
            • Couchbase Collection
            • Elasticsearch Index
            • Elasticsearch Joined
            • Etcd Namespace
          • Specialized States
            • CRUD Service
            • Odata Service
          • State Coordinators
            • Lazy Cache Coordinator
            • Event Store Coordinator
            • Write thru Coordinator
          • Loading Strategies
          • ID Generators
        • Listeners
        • Query Managers
          • MongoDB
          • Elasticsearch
          • Lucene
          • SQL Based
          • Odata Service
        • Handlers
          • Core Handlers
            • Write Data
            • Read Data
            • Query Data
            • Apply Rules
            • Call Rest API
            • Generate Text/Html
            • Parse Html
            • Generate Secrets
            • Orchestrate User Task
            • Perform File Operation
            • Run Shell Command
            • Send/Receive Emails
          • Custom Code Handlers
            • Run Scripts
            • Run Java Code
            • Run Java Package
          • Flow Handlers
            • Orchestrate Saga
            • Loop Each Entry
            • Run Multiple Steps
            • Buffer Payloads
            • Merge Parallel Steps
            • Log Event
            • Send Event
            • Validate Event
            • Transform Event
            • Perform DB Transaction
            • Trigger Runner Command
            • Do Nothing
            • Modify Role Data
            • Enrich Role Data
            • Convert Pulse to Journal
          • Gateway Handlers
            • Authenticate
              • No Authentication
              • State Based
              • Keycloak Based
            • Sessionize
          • Specialized Handlers
            • Apply Advanced Rules
            • Calculate Real-time Metrics
            • Score ML Models
            • Score LangChain Models
            • Service MCP Requests
            • Service A2A Requests
            • Consume Web of Things
            • Perform Text Embedding
            • Run Python Procedure
            • Generate Excel
            • Generate PDF
            • Call SOAP API
            • Integrate with Camel
        • Actions
        • Streams
          • Kafka Topic
          • CDC Feed
          • Camel Component
        • Roles
        • Generic Settings
        • Global Settings
      • Deployments
        • Defining a Deployment
        • Alternative Loaders
    • Gateway & Security
      • Gateway Servers
        • Gateway Systems
        • Gateway Channels
        • Gateway Services
        • Gateway Tokens
      • APIs
        • OpenAPI Specification
        • Response Formats
    • Administration
      • Managing Deployments
      • Sending Commands
      • Streaming Messages
      • Migrating Assets
    • Batch Tasks
      • Python Processes
      • Python Iterators
      • Python Processors
    • Pro-Code
      • Custom Handlers
      • Custom State Managers
      • Custom Query Managers
      • Custom CDC Managers
  • Design
    • Overview
    • User Interface
      • Apps
      • UIs
        • Listers
        • Widgets
          • Value Widgets
          • Array Widgets
          • Object Widgets
          • Indirect Widgets
          • Atom Widgets
        • Menus
          • Lister Menu Actions
          • Selection Menu Actions
          • Editor Menu Actions
          • Widget Menu Actions
          • Custom Menu Actions
          • RAI Menu Actions
        • Extended Scope
          • Conditional Display
          • Data Context
          • Extra Data
          • Default Item
          • Extra Events
      • Options
      • Translations
      • Icons
      • Styles
      • Components
    • API Mapping
    • Data Schema
      • Common Data
  • Configuration
    • Overview
    • Queries
      • Query Types
      • Query Platforms
        • MongoDB Queries
        • Odata Queries
        • SQL Queries
        • Elasticsearch Queries
        • Lucene Queries
        • Siddhi Queries
    • Business Rules
      • Drools Rules
    • Dynamic Handlers
  • Data Science
    • Overview
    • ML Models
      • Scheduler Platforms
        • Airflow Scheduler
    • GenAI Models
      • AI Agent APIs
      • Useful Checks
    • MCP Servers
    • Complex Event Processing
      • Siddhi Data Flows
    • Data Visualizations
    • Customizations
  • EXTENSIONS
    • JMESPath
    • Handlebars
Powered by GitBook

© Rierino Software Inc. 2025. All rights reserved.

On this page
  • Handler Parameters
  • Actions
  • Register
  • Login
  • Validate
  • Resolve
  • Refresh
  • Logout
  • ResolveKey
  • UserRegister
  • UserList
  • UserGet
  • UserDelete
  • UserLogout
  • UserSetProfile
  • UserSetCredential
  • UserSetAccess
  • UserCreateKey
  1. Devops
  2. Microservices
  3. Elements
  4. Handlers
  5. Gateway Handlers

Authenticate

This handler (com.rierino.handler.auth.AuthEventHandler) provides an abstract structure for user authentication, as part of Gateway functionality.

PreviousGateway HandlersNextNo Authentication

Last updated 11 months ago

AuthEventHandler can not be used directly, instead one of its implementations should configured as the authentication handler. All its implementations share the following configurations and actions:

Handler Parameters

Parameter
Definition
Example
Default

attempt.state

Name of state manager to store login attempt history

auth_attempt

-

registration.enabled

Whether user registration is enabled or not

true

false

initial.disabled

Whether newly created users should be disabled first

true

false

apikey.length

API key length to generate

64

32

apikey.secret

Secret to use for hashing API keys

-

-

Actions

Register

Registers a user with credentials provided and returns the new user's id, if handler allows user registration:

Field
Definition
Example
Default

inputElement

Json path for the input in event payload

auth

-

outputElement

Json path for the output in response event payload

$.user

-

Registration details (with credentials username/password or client_id/client_secret) can be provided in payload input element or the request metadata auth (which is typically used by gateway's token management process).

Example

Input

{
    "auth":{
        "username": "user", 
        "password": "pass"
    }
}

Event Metadata

Login

Logs in a user with credentials (username/password or client_id/client_secret) provided and returns tokens (and optionally, the user details):

Field
Definition
Example
Default

inputElement

Json path for the input in event payload

auth

-

outputElement

Json path for the output in response event payload

$.token

-

parameters.resolve

Whether access token should be resolved to also return user details (such as id and roles)

true

false

parameters.resolvePattern

Jmespath expression for resolving token contents (access, profile) if resolve parameter is true

{"access": access}

{"user": {"id": access.sub, "roles": access.roles} }

Example

Input

{
    "auth":{
        "username": "user", 
        "password": "pass"
    }
}

Event Metadata

Validate

Validates and resolves a user with tokens (access_token & id_token) provided and returns the user details:

Field
Definition
Example
Default

inputElement

Json path for the input in event payload

auth

-

outputElement

Json path for the output in response event payload

$.user

-

parameters.resolvePattern

Jmespath expression for resolving token contents (access, profile) for output

{"access": access}

{"user": {"id": access.sub, "roles": access.roles} }

Tokens can be provided in payload input element or the request metadata auth (which is typically used by gateway's token management process).

Example

Input

{
    "auth":{
        "access_token": "...", 
        "id_token": "..."
    }
}

Event Metadata

Resolve

Provides same functionality and uses same parameters as Validate.

Refresh

Refreshes tokens with a provided refresh token and returns new tokens (and optionally, the user details):

Field
Definition
Example
Default

inputElement

Json path for the input in event payload

auth

-

outputElement

Json path for the output in response event payload

$.user

-

parameters.resolve

Whether access token should be resolved to also return user id and roles

true

false

parameters.resolvePattern

Jmespath expression for resolving token contents (access, profile) if resolve parameter is true

{"access": access}

{"user": {"id": access.sub, "roles": access.roles} }

Logout

Logs out a user with access token provided:

Field
Definition
Example
Default

inputElement

Json path for the input in event payload

auth

-

ResolveKey

Resolves a given API key and returns resolved contents in output:

Field
Definition
Example
Default

inputElement

Json path for the "api_key" input in event payload (or can be passed in auth metadata)

auth

-

output

Json path for the output in response event payload

$.user

-

parameters.resolvePattern

Jmespath pattern for converting {user,key} data in output

{"user": {"id": key.id, "roles": key.roles } }

{"user": {"id": key.id, "roles": intersect(user.access.roles, key.roles) } }

UserRegister

Registers a new user with given profile and credential details (username/password or client_id/client_secret) and returns the created user's id as "user_id".

Field
Definition
Example
Default

inputElement

Json path for the input in event payload

auth

-

UserList

Lists current users with profile and access details, using "search" parameter in input element for keyword search:

Field
Definition
Example
Default

inputElement

Json path for the input in event payload

parameters

-

outputElement

Json path for the output in event payload

$.users

-

outputPattern

Jmespath pattern for list of users

{userList:list}

-

parameters.skip

Number of records to skip

10

-

parameters.limit

Max number of records to return

10

-

UserGet

Returns profile and access details of a user with given id.

Field
Definition
Example
Default

inputElement

Json path for the input in event payload

user

-

outputElement

Json path for the output in event payload

$.result

-

outputPattern

Jmespath pattern for list of users

{user:@}

-

UserDelete

Deletes user with given id from records.

Field
Definition
Example
Default

inputElement

Json path for the input in event payload with id

user

-

idPath

Json path for the id field in input element

username

id

UserLogout

Logs out user with given id.

Field
Definition
Example
Default

inputElement

Json path for the input in event payload with id

user

-

idPath

Json path for the id field in input element

username

id

UserSetProfile

Sets profile details (e.g. name, surname) of a given user id.

Field
Definition
Example
Default

inputElement

Json path for the input in event payload

user

-

inputPattern

Jmespath pattern for converting input into a user record

{id:id, data: {profile: profile}}

-

UserSetCredential

Sets credential details (e.g. password) of a given user id.

Field
Definition
Example
Default

inputElement

Json path for the input in event payload

user

-

inputPattern

Jmespath pattern for converting input into a user record

{id:id, data: {credential: credential}}

-

UserSetAccess

Sets access details (e.g. roles) of a given user id.

Field
Definition
Example
Default

inputElement

Json path for the input in event payload

user

-

inputPattern

Jmespath pattern for converting input into a user record

{id:id, data: {access: access}}

-

UserCreateKey

Creates an API key for given user id with given access details.

Field
Definition
Example
Default

inputElement

Json path for the input in event payload

user

-

inputPattern

Jmespath pattern for converting input into a user record

{id:id, data: {access: access}}

-