[FIXED] When using Quarkus rest data Panache how to access username from request header in @PrePersist

Issue

I am trying to log the user that modified the entity. The reverse proxy is setting the user name in the request header.

How can the request and headers be read from an independent class when rest Panache is used to expose JAX-RS CRUD

below an example of what I tried but I am getting null or null pointer exep

package org.acme.manrest;

import javax.enterprise.context.RequestScoped;
import javax.persistence.PrePersist;
import javax.servlet.http.HttpServletRequest;
import javax.ws.rs.HeaderParam;
import javax.ws.rs.core.Context;
import javax.ws.rs.core.HttpHeaders;

import org.acme.jpa.TBusiness;
import org.jboss.logging.Logger;

@RequestScoped
public class HeaderValue {
  private static final Logger LOG = Logger.getLogger(HeaderValue.class);

  @Context
  HttpServletRequest request;

  public HttpServletRequest getRequest() {
    return request;
  }

  @Context
  HttpHeaders httpHeaders;

  @HeaderParam("x-remote-user")
  String userName;

  public String getUserName() {
    LOG.info("xxx: " + getRequest().getHeader("x-remote-user"));
    LOG.info("userName: " + userName);
    LOG.info("getUserName2: " + getUserName2());
    LOG.info("getUserName3: " + getUserName3());
    return userName;
  }

  public String getUserName2() {
    return httpHeaders.getRequestHeader("x-remote-user").get(0);
  }

  public String getUserName3() {
    LOG.info("getUserName from class " + request.getHeader("x-remote-user"));
    return request.getHeader("x-remote-user");
  }

  @PrePersist
  void onPrePersist(TBusiness myEntity) {
    LOG.info("getUserName: " + userName);

    myEntity.createdBy = userName;
    myEntity.updatedBy = userName;
  }

}

Could switching to JWT and using JWT RBAC in Quarkus be a workaround?

Solution

got this to work by adding undertow dependency :

    <dependency>
      <groupId>io.quarkus</groupId>
      <artifactId>quarkus-undertow</artifactId>
    </dependency>

then in an EntityListener class created below PrePersist method:

@RequestScoped
// @Path("api/v1/Header")
public class AuditingEntityListener {
  private static final Logger LOG = Logger.getLogger(AuditingEntityListener.class);

  // Inject the bean so that Quarkus does not remove it at build time (IMPORTANT)
  @Inject
  HttpServletRequest requestNotUsed;

  @PrePersist
  void onPrePersist(TBusiness myEntity) {
    HttpServletRequest HSR = CDI.current().select(HttpServletRequest.class).get();
    LOG.info("HSR getRequestHeader user: " + HSR.getHeader("x-remote-user"));
  }
}

using JWT RBAC in Quarkus also works:

  @PrePersist
  void onPrePersist(TBusiness myEntity) {
    JsonWebToken context = CDI.current().select(JsonWebToken.class).get();
    LOG.info("context: " + context.getClaim("preferred_username"));
  }

Answered By - Elia Harmouche
Answer Checked By - David Marino (JavaFixing Volunteer)