ReactiveAuthorizationManager replace deprecated #check calls with #authorize
Closes gh-16936 Signed-off-by: Evgeniy Cheban <mister.cheban@gmail.com>
This commit is contained in:
Evgeniy Cheban
committed by
Josh Cummings
Josh Cummings
parent
b0cecb37d2
commit
092bbfc8e7
+15
-4
@@ -1,5 +1,5 @@
|
||||
/*
|
||||
* Copyright 2002-2024 the original author or authors.
|
||||
* Copyright 2002-2025 the original author or authors.
|
||||
*
|
||||
* Licensed under the Apache License, Version 2.0 (the "License");
|
||||
* you may not use this file except in compliance with the License.
|
||||
@@ -62,6 +62,17 @@ public final class ObservationReactiveAuthorizationManager<T>
|
||||
@Deprecated
|
||||
@Override
|
||||
public Mono<AuthorizationDecision> check(Mono<Authentication> authentication, T object) {
|
||||
return authorize(authentication, object).flatMap((result) -> {
|
||||
if (result instanceof AuthorizationDecision decision) {
|
||||
return Mono.just(decision);
|
||||
}
|
||||
return Mono.error(new IllegalArgumentException(
|
||||
"Please call #authorize or ensure that the returned result is of type Mono<AuthorizationDecision>"));
|
||||
});
|
||||
}
|
||||
|
||||
@Override
|
||||
public Mono<AuthorizationResult> authorize(Mono<Authentication> authentication, T object) {
|
||||
AuthorizationObservationContext<T> context = new AuthorizationObservationContext<>(object);
|
||||
Mono<Authentication> wrapped = authentication.map((auth) -> {
|
||||
context.setAuthentication(auth);
|
||||
@@ -71,9 +82,9 @@ public final class ObservationReactiveAuthorizationManager<T>
|
||||
Observation observation = Observation.createNotStarted(this.convention, () -> context, this.registry)
|
||||
.parentObservation(contextView.getOrDefault(ObservationThreadLocalAccessor.KEY, null))
|
||||
.start();
|
||||
return this.delegate.check(wrapped, object).doOnSuccess((decision) -> {
|
||||
context.setAuthorizationResult(decision);
|
||||
if (decision == null || !decision.isGranted()) {
|
||||
return this.delegate.authorize(wrapped, object).doOnSuccess((result) -> {
|
||||
context.setAuthorizationResult(result);
|
||||
if (result == null || !result.isGranted()) {
|
||||
observation.error(new AccessDeniedException("Access Denied"));
|
||||
}
|
||||
observation.stop();
|
||||
|
||||
+3
-3
@@ -1,5 +1,5 @@
|
||||
/*
|
||||
* Copyright 2002-2024 the original author or authors.
|
||||
* Copyright 2002-2025 the original author or authors.
|
||||
*
|
||||
* Licensed under the Apache License, Version 2.0 (the "License");
|
||||
* you may not use this file except in compliance with the License.
|
||||
@@ -50,8 +50,8 @@ public interface ReactiveAuthorizationManager<T> {
|
||||
*/
|
||||
default Mono<Void> verify(Mono<Authentication> authentication, T object) {
|
||||
// @formatter:off
|
||||
return check(authentication, object)
|
||||
.filter(AuthorizationDecision::isGranted)
|
||||
return authorize(authentication, object)
|
||||
.filter(AuthorizationResult::isGranted)
|
||||
.switchIfEmpty(Mono.defer(() -> Mono.error(new AccessDeniedException("Access Denied"))))
|
||||
.flatMap((decision) -> Mono.empty());
|
||||
// @formatter:on
|
||||
|
||||
+4
-1
@@ -1,5 +1,5 @@
|
||||
/*
|
||||
* Copyright 2002-2023 the original author or authors.
|
||||
* Copyright 2002-2025 the original author or authors.
|
||||
*
|
||||
* Licensed under the Apache License, Version 2.0 (the "License");
|
||||
* you may not use this file except in compliance with the License.
|
||||
@@ -70,6 +70,7 @@ public class ObservationReactiveAuthorizationManagerTests {
|
||||
void verifyWhenDefaultsThenObserves() {
|
||||
given(this.handler.supportsContext(any())).willReturn(true);
|
||||
given(this.authorizationManager.check(any(), any())).willReturn(Mono.just(this.grant));
|
||||
given(this.authorizationManager.authorize(any(), any())).willCallRealMethod();
|
||||
this.tested.verify(this.token, this.object).block();
|
||||
ArgumentCaptor<Observation.Context> captor = ArgumentCaptor.forClass(Observation.Context.class);
|
||||
verify(this.handler).onStart(captor.capture());
|
||||
@@ -86,6 +87,7 @@ public class ObservationReactiveAuthorizationManagerTests {
|
||||
void verifyWhenErrorsThenObserves() {
|
||||
given(this.handler.supportsContext(any())).willReturn(true);
|
||||
given(this.authorizationManager.check(any(), any())).willReturn(Mono.just(this.deny));
|
||||
given(this.authorizationManager.authorize(any(), any())).willCallRealMethod();
|
||||
assertThatExceptionOfType(AccessDeniedException.class)
|
||||
.isThrownBy(() -> this.tested.verify(this.token, this.object).block());
|
||||
ArgumentCaptor<Observation.Context> captor = ArgumentCaptor.forClass(Observation.Context.class);
|
||||
@@ -106,6 +108,7 @@ public class ObservationReactiveAuthorizationManagerTests {
|
||||
((Mono<Authentication>) invocation.getArgument(0)).block();
|
||||
return Mono.just(this.grant);
|
||||
});
|
||||
given(this.authorizationManager.authorize(any(), any())).willCallRealMethod();
|
||||
this.tested.verify(this.token, this.object).block();
|
||||
ArgumentCaptor<Observation.Context> captor = ArgumentCaptor.forClass(Observation.Context.class);
|
||||
verify(this.handler).onStart(captor.capture());
|
||||
|
||||
Reference in New Issue
Block a user