Cwikius-Spring/spring-security
1
0
Fork 0
mirror of synced 2026-05-22 21:33:16 +00:00
Code Issues Packages Projects Releases Wiki Activity

Always use 'this.' when accessing fields

Browse Source 
Apply an Eclipse cleanup rules to ensure that fields are always accessed
using `this.`. This aligns with the style used by Spring Framework and
helps users quickly see the difference between a local and member
variable.

Issue gh-8945
This commit is contained in:
Phillip Webb
2020-07-26 11:51:05 -07:00
committed by Rob Winch
parent 6894ff5d12
commit 8866fa6fb0
793 changed files with 8689 additions and 8459 deletions
Download Patch File Download Diff File Expand all files Collapse all files
core/src/main/java/org/springframework/security/access/annotation/Jsr250MethodSecurityMetadataSource.java
+3 -3
View File
@@ -100,13 +100,13 @@ public class Jsr250MethodSecurityMetadataSource extends AbstractFallbackMethodSe
if (role == null) {
return role;
}
if (defaultRolePrefix == null || defaultRolePrefix.length() == 0) {
if (this.defaultRolePrefix == null || this.defaultRolePrefix.length() == 0) {
return role;
}
if (role.startsWith(defaultRolePrefix)) {
if (role.startsWith(this.defaultRolePrefix)) {
return role;
}
return defaultRolePrefix + role;
return this.defaultRolePrefix + role;
}
}
core/src/main/java/org/springframework/security/access/annotation/SecuredAnnotationSecurityMetadataSource.java
+7 -7
View File
@@ -52,19 +52,19 @@ public class SecuredAnnotationSecurityMetadataSource extends AbstractFallbackMet
public SecuredAnnotationSecurityMetadataSource(AnnotationMetadataExtractor annotationMetadataExtractor) {
Assert.notNull(annotationMetadataExtractor, "annotationMetadataExtractor cannot be null");
annotationExtractor = annotationMetadataExtractor;
annotationType = (Class<? extends Annotation>) GenericTypeResolver
.resolveTypeArgument(annotationExtractor.getClass(), AnnotationMetadataExtractor.class);
Assert.notNull(annotationType, () -> annotationExtractor.getClass().getName()
this.annotationExtractor = annotationMetadataExtractor;
this.annotationType = (Class<? extends Annotation>) GenericTypeResolver
.resolveTypeArgument(this.annotationExtractor.getClass(), AnnotationMetadataExtractor.class);
Assert.notNull(this.annotationType, () -> this.annotationExtractor.getClass().getName()
+ " must supply a generic parameter for AnnotationMetadataExtractor");
}
protected Collection<ConfigAttribute> findAttributes(Class<?> clazz) {
return processAnnotation(AnnotationUtils.findAnnotation(clazz, annotationType));
return processAnnotation(AnnotationUtils.findAnnotation(clazz, this.annotationType));
}
protected Collection<ConfigAttribute> findAttributes(Method method, Class<?> targetClass) {
return processAnnotation(AnnotationUtils.findAnnotation(method, annotationType));
return processAnnotation(AnnotationUtils.findAnnotation(method, this.annotationType));
}
public Collection<ConfigAttribute> getAllConfigAttributes() {
@@ -76,7 +76,7 @@ public class SecuredAnnotationSecurityMetadataSource extends AbstractFallbackMet
return null;
}
return annotationExtractor.extractAttributes(a);
return this.annotationExtractor.extractAttributes(a);
}
}
core/src/main/java/org/springframework/security/access/event/AuthenticationCredentialsNotFoundEvent.java
+2 -2
View File
@@ -54,11 +54,11 @@ public class AuthenticationCredentialsNotFoundEvent extends AbstractAuthorizatio
}
public Collection<ConfigAttribute> getConfigAttributes() {
return configAttribs;
return this.configAttribs;
}
public AuthenticationCredentialsNotFoundException getCredentialsNotFoundException() {
return credentialsNotFoundException;
return this.credentialsNotFoundException;
}
}
core/src/main/java/org/springframework/security/access/event/AuthorizationFailureEvent.java
+3 -3
View File
@@ -65,15 +65,15 @@ public class AuthorizationFailureEvent extends AbstractAuthorizationEvent {
}
public AccessDeniedException getAccessDeniedException() {
return accessDeniedException;
return this.accessDeniedException;
}
public Authentication getAuthentication() {
return authentication;
return this.authentication;
}
public Collection<ConfigAttribute> getConfigAttributes() {
return configAttributes;
return this.configAttributes;
}
}
core/src/main/java/org/springframework/security/access/event/AuthorizedEvent.java
+2 -2
View File
@@ -54,11 +54,11 @@ public class AuthorizedEvent extends AbstractAuthorizationEvent {
}
public Authentication getAuthentication() {
return authentication;
return this.authentication;
}
public Collection<ConfigAttribute> getConfigAttributes() {
return configAttributes;
return this.configAttributes;
}
}
core/src/main/java/org/springframework/security/access/expression/AbstractSecurityExpressionHandler.java
+5 -5
View File
@@ -48,7 +48,7 @@ public abstract class AbstractSecurityExpressionHandler<T>
private PermissionEvaluator permissionEvaluator = new DenyAllPermissionEvaluator();
public final ExpressionParser getExpressionParser() {
return expressionParser;
return this.expressionParser;
}
public final void setExpressionParser(ExpressionParser expressionParser) {
@@ -67,7 +67,7 @@ public abstract class AbstractSecurityExpressionHandler<T>
public final EvaluationContext createEvaluationContext(Authentication authentication, T invocation) {
SecurityExpressionOperations root = createSecurityExpressionRoot(authentication, invocation);
StandardEvaluationContext ctx = createEvaluationContextInternal(authentication, invocation);
ctx.setBeanResolver(br);
ctx.setBeanResolver(this.br);
ctx.setRootObject(root);
return ctx;
@@ -99,7 +99,7 @@ public abstract class AbstractSecurityExpressionHandler<T>
T invocation);
protected RoleHierarchy getRoleHierarchy() {
return roleHierarchy;
return this.roleHierarchy;
}
public void setRoleHierarchy(RoleHierarchy roleHierarchy) {
@@ -107,7 +107,7 @@ public abstract class AbstractSecurityExpressionHandler<T>
}
protected PermissionEvaluator getPermissionEvaluator() {
return permissionEvaluator;
return this.permissionEvaluator;
}
public void setPermissionEvaluator(PermissionEvaluator permissionEvaluator) {
@@ -115,7 +115,7 @@ public abstract class AbstractSecurityExpressionHandler<T>
}
public void setApplicationContext(ApplicationContext applicationContext) {
br = new BeanFactoryResolver(applicationContext);
this.br = new BeanFactoryResolver(applicationContext);
}
}
core/src/main/java/org/springframework/security/access/expression/DenyAllPermissionEvaluator.java
+3 -3
View File
@@ -38,7 +38,7 @@ public class DenyAllPermissionEvaluator implements PermissionEvaluator {
* @return false always
*/
public boolean hasPermission(Authentication authentication, Object target, Object permission) {
logger.warn(
this.logger.warn(
"Denying user " + authentication.getName() + " permission '" + permission + "' on object " + target);
return false;
}
@@ -48,8 +48,8 @@ public class DenyAllPermissionEvaluator implements PermissionEvaluator {
*/
public boolean hasPermission(Authentication authentication, Serializable targetId, String targetType,
Object permission) {
logger.warn("Denying user " + authentication.getName() + " permission '" + permission + "' on object with Id '"
+ targetId);
this.logger.warn("Denying user " + authentication.getName() + " permission '" + permission
+ "' on object with Id '" + targetId);
return false;
}
core/src/main/java/org/springframework/security/access/expression/SecurityExpressionRoot.java
+16 -14
View File
@@ -86,7 +86,7 @@ public abstract class SecurityExpressionRoot implements SecurityExpressionOperat
}
public final boolean hasAnyRole(String... roles) {
return hasAnyAuthorityName(defaultRolePrefix, roles);
return hasAnyAuthorityName(this.defaultRolePrefix, roles);
}
private boolean hasAnyAuthorityName(String prefix, String... roles) {
@@ -103,7 +103,7 @@ public abstract class SecurityExpressionRoot implements SecurityExpressionOperat
}
public final Authentication getAuthentication() {
return authentication;
return this.authentication;
}
public final boolean permitAll() {
@@ -115,7 +115,7 @@ public abstract class SecurityExpressionRoot implements SecurityExpressionOperat
}
public final boolean isAnonymous() {
return trustResolver.isAnonymous(authentication);
return this.trustResolver.isAnonymous(this.authentication);
}
public final boolean isAuthenticated() {
@@ -123,11 +123,12 @@ public abstract class SecurityExpressionRoot implements SecurityExpressionOperat
}
public final boolean isRememberMe() {
return trustResolver.isRememberMe(authentication);
return this.trustResolver.isRememberMe(this.authentication);
}
public final boolean isFullyAuthenticated() {
return !trustResolver.isAnonymous(authentication) && !trustResolver.isRememberMe(authentication);
return !this.trustResolver.isAnonymous(this.authentication)
&& !this.trustResolver.isRememberMe(this.authentication);
}
/**
@@ -136,7 +137,7 @@ public abstract class SecurityExpressionRoot implements SecurityExpressionOperat
* @return
*/
public Object getPrincipal() {
return authentication.getPrincipal();
return this.authentication.getPrincipal();
}
public void setTrustResolver(AuthenticationTrustResolver trustResolver) {
@@ -165,25 +166,26 @@ public abstract class SecurityExpressionRoot implements SecurityExpressionOperat
}
private Set<String> getAuthoritySet() {
if (roles == null) {
Collection<? extends GrantedAuthority> userAuthorities = authentication.getAuthorities();
if (this.roles == null) {
Collection<? extends GrantedAuthority> userAuthorities = this.authentication.getAuthorities();
if (roleHierarchy != null) {
userAuthorities = roleHierarchy.getReachableGrantedAuthorities(userAuthorities);
if (this.roleHierarchy != null) {
userAuthorities = this.roleHierarchy.getReachableGrantedAuthorities(userAuthorities);
}
roles = AuthorityUtils.authorityListToSet(userAuthorities);
this.roles = AuthorityUtils.authorityListToSet(userAuthorities);
}
return roles;
return this.roles;
}
public boolean hasPermission(Object target, Object permission) {
return permissionEvaluator.hasPermission(authentication, target, permission);
return this.permissionEvaluator.hasPermission(this.authentication, target, permission);
}
public boolean hasPermission(Object targetId, String targetType, Object permission) {
return permissionEvaluator.hasPermission(authentication, (Serializable) targetId, targetType, permission);
return this.permissionEvaluator.hasPermission(this.authentication, (Serializable) targetId, targetType,
permission);
}
public void setPermissionEvaluator(PermissionEvaluator permissionEvaluator) {
core/src/main/java/org/springframework/security/access/expression/method/AbstractExpressionBasedMethodConfigAttribute.java
+2 -2
View File
@@ -59,11 +59,11 @@ abstract class AbstractExpressionBasedMethodConfigAttribute implements ConfigAtt
}
Expression getFilterExpression() {
return filterExpression;
return this.filterExpression;
}
Expression getAuthorizeExpression() {
return authorizeExpression;
return this.authorizeExpression;
}
public String getAttribute() {
core/src/main/java/org/springframework/security/access/expression/method/DefaultMethodSecurityExpressionHandler.java
+15 -15
View File
@@ -101,11 +101,11 @@ public class DefaultMethodSecurityExpressionHandler extends AbstractSecurityExpr
public Object filter(Object filterTarget, Expression filterExpression, EvaluationContext ctx) {
MethodSecurityExpressionOperations rootObject = (MethodSecurityExpressionOperations) ctx.getRootObject()
.getValue();
final boolean debug = logger.isDebugEnabled();
final boolean debug = this.logger.isDebugEnabled();
List retainList;
if (debug) {
logger.debug("Filtering with expression: " + filterExpression.getExpressionString());
this.logger.debug("Filtering with expression: " + filterExpression.getExpressionString());
}
if (filterTarget instanceof Collection) {
@@ -113,11 +113,11 @@ public class DefaultMethodSecurityExpressionHandler extends AbstractSecurityExpr
retainList = new ArrayList(collection.size());
if (debug) {
logger.debug("Filtering collection with " + collection.size() + " elements");
this.logger.debug("Filtering collection with " + collection.size() + " elements");
}
if (permissionCacheOptimizer != null) {
permissionCacheOptimizer.cachePermissionsFor(rootObject.getAuthentication(), collection);
if (this.permissionCacheOptimizer != null) {
this.permissionCacheOptimizer.cachePermissionsFor(rootObject.getAuthentication(), collection);
}
for (Object filterObject : (Collection) filterTarget) {
@@ -129,7 +129,7 @@ public class DefaultMethodSecurityExpressionHandler extends AbstractSecurityExpr
}
if (debug) {
logger.debug("Retaining elements: " + retainList);
this.logger.debug("Retaining elements: " + retainList);
}
collection.clear();
@@ -143,11 +143,11 @@ public class DefaultMethodSecurityExpressionHandler extends AbstractSecurityExpr
retainList = new ArrayList(array.length);
if (debug) {
logger.debug("Filtering array with " + array.length + " elements");
this.logger.debug("Filtering array with " + array.length + " elements");
}
if (permissionCacheOptimizer != null) {
permissionCacheOptimizer.cachePermissionsFor(rootObject.getAuthentication(), Arrays.asList(array));
if (this.permissionCacheOptimizer != null) {
this.permissionCacheOptimizer.cachePermissionsFor(rootObject.getAuthentication(), Arrays.asList(array));
}
for (Object o : array) {
@@ -159,7 +159,7 @@ public class DefaultMethodSecurityExpressionHandler extends AbstractSecurityExpr
}
if (debug) {
logger.debug("Retaining elements: " + retainList);
this.logger.debug("Retaining elements: " + retainList);
}
Object[] filtered = (Object[]) Array.newInstance(filterTarget.getClass().getComponentType(),
@@ -176,7 +176,7 @@ public class DefaultMethodSecurityExpressionHandler extends AbstractSecurityExpr
final Map retainMap = new LinkedHashMap(map.size());
if (debug) {
logger.debug("Filtering map with " + map.size() + " elements");
this.logger.debug("Filtering map with " + map.size() + " elements");
}
for (Map.Entry<?, ?> filterObject : map.entrySet()) {
@@ -188,7 +188,7 @@ public class DefaultMethodSecurityExpressionHandler extends AbstractSecurityExpr
}
if (debug) {
logger.debug("Retaining elements: " + retainMap);
this.logger.debug("Retaining elements: " + retainMap);
}
map.clear();
@@ -225,7 +225,7 @@ public class DefaultMethodSecurityExpressionHandler extends AbstractSecurityExpr
* @return The current {@link AuthenticationTrustResolver}
*/
protected AuthenticationTrustResolver getTrustResolver() {
return trustResolver;
return this.trustResolver;
}
/**
@@ -241,7 +241,7 @@ public class DefaultMethodSecurityExpressionHandler extends AbstractSecurityExpr
* @return The current {@link ParameterNameDiscoverer}
*/
protected ParameterNameDiscoverer getParameterNameDiscoverer() {
return parameterNameDiscoverer;
return this.parameterNameDiscoverer;
}
public void setPermissionCacheOptimizer(PermissionCacheOptimizer permissionCacheOptimizer) {
@@ -275,7 +275,7 @@ public class DefaultMethodSecurityExpressionHandler extends AbstractSecurityExpr
* @return The default role prefix
*/
protected String getDefaultRolePrefix() {
return defaultRolePrefix;
return this.defaultRolePrefix;
}
}
core/src/main/java/org/springframework/security/access/expression/method/ExpressionBasedAnnotationAttributeFactory.java
+2 -2
View File
@@ -86,8 +86,8 @@ public class ExpressionBasedAnnotationAttributeFactory implements PrePostInvocat
if (this.parser != null) {
return this.parser;
}
synchronized (parserLock) {
this.parser = handler.getExpressionParser();
synchronized (this.parserLock) {
this.parser = this.handler.getExpressionParser();
this.handler = null;
}
return this.parser;
core/src/main/java/org/springframework/security/access/expression/method/ExpressionBasedPostInvocationAdvice.java
+9 -9
View File
@@ -44,30 +44,30 @@ public class ExpressionBasedPostInvocationAdvice implements PostInvocationAuthor
public Object after(Authentication authentication, MethodInvocation mi, PostInvocationAttribute postAttr,
Object returnedObject) throws AccessDeniedException {
PostInvocationExpressionAttribute pia = (PostInvocationExpressionAttribute) postAttr;
EvaluationContext ctx = expressionHandler.createEvaluationContext(authentication, mi);
EvaluationContext ctx = this.expressionHandler.createEvaluationContext(authentication, mi);
Expression postFilter = pia.getFilterExpression();
Expression postAuthorize = pia.getAuthorizeExpression();
if (postFilter != null) {
if (logger.isDebugEnabled()) {
logger.debug("Applying PostFilter expression " + postFilter);
if (this.logger.isDebugEnabled()) {
this.logger.debug("Applying PostFilter expression " + postFilter);
}
if (returnedObject != null) {
returnedObject = expressionHandler.filter(returnedObject, postFilter, ctx);
returnedObject = this.expressionHandler.filter(returnedObject, postFilter, ctx);
}
else {
if (logger.isDebugEnabled()) {
logger.debug("Return object is null, filtering will be skipped");
if (this.logger.isDebugEnabled()) {
this.logger.debug("Return object is null, filtering will be skipped");
}
}
}
expressionHandler.setReturnObject(returnedObject, ctx);
this.expressionHandler.setReturnObject(returnedObject, ctx);
if (postAuthorize != null && !ExpressionUtils.evaluateAsBoolean(postAuthorize, ctx)) {
if (logger.isDebugEnabled()) {
logger.debug("PostAuthorize expression rejected access");
if (this.logger.isDebugEnabled()) {
this.logger.debug("PostAuthorize expression rejected access");
}
throw new AccessDeniedException("Access is denied");
}
core/src/main/java/org/springframework/security/access/expression/method/ExpressionBasedPreInvocationAdvice.java
+2 -2
View File
@@ -41,14 +41,14 @@ public class ExpressionBasedPreInvocationAdvice implements PreInvocationAuthoriz
public boolean before(Authentication authentication, MethodInvocation mi, PreInvocationAttribute attr) {
PreInvocationExpressionAttribute preAttr = (PreInvocationExpressionAttribute) attr;
EvaluationContext ctx = expressionHandler.createEvaluationContext(authentication, mi);
EvaluationContext ctx = this.expressionHandler.createEvaluationContext(authentication, mi);
Expression preFilter = preAttr.getFilterExpression();
Expression preAuthorize = preAttr.getAuthorizeExpression();
if (preFilter != null) {
Object filterTarget = findFilterTarget(preAttr.getFilterTarget(), ctx, mi);
expressionHandler.filter(filterTarget, preFilter, ctx);
this.expressionHandler.filter(filterTarget, preFilter, ctx);
}
if (preAuthorize == null) {
core/src/main/java/org/springframework/security/access/expression/method/MethodSecurityExpressionRoot.java
+3 -3
View File
@@ -41,7 +41,7 @@ class MethodSecurityExpressionRoot extends SecurityExpressionRoot implements Met
}
public Object getFilterObject() {
return filterObject;
return this.filterObject;
}
public void setReturnObject(Object returnObject) {
@@ -49,7 +49,7 @@ class MethodSecurityExpressionRoot extends SecurityExpressionRoot implements Met
}
public Object getReturnObject() {
return returnObject;
return this.returnObject;
}
/**
@@ -63,7 +63,7 @@ class MethodSecurityExpressionRoot extends SecurityExpressionRoot implements Met
}
public Object getThis() {
return target;
return this.target;
}
}
core/src/main/java/org/springframework/security/access/expression/method/PreInvocationExpressionAttribute.java
+2 -2
View File
@@ -48,7 +48,7 @@ class PreInvocationExpressionAttribute extends AbstractExpressionBasedMethodConf
* @return the method parameter name
*/
String getFilterTarget() {
return filterTarget;
return this.filterTarget;
}
@Override
@@ -58,7 +58,7 @@ class PreInvocationExpressionAttribute extends AbstractExpressionBasedMethodConf
Expression filter = getFilterExpression();
sb.append("[authorize: '").append(authorize == null ? "null" : authorize.getExpressionString());
sb.append("', filter: '").append(filter == null ? "null" : filter.getExpressionString());
sb.append("', filterTarget: '").append(filterTarget).append("']");
sb.append("', filterTarget: '").append(this.filterTarget).append("']");
return sb.toString();
}
core/src/main/java/org/springframework/security/access/hierarchicalroles/RoleHierarchyAuthoritiesMapper.java
+1 -1
View File
@@ -32,7 +32,7 @@ public class RoleHierarchyAuthoritiesMapper implements GrantedAuthoritiesMapper
}
public Collection<? extends GrantedAuthority> mapAuthorities(Collection<? extends GrantedAuthority> authorities) {
return roleHierarchy.getReachableGrantedAuthorities(authorities);
return this.roleHierarchy.getReachableGrantedAuthorities(authorities);
}
}
core/src/main/java/org/springframework/security/access/intercept/AbstractSecurityInterceptor.java
+30 -28
View File
@@ -150,8 +150,9 @@ public abstract class AbstractSecurityInterceptor
Collection<ConfigAttribute> attributeDefs = this.obtainSecurityMetadataSource().getAllConfigAttributes();
if (attributeDefs == null) {
logger.warn("Could not validate configuration attributes as the SecurityMetadataSource did not return "
+ "any attributes from getAllConfigAttributes()");
this.logger.warn(
"Could not validate configuration attributes as the SecurityMetadataSource did not return "
+ "any attributes from getAllConfigAttributes()");
return;
}
@@ -168,13 +169,13 @@ public abstract class AbstractSecurityInterceptor
throw new IllegalArgumentException("Unsupported configuration attributes: " + unsupportedAttrs);
}
logger.debug("Validated configuration attributes");
this.logger.debug("Validated configuration attributes");
}
}
protected InterceptorStatusToken beforeInvocation(Object object) {
Assert.notNull(object, "Object was null");
final boolean debug = logger.isDebugEnabled();
final boolean debug = this.logger.isDebugEnabled();
if (!getSecureObjectClass().isAssignableFrom(object.getClass())) {
throw new IllegalArgumentException("Security invocation attempted for object " + object.getClass().getName()
@@ -185,7 +186,7 @@ public abstract class AbstractSecurityInterceptor
Collection<ConfigAttribute> attributes = this.obtainSecurityMetadataSource().getAttributes(object);
if (attributes == null || attributes.isEmpty()) {
if (rejectPublicInvocations) {
if (this.rejectPublicInvocations) {
throw new IllegalArgumentException("Secure object invocation " + object
+ " was denied as public invocations are not allowed via this interceptor. "
+ "This indicates a configuration error because the "
@@ -193,7 +194,7 @@ public abstract class AbstractSecurityInterceptor
}
if (debug) {
logger.debug("Public object - authentication not attempted");
this.logger.debug("Public object - authentication not attempted");
}
publishEvent(new PublicInvocationEvent(object));
@@ -202,11 +203,11 @@ public abstract class AbstractSecurityInterceptor
}
if (debug) {
logger.debug("Secure object: " + object + "; Attributes: " + attributes);
this.logger.debug("Secure object: " + object + "; Attributes: " + attributes);
}
if (SecurityContextHolder.getContext().getAuthentication() == null) {
credentialsNotFound(messages.getMessage("AbstractSecurityInterceptor.authenticationNotFound",
credentialsNotFound(this.messages.getMessage("AbstractSecurityInterceptor.authenticationNotFound",
"An Authentication object was not found in the SecurityContext"), object, attributes);
}
@@ -223,10 +224,10 @@ public abstract class AbstractSecurityInterceptor
}
if (debug) {
logger.debug("Authorization successful");
this.logger.debug("Authorization successful");
}
if (publishAuthorizationSuccess) {
if (this.publishAuthorizationSuccess) {
publishEvent(new AuthorizedEvent(object, attributes, authenticated));
}
@@ -235,7 +236,7 @@ public abstract class AbstractSecurityInterceptor
if (runAs == null) {
if (debug) {
logger.debug("RunAsManager did not change Authentication object");
this.logger.debug("RunAsManager did not change Authentication object");
}
// no further work post-invocation
@@ -243,7 +244,7 @@ public abstract class AbstractSecurityInterceptor
}
else {
if (debug) {
logger.debug("Switching to RunAs Authentication: " + runAs);
this.logger.debug("Switching to RunAs Authentication: " + runAs);
}
SecurityContext origCtx = SecurityContextHolder.getContext();
@@ -264,8 +265,9 @@ public abstract class AbstractSecurityInterceptor
*/
protected void finallyInvocation(InterceptorStatusToken token) {
if (token != null && token.isContextHolderRefreshRequired()) {
if (logger.isDebugEnabled()) {
logger.debug("Reverting to original Authentication: " + token.getSecurityContext().getAuthentication());
if (this.logger.isDebugEnabled()) {
this.logger.debug(
"Reverting to original Authentication: " + token.getSecurityContext().getAuthentication());
}
SecurityContextHolder.setContext(token.getSecurityContext());
@@ -289,10 +291,10 @@ public abstract class AbstractSecurityInterceptor
finallyInvocation(token); // continue to clean in this method for passivity
if (afterInvocationManager != null) {
if (this.afterInvocationManager != null) {
// Attempt after invocation handling
try {
returnedObject = afterInvocationManager.decide(token.getSecurityContext().getAuthentication(),
returnedObject = this.afterInvocationManager.decide(token.getSecurityContext().getAuthentication(),
token.getSecureObject(), token.getAttributes(), returnedObject);
}
catch (AccessDeniedException accessDeniedException) {
@@ -316,20 +318,20 @@ public abstract class AbstractSecurityInterceptor
private Authentication authenticateIfRequired() {
Authentication authentication = SecurityContextHolder.getContext().getAuthentication();
if (authentication.isAuthenticated() && !alwaysReauthenticate) {
if (logger.isDebugEnabled()) {
logger.debug("Previously Authenticated: " + authentication);
if (authentication.isAuthenticated() && !this.alwaysReauthenticate) {
if (this.logger.isDebugEnabled()) {
this.logger.debug("Previously Authenticated: " + authentication);
}
return authentication;
}
authentication = authenticationManager.authenticate(authentication);
authentication = this.authenticationManager.authenticate(authentication);
// We don't authenticated.setAuthentication(true), because each provider should do
// that
if (logger.isDebugEnabled()) {
logger.debug("Successfully Authenticated: " + authentication);
if (this.logger.isDebugEnabled()) {
this.logger.debug("Successfully Authenticated: " + authentication);
}
SecurityContextHolder.getContext().setAuthentication(authentication);
@@ -357,11 +359,11 @@ public abstract class AbstractSecurityInterceptor
}
public AccessDecisionManager getAccessDecisionManager() {
return accessDecisionManager;
return this.accessDecisionManager;
}
public AfterInvocationManager getAfterInvocationManager() {
return afterInvocationManager;
return this.afterInvocationManager;
}
public AuthenticationManager getAuthenticationManager() {
@@ -369,7 +371,7 @@ public abstract class AbstractSecurityInterceptor
}
public RunAsManager getRunAsManager() {
return runAsManager;
return this.runAsManager;
}
/**
@@ -381,15 +383,15 @@ public abstract class AbstractSecurityInterceptor
public abstract Class<?> getSecureObjectClass();
public boolean isAlwaysReauthenticate() {
return alwaysReauthenticate;
return this.alwaysReauthenticate;
}
public boolean isRejectPublicInvocations() {
return rejectPublicInvocations;
return this.rejectPublicInvocations;
}
public boolean isValidateConfigAttributes() {
return validateConfigAttributes;
return this.validateConfigAttributes;
}
public abstract SecurityMetadataSource obtainSecurityMetadataSource();
core/src/main/java/org/springframework/security/access/intercept/AfterInvocationProviderManager.java
+5 -5
View File
@@ -67,7 +67,7 @@ public class AfterInvocationProviderManager implements AfterInvocationManager, I
Object result = returnedObject;
for (AfterInvocationProvider provider : providers) {
for (AfterInvocationProvider provider : this.providers) {
result = provider.decide(authentication, object, config, result);
}
@@ -80,17 +80,17 @@ public class AfterInvocationProviderManager implements AfterInvocationManager, I
public void setProviders(List<?> newList) {
checkIfValidList(newList);
providers = new ArrayList<>(newList.size());
this.providers = new ArrayList<>(newList.size());
for (Object currentObject : newList) {
Assert.isInstanceOf(AfterInvocationProvider.class, currentObject, () -> "AfterInvocationProvider "
+ currentObject.getClass().getName() + " must implement AfterInvocationProvider");
providers.add((AfterInvocationProvider) currentObject);
this.providers.add((AfterInvocationProvider) currentObject);
}
}
public boolean supports(ConfigAttribute attribute) {
for (AfterInvocationProvider provider : providers) {
for (AfterInvocationProvider provider : this.providers) {
if (logger.isDebugEnabled()) {
logger.debug("Evaluating " + attribute + " against " + provider);
}
@@ -115,7 +115,7 @@ public class AfterInvocationProviderManager implements AfterInvocationManager, I
* to support the secure object class
*/
public boolean supports(Class<?> clazz) {
for (AfterInvocationProvider provider : providers) {
for (AfterInvocationProvider provider : this.providers) {
if (!provider.supports(clazz)) {
return false;
}
core/src/main/java/org/springframework/security/access/intercept/InterceptorStatusToken.java
+4 -4
View File
@@ -49,19 +49,19 @@ public class InterceptorStatusToken {
}
public Collection<ConfigAttribute> getAttributes() {
return attr;
return this.attr;
}
public SecurityContext getSecurityContext() {
return securityContext;
return this.securityContext;
}
public Object getSecureObject() {
return secureObject;
return this.secureObject;
}
public boolean isContextHolderRefreshRequired() {
return contextHolderRefreshRequired;
return this.contextHolderRefreshRequired;
}
}
core/src/main/java/org/springframework/security/access/intercept/MethodInvocationPrivilegeEvaluator.java
+4 -4
View File
@@ -50,17 +50,17 @@ public class MethodInvocationPrivilegeEvaluator implements InitializingBean {
private AbstractSecurityInterceptor securityInterceptor;
public void afterPropertiesSet() {
Assert.notNull(securityInterceptor, "SecurityInterceptor required");
Assert.notNull(this.securityInterceptor, "SecurityInterceptor required");
}
public boolean isAllowed(MethodInvocation mi, Authentication authentication) {
Assert.notNull(mi, "MethodInvocation required");
Assert.notNull(mi.getMethod(), "MethodInvocation must provide a non-null getMethod()");
Collection<ConfigAttribute> attrs = securityInterceptor.obtainSecurityMetadataSource().getAttributes(mi);
Collection<ConfigAttribute> attrs = this.securityInterceptor.obtainSecurityMetadataSource().getAttributes(mi);
if (attrs == null) {
if (securityInterceptor.isRejectPublicInvocations()) {
if (this.securityInterceptor.isRejectPublicInvocations()) {
return false;
}
@@ -72,7 +72,7 @@ public class MethodInvocationPrivilegeEvaluator implements InitializingBean {
}
try {
securityInterceptor.getAccessDecisionManager().decide(authentication, mi, attrs);
this.securityInterceptor.getAccessDecisionManager().decide(authentication, mi, attrs);
}
catch (AccessDeniedException unauthorized) {
if (logger.isDebugEnabled()) {
core/src/main/java/org/springframework/security/access/intercept/RunAsImplAuthenticationProvider.java
+4 -4
View File
@@ -47,23 +47,23 @@ public class RunAsImplAuthenticationProvider implements InitializingBean, Authen
private String key;
public void afterPropertiesSet() {
Assert.notNull(key, "A Key is required and should match that configured for the RunAsManagerImpl");
Assert.notNull(this.key, "A Key is required and should match that configured for the RunAsManagerImpl");
}
public Authentication authenticate(Authentication authentication) throws AuthenticationException {
RunAsUserToken token = (RunAsUserToken) authentication;
if (token.getKeyHash() == key.hashCode()) {
if (token.getKeyHash() == this.key.hashCode()) {
return authentication;
}
else {
throw new BadCredentialsException(messages.getMessage("RunAsImplAuthenticationProvider.incorrectKey",
throw new BadCredentialsException(this.messages.getMessage("RunAsImplAuthenticationProvider.incorrectKey",
"The presented RunAsUserToken does not contain the expected key"));
}
}
public String getKey() {
return key;
return this.key;
}
public void setKey(String key) {
core/src/main/java/org/springframework/security/access/intercept/RunAsManagerImpl.java
+3 -3
View File
@@ -60,7 +60,7 @@ public class RunAsManagerImpl implements RunAsManager, InitializingBean {
private String rolePrefix = "ROLE_";
public void afterPropertiesSet() {
Assert.notNull(key,
Assert.notNull(this.key,
"A Key is required and should match that configured for the RunAsImplAuthenticationProvider");
}
@@ -88,11 +88,11 @@ public class RunAsManagerImpl implements RunAsManager, InitializingBean {
}
public String getKey() {
return key;
return this.key;
}
public String getRolePrefix() {
return rolePrefix;
return this.rolePrefix;
}
public void setKey(String key) {
core/src/main/java/org/springframework/security/access/intercept/aopalliance/MethodSecurityMetadataSourceAdvisor.java
+11 -9
View File
@@ -92,17 +92,17 @@ public class MethodSecurityMetadataSourceAdvisor extends AbstractPointcutAdvisor
}
public Pointcut getPointcut() {
return pointcut;
return this.pointcut;
}
public Advice getAdvice() {
synchronized (this.adviceMonitor) {
if (interceptor == null) {
Assert.notNull(adviceBeanName, "'adviceBeanName' must be set for use with bean factory lookup.");
Assert.state(beanFactory != null, "BeanFactory must be set to resolve 'adviceBeanName'");
interceptor = beanFactory.getBean(this.adviceBeanName, MethodInterceptor.class);
if (this.interceptor == null) {
Assert.notNull(this.adviceBeanName, "'adviceBeanName' must be set for use with bean factory lookup.");
Assert.state(this.beanFactory != null, "BeanFactory must be set to resolve 'adviceBeanName'");
this.interceptor = this.beanFactory.getBean(this.adviceBeanName, MethodInterceptor.class);
}
return interceptor;
return this.interceptor;
}
}
@@ -112,15 +112,17 @@ public class MethodSecurityMetadataSourceAdvisor extends AbstractPointcutAdvisor
private void readObject(ObjectInputStream ois) throws IOException, ClassNotFoundException {
ois.defaultReadObject();
adviceMonitor = new Object();
attributeSource = beanFactory.getBean(metadataSourceBeanName, MethodSecurityMetadataSource.class);
this.adviceMonitor = new Object();
this.attributeSource = this.beanFactory.getBean(this.metadataSourceBeanName,
MethodSecurityMetadataSource.class);
}
class MethodSecurityMetadataSourcePointcut extends StaticMethodMatcherPointcut implements Serializable {
@SuppressWarnings("unchecked")
public boolean matches(Method m, Class targetClass) {
Collection attributes = attributeSource.getAttributes(m, targetClass);
Collection attributes = MethodSecurityMetadataSourceAdvisor.this.attributeSource.getAttributes(m,
targetClass);
return attributes != null && !attributes.isEmpty();
}
core/src/main/java/org/springframework/security/access/intercept/aspectj/MethodInvocationAdapter.java
+9 -9
View File
@@ -41,19 +41,19 @@ public final class MethodInvocationAdapter implements MethodInvocation {
MethodInvocationAdapter(JoinPoint jp) {
this.jp = (ProceedingJoinPoint) jp;
if (jp.getTarget() != null) {
target = jp.getTarget();
this.target = jp.getTarget();
}
else {
// SEC-1295: target may be null if an ITD is in use
target = jp.getSignature().getDeclaringType();
this.target = jp.getSignature().getDeclaringType();
}
String targetMethodName = jp.getStaticPart().getSignature().getName();
Class<?>[] types = ((CodeSignature) jp.getStaticPart().getSignature()).getParameterTypes();
Class<?> declaringType = jp.getStaticPart().getSignature().getDeclaringType();
method = findMethod(targetMethodName, declaringType, types);
this.method = findMethod(targetMethodName, declaringType, types);
if (method == null) {
if (this.method == null) {
throw new IllegalArgumentException("Could not obtain target method from JoinPoint: '" + jp + "'");
}
}
@@ -79,23 +79,23 @@ public final class MethodInvocationAdapter implements MethodInvocation {
}
public Method getMethod() {
return method;
return this.method;
}
public Object[] getArguments() {
return jp.getArgs();
return this.jp.getArgs();
}
public AccessibleObject getStaticPart() {
return method;
return this.method;
}
public Object getThis() {
return target;
return this.target;
}
public Object proceed() throws Throwable {
return jp.proceed();
return this.jp.proceed();
}
}
core/src/main/java/org/springframework/security/access/method/DelegatingMethodSecurityMetadataSource.java
+9 -8
View File
@@ -51,8 +51,8 @@ public final class DelegatingMethodSecurityMetadataSource extends AbstractMethod
public Collection<ConfigAttribute> getAttributes(Method method, Class<?> targetClass) {
DefaultCacheKey cacheKey = new DefaultCacheKey(method, targetClass);
synchronized (attributeCache) {
Collection<ConfigAttribute> cached = attributeCache.get(cacheKey);
synchronized (this.attributeCache) {
Collection<ConfigAttribute> cached = this.attributeCache.get(cacheKey);
// Check for canonical value indicating there is no config attribute,
if (cached != null) {
@@ -61,7 +61,7 @@ public final class DelegatingMethodSecurityMetadataSource extends AbstractMethod
// No cached value, so query the sources to find a result
Collection<ConfigAttribute> attributes = null;
for (MethodSecurityMetadataSource s : methodSecurityMetadataSources) {
for (MethodSecurityMetadataSource s : this.methodSecurityMetadataSources) {
attributes = s.getAttributes(method, targetClass);
if (attributes != null && !attributes.isEmpty()) {
break;
@@ -74,8 +74,8 @@ public final class DelegatingMethodSecurityMetadataSource extends AbstractMethod
return NULL_CONFIG_ATTRIBUTE;
}
if (logger.isDebugEnabled()) {
logger.debug("Caching method [" + cacheKey + "] with attributes " + attributes);
if (this.logger.isDebugEnabled()) {
this.logger.debug("Caching method [" + cacheKey + "] with attributes " + attributes);
}
this.attributeCache.put(cacheKey, attributes);
@@ -87,7 +87,7 @@ public final class DelegatingMethodSecurityMetadataSource extends AbstractMethod
@Override
public Collection<ConfigAttribute> getAllConfigAttributes() {
Set<ConfigAttribute> set = new HashSet<>();
for (MethodSecurityMetadataSource s : methodSecurityMetadataSources) {
for (MethodSecurityMetadataSource s : this.methodSecurityMetadataSources) {
Collection<ConfigAttribute> attrs = s.getAllConfigAttributes();
if (attrs != null) {
set.addAll(attrs);
@@ -97,7 +97,7 @@ public final class DelegatingMethodSecurityMetadataSource extends AbstractMethod
}
public List<MethodSecurityMetadataSource> getMethodSecurityMetadataSources() {
return methodSecurityMetadataSources;
return this.methodSecurityMetadataSources;
}
private static class DefaultCacheKey {
@@ -125,7 +125,8 @@ public final class DelegatingMethodSecurityMetadataSource extends AbstractMethod
@Override
public String toString() {
return "CacheKey[" + (targetClass == null ? "-" : targetClass.getName()) + "; " + method + "]";
return "CacheKey[" + (this.targetClass == null ? "-" : this.targetClass.getName()) + "; " + this.method
+ "]";
}
}
core/src/main/java/org/springframework/security/access/method/MapBasedMethodSecurityMetadataSource.java
+17 -16
View File
@@ -89,8 +89,8 @@ public class MapBasedMethodSecurityMetadataSource extends AbstractFallbackMethod
private List<ConfigAttribute> findAttributesSpecifiedAgainst(Method method, Class<?> clazz) {
RegisteredMethod registeredMethod = new RegisteredMethod(method, clazz);
if (methodMap.containsKey(registeredMethod)) {
return methodMap.get(registeredMethod);
if (this.methodMap.containsKey(registeredMethod)) {
return this.methodMap.get(registeredMethod);
}
// Search superclass
if (clazz.getSuperclass() != null) {
@@ -132,8 +132,8 @@ public class MapBasedMethodSecurityMetadataSource extends AbstractFallbackMethod
public void addSecureMethod(Class<?> javaType, String mappedName, List<ConfigAttribute> attr) {
String name = javaType.getName() + '.' + mappedName;
if (logger.isDebugEnabled()) {
logger.debug("Request to add secure method [" + name + "] with attributes [" + attr + "]");
if (this.logger.isDebugEnabled()) {
this.logger.debug("Request to add secure method [" + name + "] with attributes [" + attr + "]");
}
Method[] methods = javaType.getMethods();
@@ -158,7 +158,7 @@ public class MapBasedMethodSecurityMetadataSource extends AbstractFallbackMethod
// no already registered method name, or more specific
// method name specification now -> (re-)register method
if (regMethodName != null) {
logger.debug("Replacing attributes for secure method [" + method + "]: current name [" + name
this.logger.debug("Replacing attributes for secure method [" + method + "]: current name [" + name
+ "] is more specific than [" + regMethodName + "]");
}
@@ -166,7 +166,7 @@ public class MapBasedMethodSecurityMetadataSource extends AbstractFallbackMethod
addSecureMethod(registeredMethod, attr);
}
else {
logger.debug("Keeping attributes for secure method [" + method + "]: current name [" + name
this.logger.debug("Keeping attributes for secure method [" + method + "]: current name [" + name
+ "] is not more specific than [" + regMethodName + "]");
}
}
@@ -184,12 +184,13 @@ public class MapBasedMethodSecurityMetadataSource extends AbstractFallbackMethod
public void addSecureMethod(Class<?> javaType, Method method, List<ConfigAttribute> attr) {
RegisteredMethod key = new RegisteredMethod(method, javaType);
if (methodMap.containsKey(key)) {
logger.debug("Method [" + method + "] is already registered with attributes [" + methodMap.get(key) + "]");
if (this.methodMap.containsKey(key)) {
this.logger.debug(
"Method [" + method + "] is already registered with attributes [" + this.methodMap.get(key) + "]");
return;
}
methodMap.put(key, attr);
this.methodMap.put(key, attr);
}
/**
@@ -200,8 +201,8 @@ public class MapBasedMethodSecurityMetadataSource extends AbstractFallbackMethod
private void addSecureMethod(RegisteredMethod method, List<ConfigAttribute> attr) {
Assert.notNull(method, "RegisteredMethod required");
Assert.notNull(attr, "Configuration attribute required");
if (logger.isInfoEnabled()) {
logger.info("Adding secure method [" + method + "] with attributes [" + attr + "]");
if (this.logger.isInfoEnabled()) {
this.logger.info("Adding secure method [" + method + "] with attributes [" + attr + "]");
}
this.methodMap.put(method, attr);
}
@@ -214,7 +215,7 @@ public class MapBasedMethodSecurityMetadataSource extends AbstractFallbackMethod
public Collection<ConfigAttribute> getAllConfigAttributes() {
Set<ConfigAttribute> allAttributes = new HashSet<>();
for (List<ConfigAttribute> attributeList : methodMap.values()) {
for (List<ConfigAttribute> attributeList : this.methodMap.values()) {
allAttributes.addAll(attributeList);
}
@@ -243,7 +244,7 @@ public class MapBasedMethodSecurityMetadataSource extends AbstractFallbackMethod
* @return map size (for unit tests and diagnostics)
*/
public int getMethodMapSize() {
return methodMap.size();
return this.methodMap.size();
}
/**
@@ -275,19 +276,19 @@ public class MapBasedMethodSecurityMetadataSource extends AbstractFallbackMethod
}
if (obj != null && obj instanceof RegisteredMethod) {
RegisteredMethod rhs = (RegisteredMethod) obj;
return method.equals(rhs.method) && registeredJavaType.equals(rhs.registeredJavaType);
return this.method.equals(rhs.method) && this.registeredJavaType.equals(rhs.registeredJavaType);
}
return false;
}
@Override
public int hashCode() {
return method.hashCode() * registeredJavaType.hashCode();
return this.method.hashCode() * this.registeredJavaType.hashCode();
}
@Override
public String toString() {
return "RegisteredMethod[" + registeredJavaType.getName() + "; " + method + "]";
return "RegisteredMethod[" + this.registeredJavaType.getName() + "; " + this.method + "]";
}
}
core/src/main/java/org/springframework/security/access/prepost/PostInvocationAdviceProvider.java
+1 -1
View File
@@ -54,7 +54,7 @@ public class PostInvocationAdviceProvider implements AfterInvocationProvider {
return returnedObject;
}
return postAdvice.after(authentication, (MethodInvocation) object, pia, returnedObject);
return this.postAdvice.after(authentication, (MethodInvocation) object, pia, returnedObject);
}
private PostInvocationAttribute findPostInvocationAttribute(Collection<ConfigAttribute> config) {
core/src/main/java/org/springframework/security/access/prepost/PreInvocationAuthorizationAdviceVoter.java
+1 -1
View File
@@ -69,7 +69,7 @@ public class PreInvocationAuthorizationAdviceVoter implements AccessDecisionVote
return ACCESS_ABSTAIN;
}
boolean allowed = preAdvice.before(authentication, method, preAttr);
boolean allowed = this.preAdvice.before(authentication, method, preAttr);
return allowed ? ACCESS_GRANTED : ACCESS_DENIED;
}
core/src/main/java/org/springframework/security/access/vote/AbstractAccessDecisionManager.java
+2 -2
View File
@@ -64,7 +64,7 @@ public abstract class AbstractAccessDecisionManager
protected final void checkAllowIfAllAbstainDecisions() {
if (!this.isAllowIfAllAbstainDecisions()) {
throw new AccessDeniedException(
messages.getMessage("AbstractAccessDecisionManager.accessDenied", "Access is denied"));
this.messages.getMessage("AbstractAccessDecisionManager.accessDenied", "Access is denied"));
}
}
@@ -73,7 +73,7 @@ public abstract class AbstractAccessDecisionManager
}
public boolean isAllowIfAllAbstainDecisions() {
return allowIfAllAbstainDecisions;
return this.allowIfAllAbstainDecisions;
}
public void setAllowIfAllAbstainDecisions(boolean allowIfAllAbstainDecisions) {
core/src/main/java/org/springframework/security/access/vote/AbstractAclVoter.java
+3 -3
View File
@@ -39,17 +39,17 @@ public abstract class AbstractAclVoter implements AccessDecisionVoter<MethodInvo
args = invocation.getArguments();
for (int i = 0; i < params.length; i++) {
if (processDomainObjectClass.isAssignableFrom(params[i])) {
if (this.processDomainObjectClass.isAssignableFrom(params[i])) {
return args[i];
}
}
throw new AuthorizationServiceException("MethodInvocation: " + invocation
+ " did not provide any argument of type: " + processDomainObjectClass);
+ " did not provide any argument of type: " + this.processDomainObjectClass);
}
public Class<?> getProcessDomainObjectClass() {
return processDomainObjectClass;
return this.processDomainObjectClass;
}
public void setProcessDomainObjectClass(Class<?> processDomainObjectClass) {
core/src/main/java/org/springframework/security/access/vote/AffirmativeBased.java
+3 -3
View File
@@ -58,8 +58,8 @@ public class AffirmativeBased extends AbstractAccessDecisionManager {
for (AccessDecisionVoter voter : getDecisionVoters()) {
int result = voter.vote(authentication, object, configAttributes);
if (logger.isDebugEnabled()) {
logger.debug("Voter: " + voter + ", returned: " + result);
if (this.logger.isDebugEnabled()) {
this.logger.debug("Voter: " + voter + ", returned: " + result);
}
switch (result) {
@@ -78,7 +78,7 @@ public class AffirmativeBased extends AbstractAccessDecisionManager {
if (deny > 0) {
throw new AccessDeniedException(
messages.getMessage("AbstractAccessDecisionManager.accessDenied", "Access is denied"));
this.messages.getMessage("AbstractAccessDecisionManager.accessDenied", "Access is denied"));
}
// To get this far, every AccessDecisionVoter abstained
core/src/main/java/org/springframework/security/access/vote/AuthenticatedVoter.java
+6 -5
View File
@@ -57,8 +57,8 @@ public class AuthenticatedVoter implements AccessDecisionVoter<Object> {
private AuthenticationTrustResolver authenticationTrustResolver = new AuthenticationTrustResolverImpl();
private boolean isFullyAuthenticated(Authentication authentication) {
return (!authenticationTrustResolver.isAnonymous(authentication)
&& !authenticationTrustResolver.isRememberMe(authentication));
return (!this.authenticationTrustResolver.isAnonymous(authentication)
&& !this.authenticationTrustResolver.isRememberMe(authentication));
}
public void setAuthenticationTrustResolver(AuthenticationTrustResolver authenticationTrustResolver) {
@@ -101,15 +101,16 @@ public class AuthenticatedVoter implements AccessDecisionVoter<Object> {
}
if (IS_AUTHENTICATED_REMEMBERED.equals(attribute.getAttribute())) {
if (authenticationTrustResolver.isRememberMe(authentication)
if (this.authenticationTrustResolver.isRememberMe(authentication)
|| isFullyAuthenticated(authentication)) {
return ACCESS_GRANTED;
}
}
if (IS_AUTHENTICATED_ANONYMOUSLY.equals(attribute.getAttribute())) {
if (authenticationTrustResolver.isAnonymous(authentication) || isFullyAuthenticated(authentication)
|| authenticationTrustResolver.isRememberMe(authentication)) {
if (this.authenticationTrustResolver.isAnonymous(authentication)
|| isFullyAuthenticated(authentication)
|| this.authenticationTrustResolver.isRememberMe(authentication)) {
return ACCESS_GRANTED;
}
}
core/src/main/java/org/springframework/security/access/vote/ConsensusBased.java
+5 -5
View File
@@ -66,8 +66,8 @@ public class ConsensusBased extends AbstractAccessDecisionManager {
for (AccessDecisionVoter voter : getDecisionVoters()) {
int result = voter.vote(authentication, object, configAttributes);
if (logger.isDebugEnabled()) {
logger.debug("Voter: " + voter + ", returned: " + result);
if (this.logger.isDebugEnabled()) {
this.logger.debug("Voter: " + voter + ", returned: " + result);
}
switch (result) {
@@ -92,7 +92,7 @@ public class ConsensusBased extends AbstractAccessDecisionManager {
if (deny > grant) {
throw new AccessDeniedException(
messages.getMessage("AbstractAccessDecisionManager.accessDenied", "Access is denied"));
this.messages.getMessage("AbstractAccessDecisionManager.accessDenied", "Access is denied"));
}
if ((grant == deny) && (grant != 0)) {
@@ -101,7 +101,7 @@ public class ConsensusBased extends AbstractAccessDecisionManager {
}
else {
throw new AccessDeniedException(
messages.getMessage("AbstractAccessDecisionManager.accessDenied", "Access is denied"));
this.messages.getMessage("AbstractAccessDecisionManager.accessDenied", "Access is denied"));
}
}
@@ -110,7 +110,7 @@ public class ConsensusBased extends AbstractAccessDecisionManager {
}
public boolean isAllowIfEqualGrantedDeniedDecisions() {
return allowIfEqualGrantedDeniedDecisions;
return this.allowIfEqualGrantedDeniedDecisions;
}
public void setAllowIfEqualGrantedDeniedDecisions(boolean allowIfEqualGrantedDeniedDecisions) {
core/src/main/java/org/springframework/security/access/vote/RoleHierarchyVoter.java
+1 -1
View File
@@ -43,7 +43,7 @@ public class RoleHierarchyVoter extends RoleVoter {
*/
@Override
Collection<? extends GrantedAuthority> extractAuthorities(Authentication authentication) {
return roleHierarchy.getReachableGrantedAuthorities(authentication.getAuthorities());
return this.roleHierarchy.getReachableGrantedAuthorities(authentication.getAuthorities());
}
}
core/src/main/java/org/springframework/security/access/vote/RoleVoter.java
+1 -1
View File
@@ -54,7 +54,7 @@ public class RoleVoter implements AccessDecisionVoter<Object> {
private String rolePrefix = "ROLE_";
public String getRolePrefix() {
return rolePrefix;
return this.rolePrefix;
}
/**
core/src/main/java/org/springframework/security/access/vote/UnanimousBased.java
+3 -3
View File
@@ -69,8 +69,8 @@ public class UnanimousBased extends AbstractAccessDecisionManager {
for (AccessDecisionVoter voter : getDecisionVoters()) {
int result = voter.vote(authentication, object, singleAttributeList);
if (logger.isDebugEnabled()) {
logger.debug("Voter: " + voter + ", returned: " + result);
if (this.logger.isDebugEnabled()) {
this.logger.debug("Voter: " + voter + ", returned: " + result);
}
switch (result) {
@@ -81,7 +81,7 @@ public class UnanimousBased extends AbstractAccessDecisionManager {
case AccessDecisionVoter.ACCESS_DENIED:
throw new AccessDeniedException(
messages.getMessage("AbstractAccessDecisionManager.accessDenied", "Access is denied"));
this.messages.getMessage("AbstractAccessDecisionManager.accessDenied", "Access is denied"));
default:
break;
core/src/main/java/org/springframework/security/authentication/AbstractAuthenticationToken.java
+8 -8
View File
@@ -66,7 +66,7 @@ public abstract class AbstractAuthenticationToken implements Authentication, Cre
}
public Collection<GrantedAuthority> getAuthorities() {
return authorities;
return this.authorities;
}
public String getName() {
@@ -84,7 +84,7 @@ public abstract class AbstractAuthenticationToken implements Authentication, Cre
}
public boolean isAuthenticated() {
return authenticated;
return this.authenticated;
}
public void setAuthenticated(boolean authenticated) {
@@ -92,7 +92,7 @@ public abstract class AbstractAuthenticationToken implements Authentication, Cre
}
public Object getDetails() {
return details;
return this.details;
}
public void setDetails(Object details) {
@@ -107,7 +107,7 @@ public abstract class AbstractAuthenticationToken implements Authentication, Cre
public void eraseCredentials() {
eraseSecret(getCredentials());
eraseSecret(getPrincipal());
eraseSecret(details);
eraseSecret(this.details);
}
private void eraseSecret(Object secret) {
@@ -124,7 +124,7 @@ public abstract class AbstractAuthenticationToken implements Authentication, Cre
AbstractAuthenticationToken test = (AbstractAuthenticationToken) obj;
if (!authorities.equals(test.authorities)) {
if (!this.authorities.equals(test.authorities)) {
return false;
}
@@ -163,7 +163,7 @@ public abstract class AbstractAuthenticationToken implements Authentication, Cre
public int hashCode() {
int code = 31;
for (GrantedAuthority authority : authorities) {
for (GrantedAuthority authority : this.authorities) {
code ^= authority.hashCode();
}
@@ -195,11 +195,11 @@ public abstract class AbstractAuthenticationToken implements Authentication, Cre
sb.append("Authenticated: ").append(this.isAuthenticated()).append("; ");
sb.append("Details: ").append(this.getDetails()).append("; ");
if (!authorities.isEmpty()) {
if (!this.authorities.isEmpty()) {
sb.append("Granted Authorities: ");
int i = 0;
for (GrantedAuthority authority : authorities) {
for (GrantedAuthority authority : this.authorities) {
if (i++ > 0) {
sb.append(", ");
}
core/src/main/java/org/springframework/security/authentication/AbstractUserDetailsReactiveAuthenticationManager.java
+4 -4
View File
@@ -59,21 +59,21 @@ public abstract class AbstractUserDetailsReactiveAuthenticationManager implement
private UserDetailsChecker preAuthenticationChecks = user -> {
if (!user.isAccountNonLocked()) {
logger.debug("User account is locked");
this.logger.debug("User account is locked");
throw new LockedException(this.messages.getMessage("AbstractUserDetailsAuthenticationProvider.locked",
"User account is locked"));
}
if (!user.isEnabled()) {
logger.debug("User account is disabled");
this.logger.debug("User account is disabled");
throw new DisabledException(
this.messages.getMessage("AbstractUserDetailsAuthenticationProvider.disabled", "User is disabled"));
}
if (!user.isAccountNonExpired()) {
logger.debug("User account is expired");
this.logger.debug("User account is expired");
throw new AccountExpiredException(this.messages
.getMessage("AbstractUserDetailsAuthenticationProvider.expired", "User account has expired"));
@@ -82,7 +82,7 @@ public abstract class AbstractUserDetailsReactiveAuthenticationManager implement
private UserDetailsChecker postAuthenticationChecks = user -> {
if (!user.isCredentialsNonExpired()) {
logger.debug("User account credentials have expired");
this.logger.debug("User account credentials have expired");
throw new CredentialsExpiredException(this.messages.getMessage(
"AbstractUserDetailsAuthenticationProvider.credentialsExpired", "User credentials have expired"));
core/src/main/java/org/springframework/security/authentication/AccountStatusUserDetailsChecker.java
+4 -4
View File
@@ -33,21 +33,21 @@ public class AccountStatusUserDetailsChecker implements UserDetailsChecker, Mess
public void check(UserDetails user) {
if (!user.isAccountNonLocked()) {
throw new LockedException(
messages.getMessage("AccountStatusUserDetailsChecker.locked", "User account is locked"));
this.messages.getMessage("AccountStatusUserDetailsChecker.locked", "User account is locked"));
}
if (!user.isEnabled()) {
throw new DisabledException(
messages.getMessage("AccountStatusUserDetailsChecker.disabled", "User is disabled"));
this.messages.getMessage("AccountStatusUserDetailsChecker.disabled", "User is disabled"));
}
if (!user.isAccountNonExpired()) {
throw new AccountExpiredException(
messages.getMessage("AccountStatusUserDetailsChecker.expired", "User account has expired"));
this.messages.getMessage("AccountStatusUserDetailsChecker.expired", "User account has expired"));
}
if (!user.isCredentialsNonExpired()) {
throw new CredentialsExpiredException(messages
throw new CredentialsExpiredException(this.messages
.getMessage("AccountStatusUserDetailsChecker.credentialsExpired", "User credentials have expired"));
}
}
core/src/main/java/org/springframework/security/authentication/AnonymousAuthenticationProvider.java
+2 -2
View File
@@ -50,7 +50,7 @@ public class AnonymousAuthenticationProvider implements AuthenticationProvider,
}
if (this.key.hashCode() != ((AnonymousAuthenticationToken) authentication).getKeyHash()) {
throw new BadCredentialsException(messages.getMessage("AnonymousAuthenticationProvider.incorrectKey",
throw new BadCredentialsException(this.messages.getMessage("AnonymousAuthenticationProvider.incorrectKey",
"The presented AnonymousAuthenticationToken does not contain the expected key"));
}
@@ -58,7 +58,7 @@ public class AnonymousAuthenticationProvider implements AuthenticationProvider,
}
public String getKey() {
return key;
return this.key;
}
public void setMessageSource(MessageSource messageSource) {
core/src/main/java/org/springframework/security/authentication/AuthenticationTrustResolverImpl.java
+6 -6
View File
@@ -36,27 +36,27 @@ public class AuthenticationTrustResolverImpl implements AuthenticationTrustResol
private Class<? extends Authentication> rememberMeClass = RememberMeAuthenticationToken.class;
Class<? extends Authentication> getAnonymousClass() {
return anonymousClass;
return this.anonymousClass;
}
Class<? extends Authentication> getRememberMeClass() {
return rememberMeClass;
return this.rememberMeClass;
}
public boolean isAnonymous(Authentication authentication) {
if ((anonymousClass == null) || (authentication == null)) {
if ((this.anonymousClass == null) || (authentication == null)) {
return false;
}
return anonymousClass.isAssignableFrom(authentication.getClass());
return this.anonymousClass.isAssignableFrom(authentication.getClass());
}
public boolean isRememberMe(Authentication authentication) {
if ((rememberMeClass == null) || (authentication == null)) {
if ((this.rememberMeClass == null) || (authentication == null)) {
return false;
}
return rememberMeClass.isAssignableFrom(authentication.getClass());
return this.rememberMeClass.isAssignableFrom(authentication.getClass());
}
public void setAnonymousClass(Class<? extends Authentication> anonymousClass) {
core/src/main/java/org/springframework/security/authentication/CachingUserDetailsService.java
+6 -6
View File
@@ -36,7 +36,7 @@ public class CachingUserDetailsService implements UserDetailsService {
}
public UserCache getUserCache() {
return userCache;
return this.userCache;
}
public void setUserCache(UserCache userCache) {
@@ -44,16 +44,16 @@ public class CachingUserDetailsService implements UserDetailsService {
}
public UserDetails loadUserByUsername(String username) {
UserDetails user = userCache.getUserFromCache(username);
UserDetails user = this.userCache.getUserFromCache(username);
if (user == null) {
user = delegate.loadUserByUsername(username);
user = this.delegate.loadUserByUsername(username);
}
Assert.notNull(user, () -> "UserDetailsService " + delegate + " returned null for username " + username + ". "
+ "This is an interface contract violation");
Assert.notNull(user, () -> "UserDetailsService " + this.delegate + " returned null for username " + username
+ ". " + "This is an interface contract violation");
userCache.putUserInCache(user);
this.userCache.putUserInCache(user);
return user;
}
core/src/main/java/org/springframework/security/authentication/DefaultAuthenticationEventPublisher.java
+7 -7
View File
@@ -94,8 +94,8 @@ public class DefaultAuthenticationEventPublisher
}
public void publishAuthenticationSuccess(Authentication authentication) {
if (applicationEventPublisher != null) {
applicationEventPublisher.publishEvent(new AuthenticationSuccessEvent(authentication));
if (this.applicationEventPublisher != null) {
this.applicationEventPublisher.publishEvent(new AuthenticationSuccessEvent(authentication));
}
}
@@ -112,13 +112,13 @@ public class DefaultAuthenticationEventPublisher
}
if (event != null) {
if (applicationEventPublisher != null) {
applicationEventPublisher.publishEvent(event);
if (this.applicationEventPublisher != null) {
this.applicationEventPublisher.publishEvent(event);
}
}
else {
if (logger.isDebugEnabled()) {
logger.debug("No event was found for the exception " + exception.getClass().getName());
if (this.logger.isDebugEnabled()) {
this.logger.debug("No event was found for the exception " + exception.getClass().getName());
}
}
}
@@ -201,7 +201,7 @@ public class DefaultAuthenticationEventPublisher
try {
Constructor<? extends AbstractAuthenticationEvent> constructor = eventClass
.getConstructor(Authentication.class, AuthenticationException.class);
exceptionMappings.put(exceptionClass, constructor);
this.exceptionMappings.put(exceptionClass, constructor);
}
catch (NoSuchMethodException e) {
throw new RuntimeException(
core/src/main/java/org/springframework/security/authentication/ProviderManager.java
+10 -10
View File
@@ -132,11 +132,11 @@ public class ProviderManager implements AuthenticationManager, MessageSourceAwar
}
private void checkState() {
if (parent == null && providers.isEmpty()) {
if (this.parent == null && this.providers.isEmpty()) {
throw new IllegalArgumentException(
"A parent AuthenticationManager or a list " + "of AuthenticationProviders is required");
}
else if (CollectionUtils.contains(providers.iterator(), null)) {
else if (CollectionUtils.contains(this.providers.iterator(), null)) {
throw new IllegalArgumentException("providers list cannot contain null values");
}
}
@@ -197,10 +197,10 @@ public class ProviderManager implements AuthenticationManager, MessageSourceAwar
}
}
if (result == null && parent != null) {
if (result == null && this.parent != null) {
// Allow the parent to try.
try {
result = parentResult = parent.authenticate(authentication);
result = parentResult = this.parent.authenticate(authentication);
}
catch (ProviderNotFoundException e) {
// ignore as we will throw below if no other exception occurred prior to
@@ -214,7 +214,7 @@ public class ProviderManager implements AuthenticationManager, MessageSourceAwar
}
if (result != null) {
if (eraseCredentialsAfterAuthentication && (result instanceof CredentialsContainer)) {
if (this.eraseCredentialsAfterAuthentication && (result instanceof CredentialsContainer)) {
// Authentication is complete. Remove credentials and other secret data
// from authentication
((CredentialsContainer) result).eraseCredentials();
@@ -225,7 +225,7 @@ public class ProviderManager implements AuthenticationManager, MessageSourceAwar
// This check prevents a duplicate AuthenticationSuccessEvent if the parent
// AuthenticationManager already published it
if (parentResult == null) {
eventPublisher.publishAuthenticationSuccess(result);
this.eventPublisher.publishAuthenticationSuccess(result);
}
return result;
}
@@ -233,7 +233,7 @@ public class ProviderManager implements AuthenticationManager, MessageSourceAwar
// Parent was null, or didn't authenticate (or throw an exception).
if (lastException == null) {
lastException = new ProviderNotFoundException(messages.getMessage("ProviderManager.providerNotFound",
lastException = new ProviderNotFoundException(this.messages.getMessage("ProviderManager.providerNotFound",
new Object[] { toTest.getName() }, "No AuthenticationProvider found for {0}"));
}
@@ -250,7 +250,7 @@ public class ProviderManager implements AuthenticationManager, MessageSourceAwar
@SuppressWarnings("deprecation")
private void prepareException(AuthenticationException ex, Authentication auth) {
eventPublisher.publishAuthenticationFailure(ex, auth);
this.eventPublisher.publishAuthenticationFailure(ex, auth);
}
/**
@@ -268,7 +268,7 @@ public class ProviderManager implements AuthenticationManager, MessageSourceAwar
}
public List<AuthenticationProvider> getProviders() {
return providers;
return this.providers;
}
public void setMessageSource(MessageSource messageSource) {
@@ -293,7 +293,7 @@ public class ProviderManager implements AuthenticationManager, MessageSourceAwar
}
public boolean isEraseCredentialsAfterAuthentication() {
return eraseCredentialsAfterAuthentication;
return this.eraseCredentialsAfterAuthentication;
}
private static final class NullEventPublisher implements AuthenticationEventPublisher {
core/src/main/java/org/springframework/security/authentication/ReactiveAuthenticationManagerAdapter.java
+1 -1
View File
@@ -48,7 +48,7 @@ public class ReactiveAuthenticationManagerAdapter implements ReactiveAuthenticat
public Mono<Authentication> authenticate(Authentication token) {
return Mono.just(token).publishOn(this.scheduler).flatMap(t -> {
try {
return Mono.just(authenticationManager.authenticate(t));
return Mono.just(this.authenticationManager.authenticate(t));
}
catch (Throwable error) {
return Mono.error(error);
core/src/main/java/org/springframework/security/authentication/RememberMeAuthenticationProvider.java
+2 -2
View File
@@ -53,7 +53,7 @@ public class RememberMeAuthenticationProvider implements AuthenticationProvider,
}
if (this.key.hashCode() != ((RememberMeAuthenticationToken) authentication).getKeyHash()) {
throw new BadCredentialsException(messages.getMessage("RememberMeAuthenticationProvider.incorrectKey",
throw new BadCredentialsException(this.messages.getMessage("RememberMeAuthenticationProvider.incorrectKey",
"The presented RememberMeAuthenticationToken does not contain the expected key"));
}
@@ -61,7 +61,7 @@ public class RememberMeAuthenticationProvider implements AuthenticationProvider,
}
public String getKey() {
return key;
return this.key;
}
public void setMessageSource(MessageSource messageSource) {
core/src/main/java/org/springframework/security/authentication/UsernamePasswordAuthenticationToken.java
+1 -1
View File
@@ -90,7 +90,7 @@ public class UsernamePasswordAuthenticationToken extends AbstractAuthenticationT
@Override
public void eraseCredentials() {
super.eraseCredentials();
credentials = null;
this.credentials = null;
}
}
core/src/main/java/org/springframework/security/authentication/dao/AbstractUserDetailsAuthenticationProvider.java
+25 -25
View File
@@ -120,7 +120,7 @@ public abstract class AbstractUserDetailsAuthenticationProvider
public Authentication authenticate(Authentication authentication) throws AuthenticationException {
Assert.isInstanceOf(UsernamePasswordAuthenticationToken.class, authentication,
() -> messages.getMessage("AbstractUserDetailsAuthenticationProvider.onlySupports",
() -> this.messages.getMessage("AbstractUserDetailsAuthenticationProvider.onlySupports",
"Only UsernamePasswordAuthenticationToken is supported"));
// Determine username
@@ -136,10 +136,10 @@ public abstract class AbstractUserDetailsAuthenticationProvider
user = retrieveUser(username, (UsernamePasswordAuthenticationToken) authentication);
}
catch (UsernameNotFoundException notFound) {
logger.debug("User '" + username + "' not found");
this.logger.debug("User '" + username + "' not found");
if (hideUserNotFoundExceptions) {
throw new BadCredentialsException(messages
if (this.hideUserNotFoundExceptions) {
throw new BadCredentialsException(this.messages
.getMessage("AbstractUserDetailsAuthenticationProvider.badCredentials", "Bad credentials"));
}
else {
@@ -151,7 +151,7 @@ public abstract class AbstractUserDetailsAuthenticationProvider
}
try {
preAuthenticationChecks.check(user);
this.preAuthenticationChecks.check(user);
additionalAuthenticationChecks(user, (UsernamePasswordAuthenticationToken) authentication);
}
catch (AuthenticationException exception) {
@@ -160,7 +160,7 @@ public abstract class AbstractUserDetailsAuthenticationProvider
// we're using latest data (i.e. not from the cache)
cacheWasUsed = false;
user = retrieveUser(username, (UsernamePasswordAuthenticationToken) authentication);
preAuthenticationChecks.check(user);
this.preAuthenticationChecks.check(user);
additionalAuthenticationChecks(user, (UsernamePasswordAuthenticationToken) authentication);
}
else {
@@ -168,7 +168,7 @@ public abstract class AbstractUserDetailsAuthenticationProvider
}
}
postAuthenticationChecks.check(user);
this.postAuthenticationChecks.check(user);
if (!cacheWasUsed) {
this.userCache.putUserInCache(user);
@@ -176,7 +176,7 @@ public abstract class AbstractUserDetailsAuthenticationProvider
Object principalToReturn = user;
if (forcePrincipalAsString) {
if (this.forcePrincipalAsString) {
principalToReturn = user.getUsername();
}
@@ -205,7 +205,7 @@ public abstract class AbstractUserDetailsAuthenticationProvider
// Also ensure we return the original getDetails(), so that future
// authentication events after cache expiry contain the details
UsernamePasswordAuthenticationToken result = new UsernamePasswordAuthenticationToken(principal,
authentication.getCredentials(), authoritiesMapper.mapAuthorities(user.getAuthorities()));
authentication.getCredentials(), this.authoritiesMapper.mapAuthorities(user.getAuthorities()));
result.setDetails(authentication.getDetails());
return result;
@@ -215,15 +215,15 @@ public abstract class AbstractUserDetailsAuthenticationProvider
}
public UserCache getUserCache() {
return userCache;
return this.userCache;
}
public boolean isForcePrincipalAsString() {
return forcePrincipalAsString;
return this.forcePrincipalAsString;
}
public boolean isHideUserNotFoundExceptions() {
return hideUserNotFoundExceptions;
return this.hideUserNotFoundExceptions;
}
/**
@@ -299,7 +299,7 @@ public abstract class AbstractUserDetailsAuthenticationProvider
}
protected UserDetailsChecker getPreAuthenticationChecks() {
return preAuthenticationChecks;
return this.preAuthenticationChecks;
}
/**
@@ -312,7 +312,7 @@ public abstract class AbstractUserDetailsAuthenticationProvider
}
protected UserDetailsChecker getPostAuthenticationChecks() {
return postAuthenticationChecks;
return this.postAuthenticationChecks;
}
public void setPostAuthenticationChecks(UserDetailsChecker postAuthenticationChecks) {
@@ -327,23 +327,23 @@ public abstract class AbstractUserDetailsAuthenticationProvider
public void check(UserDetails user) {
if (!user.isAccountNonLocked()) {
logger.debug("User account is locked");
AbstractUserDetailsAuthenticationProvider.this.logger.debug("User account is locked");
throw new LockedException(messages.getMessage("AbstractUserDetailsAuthenticationProvider.locked",
"User account is locked"));
throw new LockedException(AbstractUserDetailsAuthenticationProvider.this.messages
.getMessage("AbstractUserDetailsAuthenticationProvider.locked", "User account is locked"));
}
if (!user.isEnabled()) {
logger.debug("User account is disabled");
AbstractUserDetailsAuthenticationProvider.this.logger.debug("User account is disabled");
throw new DisabledException(
messages.getMessage("AbstractUserDetailsAuthenticationProvider.disabled", "User is disabled"));
throw new DisabledException(AbstractUserDetailsAuthenticationProvider.this.messages
.getMessage("AbstractUserDetailsAuthenticationProvider.disabled", "User is disabled"));
}
if (!user.isAccountNonExpired()) {
logger.debug("User account is expired");
AbstractUserDetailsAuthenticationProvider.this.logger.debug("User account is expired");
throw new AccountExpiredException(messages
throw new AccountExpiredException(AbstractUserDetailsAuthenticationProvider.this.messages
.getMessage("AbstractUserDetailsAuthenticationProvider.expired", "User account has expired"));
}
}
@@ -354,10 +354,10 @@ public abstract class AbstractUserDetailsAuthenticationProvider
public void check(UserDetails user) {
if (!user.isCredentialsNonExpired()) {
logger.debug("User account credentials have expired");
AbstractUserDetailsAuthenticationProvider.this.logger.debug("User account credentials have expired");
throw new CredentialsExpiredException(
messages.getMessage("AbstractUserDetailsAuthenticationProvider.credentialsExpired",
throw new CredentialsExpiredException(AbstractUserDetailsAuthenticationProvider.this.messages
.getMessage("AbstractUserDetailsAuthenticationProvider.credentialsExpired",
"User credentials have expired"));
}
}
core/src/main/java/org/springframework/security/authentication/dao/DaoAuthenticationProvider.java
+9 -9
View File
@@ -67,19 +67,19 @@ public class DaoAuthenticationProvider extends AbstractUserDetailsAuthentication
protected void additionalAuthenticationChecks(UserDetails userDetails,
UsernamePasswordAuthenticationToken authentication) throws AuthenticationException {
if (authentication.getCredentials() == null) {
logger.debug("Authentication failed: no credentials provided");
this.logger.debug("Authentication failed: no credentials provided");
throw new BadCredentialsException(
messages.getMessage("AbstractUserDetailsAuthenticationProvider.badCredentials", "Bad credentials"));
throw new BadCredentialsException(this.messages
.getMessage("AbstractUserDetailsAuthenticationProvider.badCredentials", "Bad credentials"));
}
String presentedPassword = authentication.getCredentials().toString();
if (!passwordEncoder.matches(presentedPassword, userDetails.getPassword())) {
logger.debug("Authentication failed: password does not match stored value");
if (!this.passwordEncoder.matches(presentedPassword, userDetails.getPassword())) {
this.logger.debug("Authentication failed: password does not match stored value");
throw new BadCredentialsException(
messages.getMessage("AbstractUserDetailsAuthenticationProvider.badCredentials", "Bad credentials"));
throw new BadCredentialsException(this.messages
.getMessage("AbstractUserDetailsAuthenticationProvider.badCredentials", "Bad credentials"));
}
}
@@ -150,7 +150,7 @@ public class DaoAuthenticationProvider extends AbstractUserDetailsAuthentication
}
protected PasswordEncoder getPasswordEncoder() {
return passwordEncoder;
return this.passwordEncoder;
}
public void setUserDetailsService(UserDetailsService userDetailsService) {
@@ -158,7 +158,7 @@ public class DaoAuthenticationProvider extends AbstractUserDetailsAuthentication
}
protected UserDetailsService getUserDetailsService() {
return userDetailsService;
return this.userDetailsService;
}
public void setUserDetailsPasswordService(UserDetailsPasswordService userDetailsPasswordService) {
core/src/main/java/org/springframework/security/authentication/event/AbstractAuthenticationFailureEvent.java
+1 -1
View File
@@ -36,7 +36,7 @@ public abstract class AbstractAuthenticationFailureEvent extends AbstractAuthent
}
public AuthenticationException getException() {
return exception;
return this.exception;
}
}
core/src/main/java/org/springframework/security/authentication/event/InteractiveAuthenticationSuccessEvent.java
+1 -1
View File
@@ -48,7 +48,7 @@ public class InteractiveAuthenticationSuccessEvent extends AbstractAuthenticatio
* @return the class
*/
public Class<?> getGeneratedBy() {
return generatedBy;
return this.generatedBy;
}
}
core/src/main/java/org/springframework/security/authentication/event/LoggerListener.java
+2 -2
View File
@@ -40,7 +40,7 @@ public class LoggerListener implements ApplicationListener<AbstractAuthenticatio
private boolean logInteractiveAuthenticationSuccessEvents = true;
public void onApplicationEvent(AbstractAuthenticationEvent event) {
if (!logInteractiveAuthenticationSuccessEvents && event instanceof InteractiveAuthenticationSuccessEvent) {
if (!this.logInteractiveAuthenticationSuccessEvents && event instanceof InteractiveAuthenticationSuccessEvent) {
return;
}
@@ -63,7 +63,7 @@ public class LoggerListener implements ApplicationListener<AbstractAuthenticatio
}
public boolean isLogInteractiveAuthenticationSuccessEvents() {
return logInteractiveAuthenticationSuccessEvents;
return this.logInteractiveAuthenticationSuccessEvents;
}
public void setLogInteractiveAuthenticationSuccessEvents(boolean logInteractiveAuthenticationSuccessEvents) {
core/src/main/java/org/springframework/security/authentication/jaas/JaasAuthenticationToken.java
+1 -1
View File
@@ -48,7 +48,7 @@ public class JaasAuthenticationToken extends UsernamePasswordAuthenticationToken
}
public LoginContext getLoginContext() {
return loginContext;
return this.loginContext;
}
}
core/src/main/java/org/springframework/security/authentication/jaas/JaasGrantedAuthority.java
+3 -3
View File
@@ -45,12 +45,12 @@ public final class JaasGrantedAuthority implements GrantedAuthority {
}
public Principal getPrincipal() {
return principal;
return this.principal;
}
@Override
public String getAuthority() {
return role;
return this.role;
}
@Override
@@ -76,7 +76,7 @@ public final class JaasGrantedAuthority implements GrantedAuthority {
@Override
public String toString() {
return "Jaas Authority [" + role + "," + principal + "]";
return "Jaas Authority [" + this.role + "," + this.principal + "]";
}
}
core/src/main/java/org/springframework/security/authentication/jaas/SecurityContextLoginModule.java
+13 -13
View File
@@ -69,11 +69,11 @@ public class SecurityContextLoginModule implements LoginModule {
* @exception LoginException if the abort fails
*/
public boolean abort() {
if (authen == null) {
if (this.authen == null) {
return false;
}
authen = null;
this.authen = null;
return true;
}
@@ -86,21 +86,21 @@ public class SecurityContextLoginModule implements LoginModule {
* @exception LoginException if the commit fails
*/
public boolean commit() {
if (authen == null) {
if (this.authen == null) {
return false;
}
subject.getPrincipals().add(authen);
this.subject.getPrincipals().add(this.authen);
return true;
}
Authentication getAuthentication() {
return authen;
return this.authen;
}
Subject getSubject() {
return subject;
return this.subject;
}
/**
@@ -118,7 +118,7 @@ public class SecurityContextLoginModule implements LoginModule {
this.subject = subject;
if (options != null) {
ignoreMissingAuthentication = "true".equals(options.get("ignoreMissingAuthentication"));
this.ignoreMissingAuthentication = "true".equals(options.get("ignoreMissingAuthentication"));
}
}
@@ -130,12 +130,12 @@ public class SecurityContextLoginModule implements LoginModule {
* @throws LoginException if the authentication fails
*/
public boolean login() throws LoginException {
authen = SecurityContextHolder.getContext().getAuthentication();
this.authen = SecurityContextHolder.getContext().getAuthentication();
if (authen == null) {
if (this.authen == null) {
String msg = "Login cannot complete, authentication not found in security context";
if (ignoreMissingAuthentication) {
if (this.ignoreMissingAuthentication) {
log.warn(msg);
return false;
@@ -155,12 +155,12 @@ public class SecurityContextLoginModule implements LoginModule {
* @exception LoginException if the logout fails
*/
public boolean logout() {
if (authen == null) {
if (this.authen == null) {
return false;
}
subject.getPrincipals().remove(authen);
authen = null;
this.subject.getPrincipals().remove(this.authen);
this.authen = null;
return true;
}
core/src/main/java/org/springframework/security/authentication/jaas/event/JaasAuthenticationEvent.java
+1 -1
View File
@@ -41,7 +41,7 @@ public abstract class JaasAuthenticationEvent extends ApplicationEvent {
* @return the Authentication
*/
public Authentication getAuthentication() {
return (Authentication) source;
return (Authentication) this.source;
}
}
core/src/main/java/org/springframework/security/authentication/jaas/event/JaasAuthenticationFailedEvent.java
+1 -1
View File
@@ -34,7 +34,7 @@ public class JaasAuthenticationFailedEvent extends JaasAuthenticationEvent {
}
public Exception getException() {
return exception;
return this.exception;
}
}
core/src/main/java/org/springframework/security/authentication/rcp/RemoteAuthenticationManagerImpl.java
+2 -2
View File
@@ -46,7 +46,7 @@ public class RemoteAuthenticationManagerImpl implements RemoteAuthenticationMana
UsernamePasswordAuthenticationToken request = new UsernamePasswordAuthenticationToken(username, password);
try {
return authenticationManager.authenticate(request).getAuthorities();
return this.authenticationManager.authenticate(request).getAuthorities();
}
catch (AuthenticationException authEx) {
throw new RemoteAuthenticationException(authEx.getMessage());
@@ -54,7 +54,7 @@ public class RemoteAuthenticationManagerImpl implements RemoteAuthenticationMana
}
protected AuthenticationManager getAuthenticationManager() {
return authenticationManager;
return this.authenticationManager;
}
public void setAuthenticationManager(AuthenticationManager authenticationManager) {
core/src/main/java/org/springframework/security/authentication/rcp/RemoteAuthenticationProvider.java
+3 -3
View File
@@ -62,14 +62,14 @@ public class RemoteAuthenticationProvider implements AuthenticationProvider, Ini
String username = authentication.getPrincipal().toString();
Object credentials = authentication.getCredentials();
String password = credentials == null ? null : credentials.toString();
Collection<? extends GrantedAuthority> authorities = remoteAuthenticationManager.attemptAuthentication(username,
password);
Collection<? extends GrantedAuthority> authorities = this.remoteAuthenticationManager
.attemptAuthentication(username, password);
return new UsernamePasswordAuthenticationToken(username, password, authorities);
}
public RemoteAuthenticationManager getRemoteAuthenticationManager() {
return remoteAuthenticationManager;
return this.remoteAuthenticationManager;
}
public void setRemoteAuthenticationManager(RemoteAuthenticationManager remoteAuthenticationManager) {
core/src/main/java/org/springframework/security/authorization/AuthorizationDecision.java
+1 -1
View File
@@ -29,7 +29,7 @@ public class AuthorizationDecision {
}
public boolean isGranted() {
return granted;
return this.granted;
}
}
core/src/main/java/org/springframework/security/concurrent/AbstractDelegatingSecurityContextSupport.java
+2 -2
View File
@@ -44,11 +44,11 @@ abstract class AbstractDelegatingSecurityContextSupport {
}
protected final Runnable wrap(Runnable delegate) {
return DelegatingSecurityContextRunnable.create(delegate, securityContext);
return DelegatingSecurityContextRunnable.create(delegate, this.securityContext);
}
protected final <T> Callable<T> wrap(Callable<T> delegate) {
return DelegatingSecurityContextCallable.create(delegate, securityContext);
return DelegatingSecurityContextCallable.create(delegate, this.securityContext);
}
}
core/src/main/java/org/springframework/security/concurrent/DelegatingSecurityContextCallable.java
+5 -5
View File
@@ -80,16 +80,16 @@ public final class DelegatingSecurityContextCallable<V> implements Callable<V> {
this.originalSecurityContext = SecurityContextHolder.getContext();
try {
SecurityContextHolder.setContext(delegateSecurityContext);
return delegate.call();
SecurityContextHolder.setContext(this.delegateSecurityContext);
return this.delegate.call();
}
finally {
SecurityContext emptyContext = SecurityContextHolder.createEmptyContext();
if (emptyContext.equals(originalSecurityContext)) {
if (emptyContext.equals(this.originalSecurityContext)) {
SecurityContextHolder.clearContext();
}
else {
SecurityContextHolder.setContext(originalSecurityContext);
SecurityContextHolder.setContext(this.originalSecurityContext);
}
this.originalSecurityContext = null;
}
@@ -97,7 +97,7 @@ public final class DelegatingSecurityContextCallable<V> implements Callable<V> {
@Override
public String toString() {
return delegate.toString();
return this.delegate.toString();
}
/**
core/src/main/java/org/springframework/security/concurrent/DelegatingSecurityContextExecutor.java
+2 -2
View File
@@ -58,11 +58,11 @@ public class DelegatingSecurityContextExecutor extends AbstractDelegatingSecurit
public final void execute(Runnable task) {
task = wrap(task);
delegate.execute(task);
this.delegate.execute(task);
}
protected final Executor getDelegateExecutor() {
return delegate;
return this.delegate;
}
}
core/src/main/java/org/springframework/security/concurrent/DelegatingSecurityContextRunnable.java
+5 -5
View File
@@ -78,16 +78,16 @@ public final class DelegatingSecurityContextRunnable implements Runnable {
this.originalSecurityContext = SecurityContextHolder.getContext();
try {
SecurityContextHolder.setContext(delegateSecurityContext);
delegate.run();
SecurityContextHolder.setContext(this.delegateSecurityContext);
this.delegate.run();
}
finally {
SecurityContext emptyContext = SecurityContextHolder.createEmptyContext();
if (emptyContext.equals(originalSecurityContext)) {
if (emptyContext.equals(this.originalSecurityContext)) {
SecurityContextHolder.clearContext();
}
else {
SecurityContextHolder.setContext(originalSecurityContext);
SecurityContextHolder.setContext(this.originalSecurityContext);
}
this.originalSecurityContext = null;
}
@@ -95,7 +95,7 @@ public final class DelegatingSecurityContextRunnable implements Runnable {
@Override
public String toString() {
return delegate.toString();
return this.delegate.toString();
}
/**
core/src/main/java/org/springframework/security/context/DelegatingApplicationListener.java
+2 -2
View File
@@ -38,7 +38,7 @@ public final class DelegatingApplicationListener implements ApplicationListener<
if (event == null) {
return;
}
for (SmartApplicationListener listener : listeners) {
for (SmartApplicationListener listener : this.listeners) {
Object source = event.getSource();
if (source != null && listener.supportsEventType(event.getClass())
&& listener.supportsSourceType(source.getClass())) {
@@ -54,7 +54,7 @@ public final class DelegatingApplicationListener implements ApplicationListener<
*/
public void addListener(SmartApplicationListener smartApplicationListener) {
Assert.notNull(smartApplicationListener, "smartApplicationListener cannot be null");
listeners.add(smartApplicationListener);
this.listeners.add(smartApplicationListener);
}
}
core/src/main/java/org/springframework/security/core/authority/SimpleGrantedAuthority.java
+2 -2
View File
@@ -41,7 +41,7 @@ public final class SimpleGrantedAuthority implements GrantedAuthority {
@Override
public String getAuthority() {
return role;
return this.role;
}
@Override
@@ -51,7 +51,7 @@ public final class SimpleGrantedAuthority implements GrantedAuthority {
}
if (obj instanceof SimpleGrantedAuthority) {
return role.equals(((SimpleGrantedAuthority) obj).role);
return this.role.equals(((SimpleGrantedAuthority) obj).role);
}
return false;
core/src/main/java/org/springframework/security/core/authority/mapping/MapBasedAttributes2GrantedAuthoritiesMapper.java
+7 -7
View File
@@ -48,7 +48,7 @@ public class MapBasedAttributes2GrantedAuthoritiesMapper
private Set<String> mappableAttributes = null;
public void afterPropertiesSet() {
Assert.notNull(attributes2grantedAuthoritiesMap, "attributes2grantedAuthoritiesMap must be set");
Assert.notNull(this.attributes2grantedAuthoritiesMap, "attributes2grantedAuthoritiesMap must be set");
}
/**
@@ -57,7 +57,7 @@ public class MapBasedAttributes2GrantedAuthoritiesMapper
public List<GrantedAuthority> getGrantedAuthorities(Collection<String> attributes) {
ArrayList<GrantedAuthority> gaList = new ArrayList<>();
for (String attribute : attributes) {
Collection<GrantedAuthority> c = attributes2grantedAuthoritiesMap.get(attribute);
Collection<GrantedAuthority> c = this.attributes2grantedAuthoritiesMap.get(attribute);
if (c != null) {
gaList.addAll(c);
}
@@ -71,7 +71,7 @@ public class MapBasedAttributes2GrantedAuthoritiesMapper
* @return Returns the attributes2grantedAuthoritiesMap.
*/
public Map<String, Collection<GrantedAuthority>> getAttributes2grantedAuthoritiesMap() {
return attributes2grantedAuthoritiesMap;
return this.attributes2grantedAuthoritiesMap;
}
/**
@@ -83,7 +83,7 @@ public class MapBasedAttributes2GrantedAuthoritiesMapper
"A non-empty attributes2grantedAuthoritiesMap must be supplied");
this.attributes2grantedAuthoritiesMap = preProcessMap(attributes2grantedAuthoritiesMap);
mappableAttributes = Collections.unmodifiableSet(this.attributes2grantedAuthoritiesMap.keySet());
this.mappableAttributes = Collections.unmodifiableSet(this.attributes2grantedAuthoritiesMap.keySet());
}
/**
@@ -153,7 +153,7 @@ public class MapBasedAttributes2GrantedAuthoritiesMapper
}
private void addGrantedAuthorityCollection(Collection<GrantedAuthority> result, String value) {
StringTokenizer st = new StringTokenizer(value, stringSeparator, false);
StringTokenizer st = new StringTokenizer(value, this.stringSeparator, false);
while (st.hasMoreTokens()) {
String nextToken = st.nextToken();
if (StringUtils.hasText(nextToken)) {
@@ -167,14 +167,14 @@ public class MapBasedAttributes2GrantedAuthoritiesMapper
* @see org.springframework.security.core.authority.mapping.MappableAttributesRetriever#getMappableAttributes()
*/
public Set<String> getMappableAttributes() {
return mappableAttributes;
return this.mappableAttributes;
}
/**
* @return Returns the stringSeparator.
*/
public String getStringSeparator() {
return stringSeparator;
return this.stringSeparator;
}
/**
core/src/main/java/org/springframework/security/core/authority/mapping/SimpleAttributes2GrantedAuthoritiesMapper.java
+8 -8
View File
@@ -90,35 +90,35 @@ public class SimpleAttributes2GrantedAuthoritiesMapper
}
private boolean isConvertAttributeToLowerCase() {
return convertAttributeToLowerCase;
return this.convertAttributeToLowerCase;
}
public void setConvertAttributeToLowerCase(boolean b) {
convertAttributeToLowerCase = b;
this.convertAttributeToLowerCase = b;
}
private boolean isConvertAttributeToUpperCase() {
return convertAttributeToUpperCase;
return this.convertAttributeToUpperCase;
}
public void setConvertAttributeToUpperCase(boolean b) {
convertAttributeToUpperCase = b;
this.convertAttributeToUpperCase = b;
}
private String getAttributePrefix() {
return attributePrefix == null ? "" : attributePrefix;
return this.attributePrefix == null ? "" : this.attributePrefix;
}
public void setAttributePrefix(String string) {
attributePrefix = string;
this.attributePrefix = string;
}
private boolean isAddPrefixIfAlreadyExisting() {
return addPrefixIfAlreadyExisting;
return this.addPrefixIfAlreadyExisting;
}
public void setAddPrefixIfAlreadyExisting(boolean b) {
addPrefixIfAlreadyExisting = b;
this.addPrefixIfAlreadyExisting = b;
}
}
core/src/main/java/org/springframework/security/core/authority/mapping/SimpleAuthorityMapper.java
+7 -7
View File
@@ -43,7 +43,7 @@ public final class SimpleAuthorityMapper implements GrantedAuthoritiesMapper, In
private boolean convertToLowerCase = false;
public void afterPropertiesSet() {
Assert.isTrue(!(convertToUpperCase && convertToLowerCase),
Assert.isTrue(!(this.convertToUpperCase && this.convertToLowerCase),
"Either convertToUpperCase or convertToLowerCase can be set to true, but not both");
}
@@ -61,23 +61,23 @@ public final class SimpleAuthorityMapper implements GrantedAuthoritiesMapper, In
mapped.add(mapAuthority(authority.getAuthority()));
}
if (defaultAuthority != null) {
mapped.add(defaultAuthority);
if (this.defaultAuthority != null) {
mapped.add(this.defaultAuthority);
}
return mapped;
}
private GrantedAuthority mapAuthority(String name) {
if (convertToUpperCase) {
if (this.convertToUpperCase) {
name = name.toUpperCase();
}
else if (convertToLowerCase) {
else if (this.convertToLowerCase) {
name = name.toLowerCase();
}
if (prefix.length() > 0 && !name.startsWith(prefix)) {
name = prefix + name;
if (this.prefix.length() > 0 && !name.startsWith(this.prefix)) {
name = this.prefix + name;
}
return new SimpleGrantedAuthority(name);
core/src/main/java/org/springframework/security/core/context/SecurityContextImpl.java
+1 -1
View File
@@ -59,7 +59,7 @@ public class SecurityContextImpl implements SecurityContext {
@Override
public Authentication getAuthentication() {
return authentication;
return this.authentication;
}
@Override
core/src/main/java/org/springframework/security/core/session/SessionInformation.java
+4 -4
View File
@@ -63,19 +63,19 @@ public class SessionInformation implements Serializable {
}
public Date getLastRequest() {
return lastRequest;
return this.lastRequest;
}
public Object getPrincipal() {
return principal;
return this.principal;
}
public String getSessionId() {
return sessionId;
return this.sessionId;
}
public boolean isExpired() {
return expired;
return this.expired;
}
/**
core/src/main/java/org/springframework/security/core/token/DefaultToken.java
+8 -8
View File
@@ -43,17 +43,17 @@ public class DefaultToken implements Token {
@Override
public String getKey() {
return key;
return this.key;
}
@Override
public long getKeyCreationTime() {
return keyCreationTime;
return this.keyCreationTime;
}
@Override
public String getExtendedInformation() {
return extendedInformation;
return this.extendedInformation;
}
@Override
@@ -69,16 +69,16 @@ public class DefaultToken implements Token {
@Override
public int hashCode() {
int code = 979;
code = code * key.hashCode();
code = code * new Long(keyCreationTime).hashCode();
code = code * extendedInformation.hashCode();
code = code * this.key.hashCode();
code = code * new Long(this.keyCreationTime).hashCode();
code = code * this.extendedInformation.hashCode();
return code;
}
@Override
public String toString() {
return "DefaultToken[key=" + key + "; creation=" + new Date(keyCreationTime) + "; extended="
+ extendedInformation + "]";
return "DefaultToken[key=" + this.key + "; creation=" + new Date(this.keyCreationTime) + "; extended="
+ this.extendedInformation + "]";
}
}
core/src/main/java/org/springframework/security/core/token/KeyBasedPersistenceTokenService.java
+6 -6
View File
@@ -138,13 +138,13 @@ public class KeyBasedPersistenceTokenService implements TokenService, Initializi
* @return a pseduo random number (hex encoded)
*/
private String generatePseudoRandomNumber() {
byte[] randomBytes = new byte[pseudoRandomNumberBytes];
secureRandom.nextBytes(randomBytes);
byte[] randomBytes = new byte[this.pseudoRandomNumberBytes];
this.secureRandom.nextBytes(randomBytes);
return new String(Hex.encode(randomBytes));
}
private String computeServerSecretApplicableAt(long time) {
return serverSecret + ":" + new Long(time % serverInteger).intValue();
return this.serverSecret + ":" + new Long(time % this.serverInteger).intValue();
}
/**
@@ -173,9 +173,9 @@ public class KeyBasedPersistenceTokenService implements TokenService, Initializi
}
public void afterPropertiesSet() {
Assert.hasText(serverSecret, "Server secret required");
Assert.notNull(serverInteger, "Server integer required");
Assert.notNull(secureRandom, "SecureRandom instance required");
Assert.hasText(this.serverSecret, "Server secret required");
Assert.notNull(this.serverInteger, "Server integer required");
Assert.notNull(this.secureRandom, "SecureRandom instance required");
}
}
core/src/main/java/org/springframework/security/core/token/SecureRandomFactoryBean.java
+3 -3
View File
@@ -36,15 +36,15 @@ public class SecureRandomFactoryBean implements FactoryBean<SecureRandom> {
private Resource seed;
public SecureRandom getObject() throws Exception {
SecureRandom rnd = SecureRandom.getInstance(algorithm);
SecureRandom rnd = SecureRandom.getInstance(this.algorithm);
// Request the next bytes, thus eagerly incurring the expense of default
// seeding and to prevent the see from replacing the entire state
rnd.nextBytes(new byte[1]);
if (seed != null) {
if (this.seed != null) {
// Seed specified, so use it
byte[] seedBytes = FileCopyUtils.copyToByteArray(seed.getInputStream());
byte[] seedBytes = FileCopyUtils.copyToByteArray(this.seed.getInputStream());
rnd.setSeed(seedBytes);
}
core/src/main/java/org/springframework/security/core/userdetails/MapReactiveUserDetailsService.java
+1 -1
View File
@@ -66,7 +66,7 @@ public class MapReactiveUserDetailsService implements ReactiveUserDetailsService
@Override
public Mono<UserDetails> findByUsername(String username) {
String key = getKey(username);
UserDetails result = users.get(key);
UserDetails result = this.users.get(key);
return result == null ? Mono.empty() : Mono.just(User.withUserDetails(result).build());
}
core/src/main/java/org/springframework/security/core/userdetails/User.java
+15 -15
View File
@@ -122,35 +122,35 @@ public class User implements UserDetails, CredentialsContainer {
}
public Collection<GrantedAuthority> getAuthorities() {
return authorities;
return this.authorities;
}
public String getPassword() {
return password;
return this.password;
}
public String getUsername() {
return username;
return this.username;
}
public boolean isEnabled() {
return enabled;
return this.enabled;
}
public boolean isAccountNonExpired() {
return accountNonExpired;
return this.accountNonExpired;
}
public boolean isAccountNonLocked() {
return accountNonLocked;
return this.accountNonLocked;
}
public boolean isCredentialsNonExpired() {
return credentialsNonExpired;
return this.credentialsNonExpired;
}
public void eraseCredentials() {
password = null;
this.password = null;
}
private static SortedSet<GrantedAuthority> sortAuthorities(Collection<? extends GrantedAuthority> authorities) {
@@ -199,7 +199,7 @@ public class User implements UserDetails, CredentialsContainer {
@Override
public boolean equals(Object rhs) {
if (rhs instanceof User) {
return username.equals(((User) rhs).username);
return this.username.equals(((User) rhs).username);
}
return false;
}
@@ -209,7 +209,7 @@ public class User implements UserDetails, CredentialsContainer {
*/
@Override
public int hashCode() {
return username.hashCode();
return this.username.hashCode();
}
@Override
@@ -223,11 +223,11 @@ public class User implements UserDetails, CredentialsContainer {
sb.append("credentialsNonExpired: ").append(this.credentialsNonExpired).append("; ");
sb.append("AccountNonLocked: ").append(this.accountNonLocked).append("; ");
if (!authorities.isEmpty()) {
if (!this.authorities.isEmpty()) {
sb.append("Granted Authorities: ");
boolean first = true;
for (GrantedAuthority auth : authorities) {
for (GrantedAuthority auth : this.authorities) {
if (!first) {
sb.append(",");
}
@@ -511,9 +511,9 @@ public class User implements UserDetails, CredentialsContainer {
}
public UserDetails build() {
String encodedPassword = this.passwordEncoder.apply(password);
return new User(username, encodedPassword, !disabled, !accountExpired, !credentialsExpired, !accountLocked,
authorities);
String encodedPassword = this.passwordEncoder.apply(this.password);
return new User(this.username, encodedPassword, !this.disabled, !this.accountExpired,
!this.credentialsExpired, !this.accountLocked, this.authorities);
}
}
core/src/main/java/org/springframework/security/core/userdetails/cache/EhCacheBasedUserCache.java
Vendored
+5 -5
View File
@@ -39,15 +39,15 @@ public class EhCacheBasedUserCache implements UserCache, InitializingBean {
private Ehcache cache;
public void afterPropertiesSet() {
Assert.notNull(cache, "cache mandatory");
Assert.notNull(this.cache, "cache mandatory");
}
public Ehcache getCache() {
return cache;
return this.cache;
}
public UserDetails getUserFromCache(String username) {
Element element = cache.get(username);
Element element = this.cache.get(username);
if (logger.isDebugEnabled()) {
logger.debug("Cache hit: " + (element != null) + "; username: " + username);
@@ -68,7 +68,7 @@ public class EhCacheBasedUserCache implements UserCache, InitializingBean {
logger.debug("Cache put: " + element.getKey());
}
cache.put(element);
this.cache.put(element);
}
public void removeUserFromCache(UserDetails user) {
@@ -80,7 +80,7 @@ public class EhCacheBasedUserCache implements UserCache, InitializingBean {
}
public void removeUserFromCache(String username) {
cache.remove(username);
this.cache.remove(username);
}
public void setCache(Ehcache cache) {
core/src/main/java/org/springframework/security/core/userdetails/cache/SpringCacheBasedUserCache.java
Vendored
+3 -3
View File
@@ -41,7 +41,7 @@ public class SpringCacheBasedUserCache implements UserCache {
}
public UserDetails getUserFromCache(String username) {
Cache.ValueWrapper element = username != null ? cache.get(username) : null;
Cache.ValueWrapper element = username != null ? this.cache.get(username) : null;
if (logger.isDebugEnabled()) {
logger.debug("Cache hit: " + (element != null) + "; username: " + username);
@@ -59,7 +59,7 @@ public class SpringCacheBasedUserCache implements UserCache {
if (logger.isDebugEnabled()) {
logger.debug("Cache put: " + user.getUsername());
}
cache.put(user.getUsername(), user);
this.cache.put(user.getUsername(), user);
}
public void removeUserFromCache(UserDetails user) {
@@ -71,7 +71,7 @@ public class SpringCacheBasedUserCache implements UserCache {
}
public void removeUserFromCache(String username) {
cache.evict(username);
this.cache.evict(username);
}
}
core/src/main/java/org/springframework/security/core/userdetails/memory/UserAttribute.java
+3 -3
View File
@@ -68,15 +68,15 @@ public class UserAttribute {
}
public String getPassword() {
return password;
return this.password;
}
public boolean isEnabled() {
return enabled;
return this.enabled;
}
public boolean isValid() {
if ((this.password != null) && (authorities.size() > 0)) {
if ((this.password != null) && (this.authorities.size() > 0)) {
return true;
}
else {
core/src/main/java/org/springframework/security/jackson2/SecurityJackson2Modules.java
+7 -7
View File
@@ -208,28 +208,28 @@ public final class SecurityJackson2Modules {
@Override
public void init(JavaType baseType) {
delegate.init(baseType);
this.delegate.init(baseType);
}
@Override
public String idFromValue(Object value) {
return delegate.idFromValue(value);
return this.delegate.idFromValue(value);
}
@Override
public String idFromValueAndType(Object value, Class<?> suggestedType) {
return delegate.idFromValueAndType(value, suggestedType);
return this.delegate.idFromValueAndType(value, suggestedType);
}
@Override
public String idFromBaseType() {
return delegate.idFromBaseType();
return this.delegate.idFromBaseType();
}
@Override
public JavaType typeFromId(DatabindContext context, String id) throws IOException {
DeserializationConfig config = (DeserializationConfig) context.getConfig();
JavaType result = delegate.typeFromId(context, id);
JavaType result = this.delegate.typeFromId(context, id);
String className = result.getRawClass().getName();
if (isInAllowlist(className)) {
return result;
@@ -256,12 +256,12 @@ public final class SecurityJackson2Modules {
@Override
public String getDescForKnownTypeIds() {
return delegate.getDescForKnownTypeIds();
return this.delegate.getDescForKnownTypeIds();
}
@Override
public JsonTypeInfo.Id getMechanism() {
return delegate.getMechanism();
return this.delegate.getMechanism();
}
}
core/src/main/java/org/springframework/security/provisioning/InMemoryUserDetailsManager.java
+11 -11
View File
@@ -87,21 +87,21 @@ public class InMemoryUserDetailsManager implements UserDetailsManager, UserDetai
public void createUser(UserDetails user) {
Assert.isTrue(!userExists(user.getUsername()), "user should not exist");
users.put(user.getUsername().toLowerCase(), new MutableUser(user));
this.users.put(user.getUsername().toLowerCase(), new MutableUser(user));
}
public void deleteUser(String username) {
users.remove(username.toLowerCase());
this.users.remove(username.toLowerCase());
}
public void updateUser(UserDetails user) {
Assert.isTrue(userExists(user.getUsername()), "user should exist");
users.put(user.getUsername().toLowerCase(), new MutableUser(user));
this.users.put(user.getUsername().toLowerCase(), new MutableUser(user));
}
public boolean userExists(String username) {
return users.containsKey(username.toLowerCase());
return this.users.containsKey(username.toLowerCase());
}
public void changePassword(String oldPassword, String newPassword) {
@@ -115,20 +115,20 @@ public class InMemoryUserDetailsManager implements UserDetailsManager, UserDetai
String username = currentUser.getName();
logger.debug("Changing password for user '" + username + "'");
this.logger.debug("Changing password for user '" + username + "'");
// If an authentication manager has been set, re-authenticate the user with the
// supplied password.
if (authenticationManager != null) {
logger.debug("Reauthenticating user '" + username + "' for password change request.");
if (this.authenticationManager != null) {
this.logger.debug("Reauthenticating user '" + username + "' for password change request.");
authenticationManager.authenticate(new UsernamePasswordAuthenticationToken(username, oldPassword));
this.authenticationManager.authenticate(new UsernamePasswordAuthenticationToken(username, oldPassword));
}
else {
logger.debug("No authentication manager set. Password won't be re-checked.");
this.logger.debug("No authentication manager set. Password won't be re-checked.");
}
MutableUserDetails user = users.get(username);
MutableUserDetails user = this.users.get(username);
if (user == null) {
throw new IllegalStateException("Current user doesn't exist in database.");
@@ -146,7 +146,7 @@ public class InMemoryUserDetailsManager implements UserDetailsManager, UserDetai
}
public UserDetails loadUserByUsername(String username) throws UsernameNotFoundException {
UserDetails user = users.get(username.toLowerCase());
UserDetails user = this.users.get(username.toLowerCase());
if (user == null) {
throw new UsernameNotFoundException(username);
core/src/main/java/org/springframework/security/provisioning/JdbcUserDetailsManager.java
+42 -41
View File
@@ -157,8 +157,8 @@ public class JdbcUserDetailsManager extends JdbcDaoImpl implements UserDetailsMa
}
protected void initDao() throws ApplicationContextException {
if (authenticationManager == null) {
logger.info("No authentication manager set. Reauthentication of users when changing passwords will "
if (this.authenticationManager == null) {
this.logger.info("No authentication manager set. Reauthentication of users when changing passwords will "
+ "not be performed.");
}
@@ -194,7 +194,7 @@ public class JdbcUserDetailsManager extends JdbcDaoImpl implements UserDetailsMa
public void createUser(final UserDetails user) {
validateUserDetails(user);
getJdbcTemplate().update(createUserSql, ps -> {
getJdbcTemplate().update(this.createUserSql, ps -> {
ps.setString(1, user.getUsername());
ps.setString(2, user.getPassword());
ps.setBoolean(3, user.isEnabled());
@@ -216,7 +216,7 @@ public class JdbcUserDetailsManager extends JdbcDaoImpl implements UserDetailsMa
public void updateUser(final UserDetails user) {
validateUserDetails(user);
getJdbcTemplate().update(updateUserSql, ps -> {
getJdbcTemplate().update(this.updateUserSql, ps -> {
ps.setString(1, user.getPassword());
ps.setBoolean(2, user.isEnabled());
@@ -240,12 +240,12 @@ public class JdbcUserDetailsManager extends JdbcDaoImpl implements UserDetailsMa
insertUserAuthorities(user);
}
userCache.removeUserFromCache(user.getUsername());
this.userCache.removeUserFromCache(user.getUsername());
}
private void insertUserAuthorities(UserDetails user) {
for (GrantedAuthority auth : user.getAuthorities()) {
getJdbcTemplate().update(createAuthoritySql, user.getUsername(), auth.getAuthority());
getJdbcTemplate().update(this.createAuthoritySql, user.getUsername(), auth.getAuthority());
}
}
@@ -253,12 +253,12 @@ public class JdbcUserDetailsManager extends JdbcDaoImpl implements UserDetailsMa
if (getEnableAuthorities()) {
deleteUserAuthorities(username);
}
getJdbcTemplate().update(deleteUserSql, username);
userCache.removeUserFromCache(username);
getJdbcTemplate().update(this.deleteUserSql, username);
this.userCache.removeUserFromCache(username);
}
private void deleteUserAuthorities(String username) {
getJdbcTemplate().update(deleteUserAuthoritiesSql, username);
getJdbcTemplate().update(this.deleteUserAuthoritiesSql, username);
}
public void changePassword(String oldPassword, String newPassword) throws AuthenticationException {
@@ -274,22 +274,22 @@ public class JdbcUserDetailsManager extends JdbcDaoImpl implements UserDetailsMa
// If an authentication manager has been set, re-authenticate the user with the
// supplied password.
if (authenticationManager != null) {
logger.debug("Reauthenticating user '" + username + "' for password change request.");
if (this.authenticationManager != null) {
this.logger.debug("Reauthenticating user '" + username + "' for password change request.");
authenticationManager.authenticate(new UsernamePasswordAuthenticationToken(username, oldPassword));
this.authenticationManager.authenticate(new UsernamePasswordAuthenticationToken(username, oldPassword));
}
else {
logger.debug("No authentication manager set. Password won't be re-checked.");
this.logger.debug("No authentication manager set. Password won't be re-checked.");
}
logger.debug("Changing password for user '" + username + "'");
this.logger.debug("Changing password for user '" + username + "'");
getJdbcTemplate().update(changePasswordSql, newPassword, username);
getJdbcTemplate().update(this.changePasswordSql, newPassword, username);
SecurityContextHolder.getContext().setAuthentication(createNewAuthentication(currentUser, newPassword));
userCache.removeUserFromCache(username);
this.userCache.removeUserFromCache(username);
}
protected Authentication createNewAuthentication(Authentication currentAuth, String newPassword) {
@@ -303,7 +303,8 @@ public class JdbcUserDetailsManager extends JdbcDaoImpl implements UserDetailsMa
}
public boolean userExists(String username) {
List<String> users = getJdbcTemplate().queryForList(userExistsSql, new String[] { username }, String.class);
List<String> users = getJdbcTemplate().queryForList(this.userExistsSql, new String[] { username },
String.class);
if (users.size() > 1) {
throw new IncorrectResultSizeDataAccessException("More than one user found with name '" + username + "'",
@@ -314,28 +315,28 @@ public class JdbcUserDetailsManager extends JdbcDaoImpl implements UserDetailsMa
}
public List<String> findAllGroups() {
return getJdbcTemplate().queryForList(findAllGroupsSql, String.class);
return getJdbcTemplate().queryForList(this.findAllGroupsSql, String.class);
}
public List<String> findUsersInGroup(String groupName) {
Assert.hasText(groupName, "groupName should have text");
return getJdbcTemplate().queryForList(findUsersInGroupSql, new String[] { groupName }, String.class);
return getJdbcTemplate().queryForList(this.findUsersInGroupSql, new String[] { groupName }, String.class);
}
public void createGroup(final String groupName, final List<GrantedAuthority> authorities) {
Assert.hasText(groupName, "groupName should have text");
Assert.notNull(authorities, "authorities cannot be null");
logger.debug("Creating new group '" + groupName + "' with authorities "
this.logger.debug("Creating new group '" + groupName + "' with authorities "
+ AuthorityUtils.authorityListToSet(authorities));
getJdbcTemplate().update(insertGroupSql, groupName);
getJdbcTemplate().update(this.insertGroupSql, groupName);
final int groupId = findGroupId(groupName);
for (GrantedAuthority a : authorities) {
final String authority = a.getAuthority();
getJdbcTemplate().update(insertGroupAuthoritySql, ps -> {
getJdbcTemplate().update(this.insertGroupAuthoritySql, ps -> {
ps.setInt(1, groupId);
ps.setString(2, authority);
});
@@ -343,58 +344,58 @@ public class JdbcUserDetailsManager extends JdbcDaoImpl implements UserDetailsMa
}
public void deleteGroup(String groupName) {
logger.debug("Deleting group '" + groupName + "'");
this.logger.debug("Deleting group '" + groupName + "'");
Assert.hasText(groupName, "groupName should have text");
final int id = findGroupId(groupName);
PreparedStatementSetter groupIdPSS = ps -> ps.setInt(1, id);
getJdbcTemplate().update(deleteGroupMembersSql, groupIdPSS);
getJdbcTemplate().update(deleteGroupAuthoritiesSql, groupIdPSS);
getJdbcTemplate().update(deleteGroupSql, groupIdPSS);
getJdbcTemplate().update(this.deleteGroupMembersSql, groupIdPSS);
getJdbcTemplate().update(this.deleteGroupAuthoritiesSql, groupIdPSS);
getJdbcTemplate().update(this.deleteGroupSql, groupIdPSS);
}
public void renameGroup(String oldName, String newName) {
logger.debug("Changing group name from '" + oldName + "' to '" + newName + "'");
this.logger.debug("Changing group name from '" + oldName + "' to '" + newName + "'");
Assert.hasText(oldName, "oldName should have text");
Assert.hasText(newName, "newName should have text");
getJdbcTemplate().update(renameGroupSql, newName, oldName);
getJdbcTemplate().update(this.renameGroupSql, newName, oldName);
}
public void addUserToGroup(final String username, final String groupName) {
logger.debug("Adding user '" + username + "' to group '" + groupName + "'");
this.logger.debug("Adding user '" + username + "' to group '" + groupName + "'");
Assert.hasText(username, "username should have text");
Assert.hasText(groupName, "groupName should have text");
final int id = findGroupId(groupName);
getJdbcTemplate().update(insertGroupMemberSql, ps -> {
getJdbcTemplate().update(this.insertGroupMemberSql, ps -> {
ps.setInt(1, id);
ps.setString(2, username);
});
userCache.removeUserFromCache(username);
this.userCache.removeUserFromCache(username);
}
public void removeUserFromGroup(final String username, final String groupName) {
logger.debug("Removing user '" + username + "' to group '" + groupName + "'");
this.logger.debug("Removing user '" + username + "' to group '" + groupName + "'");
Assert.hasText(username, "username should have text");
Assert.hasText(groupName, "groupName should have text");
final int id = findGroupId(groupName);
getJdbcTemplate().update(deleteGroupMemberSql, ps -> {
getJdbcTemplate().update(this.deleteGroupMemberSql, ps -> {
ps.setInt(1, id);
ps.setString(2, username);
});
userCache.removeUserFromCache(username);
this.userCache.removeUserFromCache(username);
}
public List<GrantedAuthority> findGroupAuthorities(String groupName) {
logger.debug("Loading authorities for group '" + groupName + "'");
this.logger.debug("Loading authorities for group '" + groupName + "'");
Assert.hasText(groupName, "groupName should have text");
return getJdbcTemplate().query(groupAuthoritiesSql, new String[] { groupName }, (rs, rowNum) -> {
return getJdbcTemplate().query(this.groupAuthoritiesSql, new String[] { groupName }, (rs, rowNum) -> {
String roleName = getRolePrefix() + rs.getString(3);
return new SimpleGrantedAuthority(roleName);
@@ -402,32 +403,32 @@ public class JdbcUserDetailsManager extends JdbcDaoImpl implements UserDetailsMa
}
public void removeGroupAuthority(String groupName, final GrantedAuthority authority) {
logger.debug("Removing authority '" + authority + "' from group '" + groupName + "'");
this.logger.debug("Removing authority '" + authority + "' from group '" + groupName + "'");
Assert.hasText(groupName, "groupName should have text");
Assert.notNull(authority, "authority cannot be null");
final int id = findGroupId(groupName);
getJdbcTemplate().update(deleteGroupAuthoritySql, ps -> {
getJdbcTemplate().update(this.deleteGroupAuthoritySql, ps -> {
ps.setInt(1, id);
ps.setString(2, authority.getAuthority());
});
}
public void addGroupAuthority(final String groupName, final GrantedAuthority authority) {
logger.debug("Adding authority '" + authority + "' to group '" + groupName + "'");
this.logger.debug("Adding authority '" + authority + "' to group '" + groupName + "'");
Assert.hasText(groupName, "groupName should have text");
Assert.notNull(authority, "authority cannot be null");
final int id = findGroupId(groupName);
getJdbcTemplate().update(insertGroupAuthoritySql, ps -> {
getJdbcTemplate().update(this.insertGroupAuthoritySql, ps -> {
ps.setInt(1, id);
ps.setString(2, authority.getAuthority());
});
}
private int findGroupId(String group) {
return getJdbcTemplate().queryForObject(findGroupIdSql, Integer.class, group);
return getJdbcTemplate().queryForObject(this.findGroupIdSql, Integer.class, group);
}
public void setAuthenticationManager(AuthenticationManager authenticationManager) {
core/src/main/java/org/springframework/security/provisioning/MutableUser.java
+7 -7
View File
@@ -39,7 +39,7 @@ class MutableUser implements MutableUserDetails {
}
public String getPassword() {
return password;
return this.password;
}
public void setPassword(String password) {
@@ -47,27 +47,27 @@ class MutableUser implements MutableUserDetails {
}
public Collection<? extends GrantedAuthority> getAuthorities() {
return delegate.getAuthorities();
return this.delegate.getAuthorities();
}
public String getUsername() {
return delegate.getUsername();
return this.delegate.getUsername();
}
public boolean isAccountNonExpired() {
return delegate.isAccountNonExpired();
return this.delegate.isAccountNonExpired();
}
public boolean isAccountNonLocked() {
return delegate.isAccountNonLocked();
return this.delegate.isAccountNonLocked();
}
public boolean isCredentialsNonExpired() {
return delegate.isCredentialsNonExpired();
return this.delegate.isCredentialsNonExpired();
}
public boolean isEnabled() {
return delegate.isEnabled();
return this.delegate.isEnabled();
}
}
core/src/main/java/org/springframework/security/scheduling/DelegatingSecurityContextTaskScheduler.java
+6 -6
View File
@@ -44,32 +44,32 @@ public class DelegatingSecurityContextTaskScheduler implements TaskScheduler {
@Override
public ScheduledFuture<?> schedule(Runnable task, Trigger trigger) {
return taskScheduler.schedule(task, trigger);
return this.taskScheduler.schedule(task, trigger);
}
@Override
public ScheduledFuture<?> schedule(Runnable task, Date startTime) {
return taskScheduler.schedule(task, startTime);
return this.taskScheduler.schedule(task, startTime);
}
@Override
public ScheduledFuture<?> scheduleAtFixedRate(Runnable task, Date startTime, long period) {
return taskScheduler.scheduleAtFixedRate(task, startTime, period);
return this.taskScheduler.scheduleAtFixedRate(task, startTime, period);
}
@Override
public ScheduledFuture<?> scheduleAtFixedRate(Runnable task, long period) {
return taskScheduler.scheduleAtFixedRate(task, period);
return this.taskScheduler.scheduleAtFixedRate(task, period);
}
@Override
public ScheduledFuture<?> scheduleWithFixedDelay(Runnable task, Date startTime, long delay) {
return taskScheduler.scheduleWithFixedDelay(task, startTime, delay);
return this.taskScheduler.scheduleWithFixedDelay(task, startTime, delay);
}
@Override
public ScheduledFuture<?> scheduleWithFixedDelay(Runnable task, long delay) {
return taskScheduler.scheduleWithFixedDelay(task, delay);
return this.taskScheduler.scheduleWithFixedDelay(task, delay);
}
}
core/src/main/java/org/springframework/security/util/InMemoryResource.java
+3 -3
View File
@@ -54,12 +54,12 @@ public class InMemoryResource extends AbstractResource {
@Override
public String getDescription() {
return description;
return this.description;
}
@Override
public InputStream getInputStream() {
return new ByteArrayInputStream(source);
return new ByteArrayInputStream(this.source);
}
@Override
@@ -73,7 +73,7 @@ public class InMemoryResource extends AbstractResource {
return false;
}
return Arrays.equals(source, ((InMemoryResource) res).source);
return Arrays.equals(this.source, ((InMemoryResource) res).source);
}
}
core/src/main/java/org/springframework/security/util/SimpleMethodInvocation.java
+3 -3
View File
@@ -44,11 +44,11 @@ public class SimpleMethodInvocation implements MethodInvocation {
}
public Object[] getArguments() {
return arguments;
return this.arguments;
}
public Method getMethod() {
return method;
return this.method;
}
public AccessibleObject getStaticPart() {
@@ -56,7 +56,7 @@ public class SimpleMethodInvocation implements MethodInvocation {
}
public Object getThis() {
return targetObject;
return this.targetObject;
}
public Object proceed() {
core/src/test/java/org/springframework/security/TestDataSource.java
+3 -3
View File
@@ -30,8 +30,8 @@ public class TestDataSource extends DriverManagerDataSource implements Disposabl
String name;
public TestDataSource(String databaseName) {
name = databaseName;
System.out.println("Creating database: " + name);
this.name = databaseName;
System.out.println("Creating database: " + this.name);
setDriverClassName("org.hsqldb.jdbcDriver");
setUrl("jdbc:hsqldb:mem:" + databaseName);
setUsername("sa");
@@ -39,7 +39,7 @@ public class TestDataSource extends DriverManagerDataSource implements Disposabl
}
public void destroy() {
System.out.println("Shutting down database: " + name);
System.out.println("Shutting down database: " + this.name);
new JdbcTemplate(this).execute("SHUTDOWN");
}
core/src/test/java/org/springframework/security/access/AuthorizationFailureEventTests.java
+9 -8
View File
@@ -41,30 +41,31 @@ public class AuthorizationFailureEventTests {
@Test(expected = IllegalArgumentException.class)
public void rejectsNullSecureObject() {
new AuthorizationFailureEvent(null, attributes, foo, exception);
new AuthorizationFailureEvent(null, this.attributes, this.foo, this.exception);
}
@Test(expected = IllegalArgumentException.class)
public void rejectsNullAttributesList() {
new AuthorizationFailureEvent(new SimpleMethodInvocation(), null, foo, exception);
new AuthorizationFailureEvent(new SimpleMethodInvocation(), null, this.foo, this.exception);
}
@Test(expected = IllegalArgumentException.class)
public void rejectsNullAuthentication() {
new AuthorizationFailureEvent(new SimpleMethodInvocation(), attributes, null, exception);
new AuthorizationFailureEvent(new SimpleMethodInvocation(), this.attributes, null, this.exception);
}
@Test(expected = IllegalArgumentException.class)
public void rejectsNullException() {
new AuthorizationFailureEvent(new SimpleMethodInvocation(), attributes, foo, null);
new AuthorizationFailureEvent(new SimpleMethodInvocation(), this.attributes, this.foo, null);
}
@Test
public void gettersReturnCtorSuppliedData() {
AuthorizationFailureEvent event = new AuthorizationFailureEvent(new Object(), attributes, foo, exception);
assertThat(event.getConfigAttributes()).isSameAs(attributes);
assertThat(event.getAccessDeniedException()).isSameAs(exception);
assertThat(event.getAuthentication()).isSameAs(foo);
AuthorizationFailureEvent event = new AuthorizationFailureEvent(new Object(), this.attributes, this.foo,
this.exception);
assertThat(event.getConfigAttributes()).isSameAs(this.attributes);
assertThat(event.getAccessDeniedException()).isSameAs(this.exception);
assertThat(event.getAuthentication()).isSameAs(this.foo);
}
}
core/src/test/java/org/springframework/security/access/annotation/SecuredAnnotationSecurityMetadataSourceTests.java
+5 -5
View File
@@ -62,7 +62,7 @@ public class SecuredAnnotationSecurityMetadataSourceTests {
fail("Should be a superMethod called 'someUserMethod3' on class!");
}
Collection<ConfigAttribute> attrs = mds.findAttributes(method, DepartmentServiceImpl.class);
Collection<ConfigAttribute> attrs = this.mds.findAttributes(method, DepartmentServiceImpl.class);
assertThat(attrs).isNotNull();
@@ -160,7 +160,7 @@ public class SecuredAnnotationSecurityMetadataSourceTests {
MockMethodInvocation annotatedAtClassLevel = new MockMethodInvocation(new AnnotatedAnnotationAtClassLevel(),
ReturnVoid.class, "doSomething", List.class);
ConfigAttribute[] attrs = mds.getAttributes(annotatedAtClassLevel).toArray(new ConfigAttribute[0]);
ConfigAttribute[] attrs = this.mds.getAttributes(annotatedAtClassLevel).toArray(new ConfigAttribute[0]);
assertThat(attrs).hasSize(1);
assertThat(attrs).extracting("attribute").containsOnly("CUSTOM");
@@ -171,7 +171,7 @@ public class SecuredAnnotationSecurityMetadataSourceTests {
MockMethodInvocation annotatedAtInterfaceLevel = new MockMethodInvocation(
new AnnotatedAnnotationAtInterfaceLevel(), ReturnVoid2.class, "doSomething", List.class);
ConfigAttribute[] attrs = mds.getAttributes(annotatedAtInterfaceLevel).toArray(new ConfigAttribute[0]);
ConfigAttribute[] attrs = this.mds.getAttributes(annotatedAtInterfaceLevel).toArray(new ConfigAttribute[0]);
assertThat(attrs).hasSize(1);
assertThat(attrs).extracting("attribute").containsOnly("CUSTOM");
@@ -181,7 +181,7 @@ public class SecuredAnnotationSecurityMetadataSourceTests {
public void annotatedAnnotationAtMethodLevelIsDetected() throws Exception {
MockMethodInvocation annotatedAtMethodLevel = new MockMethodInvocation(new AnnotatedAnnotationAtMethodLevel(),
ReturnVoid.class, "doSomething", List.class);
ConfigAttribute[] attrs = mds.getAttributes(annotatedAtMethodLevel).toArray(new ConfigAttribute[0]);
ConfigAttribute[] attrs = this.mds.getAttributes(annotatedAtMethodLevel).toArray(new ConfigAttribute[0]);
assertThat(attrs).hasSize(1);
assertThat(attrs).extracting("attribute").containsOnly("CUSTOM");
@@ -190,7 +190,7 @@ public class SecuredAnnotationSecurityMetadataSourceTests {
@Test
public void proxyFactoryInterfaceAttributesFound() throws Exception {
MockMethodInvocation mi = MethodInvocationFactory.createSec2150MethodInvocation();
Collection<ConfigAttribute> attributes = mds.getAttributes(mi);
Collection<ConfigAttribute> attributes = this.mds.getAttributes(mi);
assertThat(attributes).hasSize(1);
assertThat(attributes).extracting("attribute").containsOnly("ROLE_PERSON");
}
core/src/test/java/org/springframework/security/access/expression/AbstractSecurityExpressionHandlerTests.java
+8 -7
View File
@@ -37,7 +37,7 @@ public class AbstractSecurityExpressionHandlerTests {
@Before
public void setUp() {
handler = new AbstractSecurityExpressionHandler<Object>() {
this.handler = new AbstractSecurityExpressionHandler<Object>() {
@Override
protected SecurityExpressionOperations createSecurityExpressionRoot(Authentication authentication,
Object o) {
@@ -49,23 +49,24 @@ public class AbstractSecurityExpressionHandlerTests {
@Test
public void beanNamesAreCorrectlyResolved() {
handler.setApplicationContext(new AnnotationConfigApplicationContext(TestConfiguration.class));
this.handler.setApplicationContext(new AnnotationConfigApplicationContext(TestConfiguration.class));
Expression expression = handler.getExpressionParser().parseExpression("@number10.compareTo(@number20) < 0");
assertThat(expression.getValue(handler.createEvaluationContext(mock(Authentication.class), new Object())))
Expression expression = this.handler.getExpressionParser()
.parseExpression("@number10.compareTo(@number20) < 0");
assertThat(expression.getValue(this.handler.createEvaluationContext(mock(Authentication.class), new Object())))
.isEqualTo(true);
}
@Test(expected = IllegalArgumentException.class)
public void setExpressionParserNull() {
handler.setExpressionParser(null);
this.handler.setExpressionParser(null);
}
@Test
public void setExpressionParser() {
SpelExpressionParser parser = new SpelExpressionParser();
handler.setExpressionParser(parser);
assertThat(parser == handler.getExpressionParser()).isTrue();
this.handler.setExpressionParser(parser);
assertThat(parser == this.handler.getExpressionParser()).isTrue();
}
}
core/src/test/java/org/springframework/security/access/expression/SecurityExpressionRootTests.java
+37 -37
View File
@@ -39,58 +39,58 @@ public class SecurityExpressionRootTests {
@Before
public void setup() {
root = new SecurityExpressionRoot(JOE) {
this.root = new SecurityExpressionRoot(JOE) {
};
}
@Test
public void denyAllIsFalsePermitAllTrue() {
assertThat(root.denyAll()).isFalse();
assertThat(root.denyAll).isFalse();
assertThat(root.permitAll()).isTrue();
assertThat(root.permitAll).isTrue();
assertThat(this.root.denyAll()).isFalse();
assertThat(this.root.denyAll).isFalse();
assertThat(this.root.permitAll()).isTrue();
assertThat(this.root.permitAll).isTrue();
}
@Test
public void rememberMeIsCorrectlyDetected() {
AuthenticationTrustResolver atr = mock(AuthenticationTrustResolver.class);
root.setTrustResolver(atr);
this.root.setTrustResolver(atr);
when(atr.isRememberMe(JOE)).thenReturn(true);
assertThat(root.isRememberMe()).isTrue();
assertThat(root.isFullyAuthenticated()).isFalse();
assertThat(this.root.isRememberMe()).isTrue();
assertThat(this.root.isFullyAuthenticated()).isFalse();
}
@Test
public void roleHierarchySupportIsCorrectlyUsedInEvaluatingRoles() {
root.setRoleHierarchy(authorities -> AuthorityUtils.createAuthorityList("ROLE_C"));
this.root.setRoleHierarchy(authorities -> AuthorityUtils.createAuthorityList("ROLE_C"));
assertThat(root.hasRole("C")).isTrue();
assertThat(root.hasAuthority("ROLE_C")).isTrue();
assertThat(root.hasRole("A")).isFalse();
assertThat(root.hasRole("B")).isFalse();
assertThat(root.hasAnyRole("C", "A", "B")).isTrue();
assertThat(root.hasAnyAuthority("ROLE_C", "ROLE_A", "ROLE_B")).isTrue();
assertThat(root.hasAnyRole("A", "B")).isFalse();
assertThat(this.root.hasRole("C")).isTrue();
assertThat(this.root.hasAuthority("ROLE_C")).isTrue();
assertThat(this.root.hasRole("A")).isFalse();
assertThat(this.root.hasRole("B")).isFalse();
assertThat(this.root.hasAnyRole("C", "A", "B")).isTrue();
assertThat(this.root.hasAnyAuthority("ROLE_C", "ROLE_A", "ROLE_B")).isTrue();
assertThat(this.root.hasAnyRole("A", "B")).isFalse();
}
@Test
public void hasRoleAddsDefaultPrefix() {
assertThat(root.hasRole("A")).isTrue();
assertThat(root.hasRole("NO")).isFalse();
assertThat(this.root.hasRole("A")).isTrue();
assertThat(this.root.hasRole("NO")).isFalse();
}
@Test
public void hasRoleEmptyPrefixDoesNotAddsDefaultPrefix() {
root.setDefaultRolePrefix("");
assertThat(root.hasRole("A")).isFalse();
assertThat(root.hasRole("ROLE_A")).isTrue();
this.root.setDefaultRolePrefix("");
assertThat(this.root.hasRole("A")).isFalse();
assertThat(this.root.hasRole("ROLE_A")).isTrue();
}
@Test
public void hasRoleNullPrefixDoesNotAddsDefaultPrefix() {
root.setDefaultRolePrefix(null);
assertThat(root.hasRole("A")).isFalse();
assertThat(root.hasRole("ROLE_A")).isTrue();
this.root.setDefaultRolePrefix(null);
assertThat(this.root.hasRole("A")).isFalse();
assertThat(this.root.hasRole("ROLE_A")).isTrue();
}
@Test
@@ -104,35 +104,35 @@ public class SecurityExpressionRootTests {
@Test
public void hasAnyRoleAddsDefaultPrefix() {
assertThat(root.hasAnyRole("NO", "A")).isTrue();
assertThat(root.hasAnyRole("NO", "NOT")).isFalse();
assertThat(this.root.hasAnyRole("NO", "A")).isTrue();
assertThat(this.root.hasAnyRole("NO", "NOT")).isFalse();
}
@Test
public void hasAnyRoleDoesNotAddDefaultPrefixForAlreadyPrefixedRoles() {
assertThat(root.hasAnyRole("ROLE_NO", "ROLE_A")).isTrue();
assertThat(root.hasAnyRole("ROLE_NO", "ROLE_NOT")).isFalse();
assertThat(this.root.hasAnyRole("ROLE_NO", "ROLE_A")).isTrue();
assertThat(this.root.hasAnyRole("ROLE_NO", "ROLE_NOT")).isFalse();
}
@Test
public void hasAnyRoleEmptyPrefixDoesNotAddsDefaultPrefix() {
root.setDefaultRolePrefix("");
assertThat(root.hasRole("A")).isFalse();
assertThat(root.hasRole("ROLE_A")).isTrue();
this.root.setDefaultRolePrefix("");
assertThat(this.root.hasRole("A")).isFalse();
assertThat(this.root.hasRole("ROLE_A")).isTrue();
}
@Test
public void hasAnyRoleNullPrefixDoesNotAddsDefaultPrefix() {
root.setDefaultRolePrefix(null);
assertThat(root.hasAnyRole("A")).isFalse();
assertThat(root.hasAnyRole("ROLE_A")).isTrue();
this.root.setDefaultRolePrefix(null);
assertThat(this.root.hasAnyRole("A")).isFalse();
assertThat(this.root.hasAnyRole("ROLE_A")).isTrue();
}
@Test
public void hasAuthorityDoesNotAddDefaultPrefix() {
assertThat(root.hasAuthority("A")).isFalse();
assertThat(root.hasAnyAuthority("NO", "A")).isFalse();
assertThat(root.hasAnyAuthority("ROLE_A", "NOT")).isTrue();
assertThat(this.root.hasAuthority("A")).isFalse();
assertThat(this.root.hasAnyAuthority("NO", "A")).isFalse();
assertThat(this.root.hasAnyAuthority("ROLE_A", "NOT")).isTrue();
}
}
core/src/test/java/org/springframework/security/access/expression/method/DefaultMethodSecurityExpressionHandlerTests.java
+23 -23
View File
@@ -58,9 +58,9 @@ public class DefaultMethodSecurityExpressionHandlerTests {
@Before
public void setup() {
handler = new DefaultMethodSecurityExpressionHandler();
when(methodInvocation.getThis()).thenReturn(new Foo());
when(methodInvocation.getMethod()).thenReturn(Foo.class.getMethods()[0]);
this.handler = new DefaultMethodSecurityExpressionHandler();
when(this.methodInvocation.getThis()).thenReturn(new Foo());
when(this.methodInvocation.getMethod()).thenReturn(Foo.class.getMethods()[0]);
}
@After
@@ -70,18 +70,18 @@ public class DefaultMethodSecurityExpressionHandlerTests {
@Test(expected = IllegalArgumentException.class)
public void setTrustResolverNull() {
handler.setTrustResolver(null);
this.handler.setTrustResolver(null);
}
@Test
public void createEvaluationContextCustomTrustResolver() {
handler.setTrustResolver(trustResolver);
this.handler.setTrustResolver(this.trustResolver);
Expression expression = handler.getExpressionParser().parseExpression("anonymous");
EvaluationContext context = handler.createEvaluationContext(authentication, methodInvocation);
Expression expression = this.handler.getExpressionParser().parseExpression("anonymous");
EvaluationContext context = this.handler.createEvaluationContext(this.authentication, this.methodInvocation);
expression.getValue(context, Boolean.class);
verify(trustResolver).isAnonymous(authentication);
verify(this.trustResolver).isAnonymous(this.authentication);
}
@Test
@@ -92,11 +92,11 @@ public class DefaultMethodSecurityExpressionHandlerTests {
map.put("key2", "value2");
map.put("key3", "value3");
Expression expression = handler.getExpressionParser().parseExpression("filterObject.key eq 'key2'");
Expression expression = this.handler.getExpressionParser().parseExpression("filterObject.key eq 'key2'");
EvaluationContext context = handler.createEvaluationContext(authentication, methodInvocation);
EvaluationContext context = this.handler.createEvaluationContext(this.authentication, this.methodInvocation);
Object filtered = handler.filter(map, expression, context);
Object filtered = this.handler.filter(map, expression, context);
assertThat(filtered == map);
Map<String, String> result = ((Map<String, String>) filtered);
@@ -113,11 +113,11 @@ public class DefaultMethodSecurityExpressionHandlerTests {
map.put("key2", "value2");
map.put("key3", "value3");
Expression expression = handler.getExpressionParser().parseExpression("filterObject.value eq 'value3'");
Expression expression = this.handler.getExpressionParser().parseExpression("filterObject.value eq 'value3'");
EvaluationContext context = handler.createEvaluationContext(authentication, methodInvocation);
EvaluationContext context = this.handler.createEvaluationContext(this.authentication, this.methodInvocation);
Object filtered = handler.filter(map, expression, context);
Object filtered = this.handler.filter(map, expression, context);
assertThat(filtered == map);
Map<String, String> result = ((Map<String, String>) filtered);
@@ -134,12 +134,12 @@ public class DefaultMethodSecurityExpressionHandlerTests {
map.put("key2", "value2");
map.put("key3", "value3");
Expression expression = handler.getExpressionParser()
Expression expression = this.handler.getExpressionParser()
.parseExpression("(filterObject.key eq 'key1') or (filterObject.value eq 'value2')");
EvaluationContext context = handler.createEvaluationContext(authentication, methodInvocation);
EvaluationContext context = this.handler.createEvaluationContext(this.authentication, this.methodInvocation);
Object filtered = handler.filter(map, expression, context);
Object filtered = this.handler.filter(map, expression, context);
assertThat(filtered == map);
Map<String, String> result = ((Map<String, String>) filtered);
@@ -153,11 +153,11 @@ public class DefaultMethodSecurityExpressionHandlerTests {
public void filterWhenUsingStreamThenFiltersStream() {
final Stream<String> stream = Stream.of("1", "2", "3");
Expression expression = handler.getExpressionParser().parseExpression("filterObject ne '2'");
Expression expression = this.handler.getExpressionParser().parseExpression("filterObject ne '2'");
EvaluationContext context = handler.createEvaluationContext(authentication, methodInvocation);
EvaluationContext context = this.handler.createEvaluationContext(this.authentication, this.methodInvocation);
Object filtered = handler.filter(stream, expression, context);
Object filtered = this.handler.filter(stream, expression, context);
assertThat(filtered).isInstanceOf(Stream.class);
List<String> list = ((Stream<String>) filtered).collect(Collectors.toList());
@@ -169,11 +169,11 @@ public class DefaultMethodSecurityExpressionHandlerTests {
final Stream<?> upstream = mock(Stream.class);
doReturn(Stream.<String>empty()).when(upstream).filter(any());
Expression expression = handler.getExpressionParser().parseExpression("true");
Expression expression = this.handler.getExpressionParser().parseExpression("true");
EvaluationContext context = handler.createEvaluationContext(authentication, methodInvocation);
EvaluationContext context = this.handler.createEvaluationContext(this.authentication, this.methodInvocation);
((Stream) handler.filter(upstream, expression, context)).close();
((Stream) this.handler.filter(upstream, expression, context)).close();
verify(upstream).close();
}
core/src/test/java/org/springframework/security/access/expression/method/ExpressionBasedPreInvocationAdviceTests.java
+10 -8
View File
@@ -46,7 +46,7 @@ public class ExpressionBasedPreInvocationAdviceTests {
@Before
public void setUp() {
expressionBasedPreInvocationAdvice = new ExpressionBasedPreInvocationAdvice();
this.expressionBasedPreInvocationAdvice = new ExpressionBasedPreInvocationAdvice();
}
@Test(expected = IllegalArgumentException.class)
@@ -57,7 +57,7 @@ public class ExpressionBasedPreInvocationAdviceTests {
MockMethodInvocation methodInvocation = new MockMethodInvocation(new TestClass(), TestClass.class,
"doSomethingCollection", new Class[] { List.class }, new Object[] { new ArrayList<>() });
// when - then
expressionBasedPreInvocationAdvice.before(authentication, methodInvocation, attribute);
this.expressionBasedPreInvocationAdvice.before(this.authentication, methodInvocation, attribute);
}
@Test(expected = IllegalArgumentException.class)
@@ -67,7 +67,7 @@ public class ExpressionBasedPreInvocationAdviceTests {
MockMethodInvocation methodInvocation = new MockMethodInvocation(new TestClass(), TestClass.class,
"doSomethingArray", new Class[] { String[].class }, new Object[] { new String[0] });
// when - then
expressionBasedPreInvocationAdvice.before(authentication, methodInvocation, attribute);
this.expressionBasedPreInvocationAdvice.before(this.authentication, methodInvocation, attribute);
}
@Test
@@ -78,7 +78,8 @@ public class ExpressionBasedPreInvocationAdviceTests {
"doSomethingCollection", new Class[] { List.class }, new Object[] { new ArrayList<>() });
// when
boolean result = expressionBasedPreInvocationAdvice.before(authentication, methodInvocation, attribute);
boolean result = this.expressionBasedPreInvocationAdvice.before(this.authentication, methodInvocation,
attribute);
// then
assertThat(result).isTrue();
}
@@ -90,7 +91,7 @@ public class ExpressionBasedPreInvocationAdviceTests {
MockMethodInvocation methodInvocation = new MockMethodInvocation(new TestClass(), TestClass.class,
"doSomethingArray", new Class[] { String[].class }, new Object[] { new String[0] });
// when - then
expressionBasedPreInvocationAdvice.before(authentication, methodInvocation, attribute);
this.expressionBasedPreInvocationAdvice.before(this.authentication, methodInvocation, attribute);
}
@Test
@@ -100,7 +101,8 @@ public class ExpressionBasedPreInvocationAdviceTests {
MockMethodInvocation methodInvocation = new MockMethodInvocation(new TestClass(), TestClass.class,
"doSomethingCollection", new Class[] { List.class }, new Object[] { new ArrayList<>() });
// when
boolean result = expressionBasedPreInvocationAdvice.before(authentication, methodInvocation, attribute);
boolean result = this.expressionBasedPreInvocationAdvice.before(this.authentication, methodInvocation,
attribute);
// then
assertThat(result).isTrue();
}
@@ -112,7 +114,7 @@ public class ExpressionBasedPreInvocationAdviceTests {
MockMethodInvocation methodInvocation = new MockMethodInvocation(new TestClass(), TestClass.class,
"doSomethingString", new Class[] { String.class }, new Object[] { "param" });
// when - then
expressionBasedPreInvocationAdvice.before(authentication, methodInvocation, attribute);
this.expressionBasedPreInvocationAdvice.before(this.authentication, methodInvocation, attribute);
}
@Test(expected = IllegalArgumentException.class)
@@ -123,7 +125,7 @@ public class ExpressionBasedPreInvocationAdviceTests {
"doSomethingTwoArgs", new Class[] { String.class, List.class },
new Object[] { "param", new ArrayList<>() });
// when - then
expressionBasedPreInvocationAdvice.before(authentication, methodInvocation, attribute);
this.expressionBasedPreInvocationAdvice.before(this.authentication, methodInvocation, attribute);
}
private class TestClass {
core/src/test/java/org/springframework/security/access/expression/method/MethodExpressionVoterTests.java
+10 -10
View File
@@ -43,8 +43,8 @@ public class MethodExpressionVoterTests {
@Test
public void hasRoleExpressionAllowsUserWithRole() throws Exception {
MethodInvocation mi = new SimpleMethodInvocation(new TargetImpl(), methodTakingAnArray());
assertThat(
am.vote(joe, mi, createAttributes(new PreInvocationExpressionAttribute(null, null, "hasRole('blah')"))))
assertThat(this.am.vote(this.joe, mi,
createAttributes(new PreInvocationExpressionAttribute(null, null, "hasRole('blah')"))))
.isEqualTo(AccessDecisionVoter.ACCESS_GRANTED);
}
@@ -53,13 +53,13 @@ public class MethodExpressionVoterTests {
List<ConfigAttribute> cad = new ArrayList<>(1);
cad.add(new PreInvocationExpressionAttribute(null, null, "hasRole('joedoesnt')"));
MethodInvocation mi = new SimpleMethodInvocation(new TargetImpl(), methodTakingAnArray());
assertThat(am.vote(joe, mi, cad)).isEqualTo(AccessDecisionVoter.ACCESS_DENIED);
assertThat(this.am.vote(this.joe, mi, cad)).isEqualTo(AccessDecisionVoter.ACCESS_DENIED);
}
@Test
public void matchingArgAgainstAuthenticationNameIsSuccessful() throws Exception {
MethodInvocation mi = new SimpleMethodInvocation(new TargetImpl(), methodTakingAString(), "joe");
assertThat(am.vote(joe, mi,
assertThat(this.am.vote(this.joe, mi,
createAttributes(new PreInvocationExpressionAttribute(null, null,
"(#argument == principal) and (principal == 'joe')"))))
.isEqualTo(AccessDecisionVoter.ACCESS_GRANTED);
@@ -69,7 +69,7 @@ public class MethodExpressionVoterTests {
public void accessIsGrantedIfNoPreAuthorizeAttributeIsUsed() throws Exception {
Collection arg = createCollectionArg("joe", "bob", "sam");
MethodInvocation mi = new SimpleMethodInvocation(new TargetImpl(), methodTakingACollection(), arg);
assertThat(am.vote(joe, mi,
assertThat(this.am.vote(this.joe, mi,
createAttributes(new PreInvocationExpressionAttribute("(filterObject == 'jim')", "collection", null))))
.isEqualTo(AccessDecisionVoter.ACCESS_GRANTED);
// All objects should have been removed, because the expression is always false
@@ -80,7 +80,7 @@ public class MethodExpressionVoterTests {
public void collectionPreFilteringIsSuccessful() throws Exception {
List arg = createCollectionArg("joe", "bob", "sam");
MethodInvocation mi = new SimpleMethodInvocation(new TargetImpl(), methodTakingACollection(), arg);
am.vote(joe, mi, createAttributes(new PreInvocationExpressionAttribute(
this.am.vote(this.joe, mi, createAttributes(new PreInvocationExpressionAttribute(
"(filterObject == 'joe' or filterObject == 'sam')", "collection", "permitAll")));
assertThat(arg).containsExactly("joe", "sam");
}
@@ -89,7 +89,7 @@ public class MethodExpressionVoterTests {
public void arraysCannotBePrefiltered() throws Exception {
MethodInvocation mi = new SimpleMethodInvocation(new TargetImpl(), methodTakingAnArray(),
createArrayArg("sam", "joe"));
am.vote(joe, mi,
this.am.vote(this.joe, mi,
createAttributes(new PreInvocationExpressionAttribute("(filterObject == 'jim')", "someArray", null)));
}
@@ -97,7 +97,7 @@ public class MethodExpressionVoterTests {
public void incorrectFilterTargetNameIsRejected() throws Exception {
MethodInvocation mi = new SimpleMethodInvocation(new TargetImpl(), methodTakingACollection(),
createCollectionArg("joe", "bob"));
am.vote(joe, mi,
this.am.vote(this.joe, mi,
createAttributes(new PreInvocationExpressionAttribute("(filterObject == 'joe')", "collcetion", null)));
}
@@ -105,7 +105,7 @@ public class MethodExpressionVoterTests {
public void nullNamedFilterTargetIsRejected() throws Exception {
MethodInvocation mi = new SimpleMethodInvocation(new TargetImpl(), methodTakingACollection(),
new Object[] { null });
am.vote(joe, mi,
this.am.vote(this.joe, mi,
createAttributes(new PreInvocationExpressionAttribute("(filterObject == 'joe')", "collection", null)));
}
@@ -114,7 +114,7 @@ public class MethodExpressionVoterTests {
MethodInvocation mi = new SimpleMethodInvocation(new TargetImpl(), methodTakingAString(), "joe");
assertThat(
am.vote(joe, mi, createAttributes(new PreInvocationExpressionAttribute(null, null,
this.am.vote(this.joe, mi, createAttributes(new PreInvocationExpressionAttribute(null, null,
"T(org.springframework.security.access.expression.method.SecurityRules).isJoe(#argument)"))))
.isEqualTo(AccessDecisionVoter.ACCESS_GRANTED);
}
core/src/test/java/org/springframework/security/access/expression/method/MethodSecurityEvaluationContextTests.java
+5 -5
View File
@@ -50,12 +50,12 @@ public class MethodSecurityEvaluationContextTests {
public void lookupVariableWhenParameterNameNullThenNotSet() {
Class<String> type = String.class;
Method method = ReflectionUtils.findMethod(String.class, "contains", CharSequence.class);
doReturn(new String[] { null }).when(paramNameDiscoverer).getParameterNames(method);
doReturn(new Object[] { null }).when(methodInvocation).getArguments();
doReturn(type).when(methodInvocation).getThis();
doReturn(method).when(methodInvocation).getMethod();
doReturn(new String[] { null }).when(this.paramNameDiscoverer).getParameterNames(method);
doReturn(new Object[] { null }).when(this.methodInvocation).getArguments();
doReturn(type).when(this.methodInvocation).getThis();
doReturn(method).when(this.methodInvocation).getMethod();
NotNullVariableMethodSecurityEvaluationContext context = new NotNullVariableMethodSecurityEvaluationContext(
authentication, methodInvocation, paramNameDiscoverer);
this.authentication, this.methodInvocation, this.paramNameDiscoverer);
context.lookupVariable("testVariable");
}
core/src/test/java/org/springframework/security/access/expression/method/MethodSecurityExpressionRootTests.java
+41 -41
View File
@@ -51,43 +51,43 @@ public class MethodSecurityExpressionRootTests {
@Before
public void createContext() {
user = mock(Authentication.class);
root = new MethodSecurityExpressionRoot(user);
ctx = new StandardEvaluationContext();
ctx.setRootObject(root);
trustResolver = mock(AuthenticationTrustResolver.class);
root.setTrustResolver(trustResolver);
this.user = mock(Authentication.class);
this.root = new MethodSecurityExpressionRoot(this.user);
this.ctx = new StandardEvaluationContext();
this.ctx.setRootObject(this.root);
this.trustResolver = mock(AuthenticationTrustResolver.class);
this.root.setTrustResolver(this.trustResolver);
}
@Test
public void canCallMethodsOnVariables() {
ctx.setVariable("var", "somestring");
Expression e = parser.parseExpression("#var.length() == 10");
this.ctx.setVariable("var", "somestring");
Expression e = this.parser.parseExpression("#var.length() == 10");
assertThat(ExpressionUtils.evaluateAsBoolean(e, ctx)).isTrue();
assertThat(ExpressionUtils.evaluateAsBoolean(e, this.ctx)).isTrue();
}
@Test
public void isAnonymousReturnsTrueIfTrustResolverReportsAnonymous() {
when(trustResolver.isAnonymous(user)).thenReturn(true);
assertThat(root.isAnonymous()).isTrue();
when(this.trustResolver.isAnonymous(this.user)).thenReturn(true);
assertThat(this.root.isAnonymous()).isTrue();
}
@Test
public void isAnonymousReturnsFalseIfTrustResolverReportsNonAnonymous() {
when(trustResolver.isAnonymous(user)).thenReturn(false);
assertThat(root.isAnonymous()).isFalse();
when(this.trustResolver.isAnonymous(this.user)).thenReturn(false);
assertThat(this.root.isAnonymous()).isFalse();
}
@Test
public void hasPermissionOnDomainObjectReturnsFalseIfPermissionEvaluatorDoes() {
final Object dummyDomainObject = new Object();
final PermissionEvaluator pe = mock(PermissionEvaluator.class);
ctx.setVariable("domainObject", dummyDomainObject);
root.setPermissionEvaluator(pe);
when(pe.hasPermission(user, dummyDomainObject, "ignored")).thenReturn(false);
this.ctx.setVariable("domainObject", dummyDomainObject);
this.root.setPermissionEvaluator(pe);
when(pe.hasPermission(this.user, dummyDomainObject, "ignored")).thenReturn(false);
assertThat(root.hasPermission(dummyDomainObject, "ignored")).isFalse();
assertThat(this.root.hasPermission(dummyDomainObject, "ignored")).isFalse();
}
@@ -95,31 +95,31 @@ public class MethodSecurityExpressionRootTests {
public void hasPermissionOnDomainObjectReturnsTrueIfPermissionEvaluatorDoes() {
final Object dummyDomainObject = new Object();
final PermissionEvaluator pe = mock(PermissionEvaluator.class);
ctx.setVariable("domainObject", dummyDomainObject);
root.setPermissionEvaluator(pe);
when(pe.hasPermission(user, dummyDomainObject, "ignored")).thenReturn(true);
this.ctx.setVariable("domainObject", dummyDomainObject);
this.root.setPermissionEvaluator(pe);
when(pe.hasPermission(this.user, dummyDomainObject, "ignored")).thenReturn(true);
assertThat(root.hasPermission(dummyDomainObject, "ignored")).isTrue();
assertThat(this.root.hasPermission(dummyDomainObject, "ignored")).isTrue();
}
@Test
public void hasPermissionOnDomainObjectWorksWithIntegerExpressions() {
final Object dummyDomainObject = new Object();
ctx.setVariable("domainObject", dummyDomainObject);
this.ctx.setVariable("domainObject", dummyDomainObject);
final PermissionEvaluator pe = mock(PermissionEvaluator.class);
root.setPermissionEvaluator(pe);
when(pe.hasPermission(eq(user), eq(dummyDomainObject), any(Integer.class))).thenReturn(true).thenReturn(true)
.thenReturn(false);
this.root.setPermissionEvaluator(pe);
when(pe.hasPermission(eq(this.user), eq(dummyDomainObject), any(Integer.class))).thenReturn(true)
.thenReturn(true).thenReturn(false);
Expression e = parser.parseExpression("hasPermission(#domainObject, 0xA)");
Expression e = this.parser.parseExpression("hasPermission(#domainObject, 0xA)");
// evaluator returns true
assertThat(ExpressionUtils.evaluateAsBoolean(e, ctx)).isTrue();
e = parser.parseExpression("hasPermission(#domainObject, 10)");
assertThat(ExpressionUtils.evaluateAsBoolean(e, this.ctx)).isTrue();
e = this.parser.parseExpression("hasPermission(#domainObject, 10)");
// evaluator returns true
assertThat(ExpressionUtils.evaluateAsBoolean(e, ctx)).isTrue();
e = parser.parseExpression("hasPermission(#domainObject, 0xFF)");
assertThat(ExpressionUtils.evaluateAsBoolean(e, this.ctx)).isTrue();
e = this.parser.parseExpression("hasPermission(#domainObject, 0xFF)");
// evaluator returns false, make sure return value matches
assertThat(ExpressionUtils.evaluateAsBoolean(e, ctx)).isFalse();
assertThat(ExpressionUtils.evaluateAsBoolean(e, this.ctx)).isFalse();
}
@Test
@@ -129,20 +129,20 @@ public class MethodSecurityExpressionRootTests {
return "x";
}
};
root.setThis(targetObject);
this.root.setThis(targetObject);
Integer i = 2;
PermissionEvaluator pe = mock(PermissionEvaluator.class);
root.setPermissionEvaluator(pe);
when(pe.hasPermission(user, targetObject, i)).thenReturn(true).thenReturn(false);
when(pe.hasPermission(user, "x", i)).thenReturn(true);
this.root.setPermissionEvaluator(pe);
when(pe.hasPermission(this.user, targetObject, i)).thenReturn(true).thenReturn(false);
when(pe.hasPermission(this.user, "x", i)).thenReturn(true);
Expression e = parser.parseExpression("hasPermission(this, 2)");
assertThat(ExpressionUtils.evaluateAsBoolean(e, ctx)).isTrue();
e = parser.parseExpression("hasPermission(this, 2)");
assertThat(ExpressionUtils.evaluateAsBoolean(e, ctx)).isFalse();
Expression e = this.parser.parseExpression("hasPermission(this, 2)");
assertThat(ExpressionUtils.evaluateAsBoolean(e, this.ctx)).isTrue();
e = this.parser.parseExpression("hasPermission(this, 2)");
assertThat(ExpressionUtils.evaluateAsBoolean(e, this.ctx)).isFalse();
e = parser.parseExpression("hasPermission(this.x, 2)");
assertThat(ExpressionUtils.evaluateAsBoolean(e, ctx)).isTrue();
e = this.parser.parseExpression("hasPermission(this.x, 2)");
assertThat(ExpressionUtils.evaluateAsBoolean(e, this.ctx)).isTrue();
}
}
core/src/test/java/org/springframework/security/access/expression/method/PrePostAnnotationSecurityMetadataSourceTests.java
+22 -21
View File
@@ -68,25 +68,25 @@ public class PrePostAnnotationSecurityMetadataSourceTests {
@Before
public void setUpData() throws Exception {
voidImpl1 = new MockMethodInvocation(new ReturnVoidImpl1(), ReturnVoid.class, "doSomething", List.class);
voidImpl2 = new MockMethodInvocation(new ReturnVoidImpl2(), ReturnVoid.class, "doSomething", List.class);
voidImpl3 = new MockMethodInvocation(new ReturnVoidImpl3(), ReturnVoid.class, "doSomething", List.class);
listImpl1 = new MockMethodInvocation(new ReturnAListImpl1(), ReturnAList.class, "doSomething", List.class);
notherListImpl1 = new MockMethodInvocation(new ReturnAnotherListImpl1(), ReturnAnotherList.class, "doSomething",
List.class);
notherListImpl2 = new MockMethodInvocation(new ReturnAnotherListImpl2(), ReturnAnotherList.class, "doSomething",
List.class);
annotatedAtClassLevel = new MockMethodInvocation(new CustomAnnotationAtClassLevel(), ReturnVoid.class,
this.voidImpl1 = new MockMethodInvocation(new ReturnVoidImpl1(), ReturnVoid.class, "doSomething", List.class);
this.voidImpl2 = new MockMethodInvocation(new ReturnVoidImpl2(), ReturnVoid.class, "doSomething", List.class);
this.voidImpl3 = new MockMethodInvocation(new ReturnVoidImpl3(), ReturnVoid.class, "doSomething", List.class);
this.listImpl1 = new MockMethodInvocation(new ReturnAListImpl1(), ReturnAList.class, "doSomething", List.class);
this.notherListImpl1 = new MockMethodInvocation(new ReturnAnotherListImpl1(), ReturnAnotherList.class,
"doSomething", List.class);
annotatedAtInterfaceLevel = new MockMethodInvocation(new CustomAnnotationAtInterfaceLevel(), ReturnVoid2.class,
this.notherListImpl2 = new MockMethodInvocation(new ReturnAnotherListImpl2(), ReturnAnotherList.class,
"doSomething", List.class);
annotatedAtMethodLevel = new MockMethodInvocation(new CustomAnnotationAtMethodLevel(), ReturnVoid.class,
this.annotatedAtClassLevel = new MockMethodInvocation(new CustomAnnotationAtClassLevel(), ReturnVoid.class,
"doSomething", List.class);
this.annotatedAtInterfaceLevel = new MockMethodInvocation(new CustomAnnotationAtInterfaceLevel(),
ReturnVoid2.class, "doSomething", List.class);
this.annotatedAtMethodLevel = new MockMethodInvocation(new CustomAnnotationAtMethodLevel(), ReturnVoid.class,
"doSomething", List.class);
}
@Test
public void classLevelPreAnnotationIsPickedUpWhenNoMethodLevelExists() {
ConfigAttribute[] attrs = mds.getAttributes(voidImpl1).toArray(new ConfigAttribute[0]);
ConfigAttribute[] attrs = this.mds.getAttributes(this.voidImpl1).toArray(new ConfigAttribute[0]);
assertThat(attrs).hasSize(1);
assertThat(attrs[0] instanceof PreInvocationExpressionAttribute).isTrue();
@@ -98,7 +98,7 @@ public class PrePostAnnotationSecurityMetadataSourceTests {
@Test
public void mixedClassAndMethodPreAnnotationsAreBothIncluded() {
ConfigAttribute[] attrs = mds.getAttributes(voidImpl2).toArray(new ConfigAttribute[0]);
ConfigAttribute[] attrs = this.mds.getAttributes(this.voidImpl2).toArray(new ConfigAttribute[0]);
assertThat(attrs).hasSize(1);
assertThat(attrs[0] instanceof PreInvocationExpressionAttribute).isTrue();
@@ -110,7 +110,7 @@ public class PrePostAnnotationSecurityMetadataSourceTests {
@Test
public void methodWithPreFilterOnlyIsAllowed() {
ConfigAttribute[] attrs = mds.getAttributes(voidImpl3).toArray(new ConfigAttribute[0]);
ConfigAttribute[] attrs = this.mds.getAttributes(this.voidImpl3).toArray(new ConfigAttribute[0]);
assertThat(attrs).hasSize(1);
assertThat(attrs[0] instanceof PreInvocationExpressionAttribute).isTrue();
@@ -122,7 +122,7 @@ public class PrePostAnnotationSecurityMetadataSourceTests {
@Test
public void methodWithPostFilterOnlyIsAllowed() {
ConfigAttribute[] attrs = mds.getAttributes(listImpl1).toArray(new ConfigAttribute[0]);
ConfigAttribute[] attrs = this.mds.getAttributes(this.listImpl1).toArray(new ConfigAttribute[0]);
assertThat(attrs).hasSize(2);
assertThat(attrs[0] instanceof PreInvocationExpressionAttribute).isTrue();
@@ -136,7 +136,7 @@ public class PrePostAnnotationSecurityMetadataSourceTests {
@Test
public void interfaceAttributesAreIncluded() {
ConfigAttribute[] attrs = mds.getAttributes(notherListImpl1).toArray(new ConfigAttribute[0]);
ConfigAttribute[] attrs = this.mds.getAttributes(this.notherListImpl1).toArray(new ConfigAttribute[0]);
assertThat(attrs).hasSize(1);
assertThat(attrs[0] instanceof PreInvocationExpressionAttribute).isTrue();
@@ -149,7 +149,7 @@ public class PrePostAnnotationSecurityMetadataSourceTests {
@Test
public void classAttributesTakesPrecedeceOverInterfaceAttributes() {
ConfigAttribute[] attrs = mds.getAttributes(notherListImpl2).toArray(new ConfigAttribute[0]);
ConfigAttribute[] attrs = this.mds.getAttributes(this.notherListImpl2).toArray(new ConfigAttribute[0]);
assertThat(attrs).hasSize(1);
assertThat(attrs[0] instanceof PreInvocationExpressionAttribute).isTrue();
@@ -162,21 +162,22 @@ public class PrePostAnnotationSecurityMetadataSourceTests {
@Test
public void customAnnotationAtClassLevelIsDetected() {
ConfigAttribute[] attrs = mds.getAttributes(annotatedAtClassLevel).toArray(new ConfigAttribute[0]);
ConfigAttribute[] attrs = this.mds.getAttributes(this.annotatedAtClassLevel).toArray(new ConfigAttribute[0]);
assertThat(attrs).hasSize(1);
}
@Test
public void customAnnotationAtInterfaceLevelIsDetected() {
ConfigAttribute[] attrs = mds.getAttributes(annotatedAtInterfaceLevel).toArray(new ConfigAttribute[0]);
ConfigAttribute[] attrs = this.mds.getAttributes(this.annotatedAtInterfaceLevel)
.toArray(new ConfigAttribute[0]);
assertThat(attrs).hasSize(1);
}
@Test
public void customAnnotationAtMethodLevelIsDetected() {
ConfigAttribute[] attrs = mds.getAttributes(annotatedAtMethodLevel).toArray(new ConfigAttribute[0]);
ConfigAttribute[] attrs = this.mds.getAttributes(this.annotatedAtMethodLevel).toArray(new ConfigAttribute[0]);
assertThat(attrs).hasSize(1);
}
@@ -184,7 +185,7 @@ public class PrePostAnnotationSecurityMetadataSourceTests {
@Test
public void proxyFactoryInterfaceAttributesFound() throws Exception {
MockMethodInvocation mi = MethodInvocationFactory.createSec2150MethodInvocation();
Collection<ConfigAttribute> attributes = mds.getAttributes(mi);
Collection<ConfigAttribute> attributes = this.mds.getAttributes(mi);
assertThat(attributes).hasSize(1);
Expression expression = (Expression) ReflectionTestUtils.getField(attributes.iterator().next(),
"authorizeExpression");
core/src/test/java/org/springframework/security/access/intercept/AbstractSecurityInterceptorTests.java
+2 -2
View File
@@ -65,7 +65,7 @@ public class AbstractSecurityInterceptorTests {
}
public SecurityMetadataSource obtainSecurityMetadataSource() {
return securityMetadataSource;
return this.securityMetadataSource;
}
public void setSecurityMetadataSource(SecurityMetadataSource securityMetadataSource) {
@@ -83,7 +83,7 @@ public class AbstractSecurityInterceptorTests {
}
public SecurityMetadataSource obtainSecurityMetadataSource() {
return securityMetadataSource;
return this.securityMetadataSource;
}
public void setSecurityMetadataSource(SecurityMetadataSource securityMetadataSource) {
core/src/test/java/org/springframework/security/access/intercept/AfterInvocationProviderManagerTests.java
+4 -4
View File
@@ -167,19 +167,19 @@ public class AfterInvocationProviderManagerTests {
public Object decide(Authentication authentication, Object object, Collection<ConfigAttribute> config,
Object returnedObject) throws AccessDeniedException {
if (config.contains(configAttribute)) {
return forceReturnObject;
if (config.contains(this.configAttribute)) {
return this.forceReturnObject;
}
return returnedObject;
}
public boolean supports(Class<?> clazz) {
return secureObject.isAssignableFrom(clazz);
return this.secureObject.isAssignableFrom(clazz);
}
public boolean supports(ConfigAttribute attribute) {
return attribute.equals(configAttribute);
return attribute.equals(this.configAttribute);
}
}
core/src/test/java/org/springframework/security/access/intercept/aopalliance/MethodSecurityInterceptorTests.java
+91 -91
View File
@@ -86,16 +86,16 @@ public class MethodSecurityInterceptorTests {
@Before
public final void setUp() {
SecurityContextHolder.clearContext();
token = new TestingAuthenticationToken("Test", "Password");
interceptor = new MethodSecurityInterceptor();
adm = mock(AccessDecisionManager.class);
authman = mock(AuthenticationManager.class);
mds = mock(MethodSecurityMetadataSource.class);
eventPublisher = mock(ApplicationEventPublisher.class);
interceptor.setAccessDecisionManager(adm);
interceptor.setAuthenticationManager(authman);
interceptor.setSecurityMetadataSource(mds);
interceptor.setApplicationEventPublisher(eventPublisher);
this.token = new TestingAuthenticationToken("Test", "Password");
this.interceptor = new MethodSecurityInterceptor();
this.adm = mock(AccessDecisionManager.class);
this.authman = mock(AuthenticationManager.class);
this.mds = mock(MethodSecurityMetadataSource.class);
this.eventPublisher = mock(ApplicationEventPublisher.class);
this.interceptor.setAccessDecisionManager(this.adm);
this.interceptor.setAuthenticationManager(this.authman);
this.interceptor.setSecurityMetadataSource(this.mds);
this.interceptor.setApplicationEventPublisher(this.eventPublisher);
createTarget(false);
}
@@ -105,119 +105,119 @@ public class MethodSecurityInterceptorTests {
}
private void createTarget(boolean useMock) {
realTarget = useMock ? mock(ITargetObject.class) : new TargetObject();
ProxyFactory pf = new ProxyFactory(realTarget);
pf.addAdvice(interceptor);
advisedTarget = (ITargetObject) pf.getProxy();
this.realTarget = useMock ? mock(ITargetObject.class) : new TargetObject();
ProxyFactory pf = new ProxyFactory(this.realTarget);
pf.addAdvice(this.interceptor);
this.advisedTarget = (ITargetObject) pf.getProxy();
}
@Test
public void gettersReturnExpectedData() {
RunAsManager runAs = mock(RunAsManager.class);
AfterInvocationManager aim = mock(AfterInvocationManager.class);
interceptor.setRunAsManager(runAs);
interceptor.setAfterInvocationManager(aim);
assertThat(interceptor.getAccessDecisionManager()).isEqualTo(adm);
assertThat(interceptor.getRunAsManager()).isEqualTo(runAs);
assertThat(interceptor.getAuthenticationManager()).isEqualTo(authman);
assertThat(interceptor.getSecurityMetadataSource()).isEqualTo(mds);
assertThat(interceptor.getAfterInvocationManager()).isEqualTo(aim);
this.interceptor.setRunAsManager(runAs);
this.interceptor.setAfterInvocationManager(aim);
assertThat(this.interceptor.getAccessDecisionManager()).isEqualTo(this.adm);
assertThat(this.interceptor.getRunAsManager()).isEqualTo(runAs);
assertThat(this.interceptor.getAuthenticationManager()).isEqualTo(this.authman);
assertThat(this.interceptor.getSecurityMetadataSource()).isEqualTo(this.mds);
assertThat(this.interceptor.getAfterInvocationManager()).isEqualTo(aim);
}
@Test(expected = IllegalArgumentException.class)
public void missingAccessDecisionManagerIsDetected() throws Exception {
interceptor.setAccessDecisionManager(null);
interceptor.afterPropertiesSet();
this.interceptor.setAccessDecisionManager(null);
this.interceptor.afterPropertiesSet();
}
@Test(expected = IllegalArgumentException.class)
public void missingAuthenticationManagerIsDetected() throws Exception {
interceptor.setAuthenticationManager(null);
interceptor.afterPropertiesSet();
this.interceptor.setAuthenticationManager(null);
this.interceptor.afterPropertiesSet();
}
@Test(expected = IllegalArgumentException.class)
public void missingMethodSecurityMetadataSourceIsRejected() throws Exception {
interceptor.setSecurityMetadataSource(null);
interceptor.afterPropertiesSet();
this.interceptor.setSecurityMetadataSource(null);
this.interceptor.afterPropertiesSet();
}
@Test(expected = IllegalArgumentException.class)
public void missingRunAsManagerIsRejected() throws Exception {
interceptor.setRunAsManager(null);
interceptor.afterPropertiesSet();
this.interceptor.setRunAsManager(null);
this.interceptor.afterPropertiesSet();
}
@Test(expected = IllegalArgumentException.class)
public void initializationRejectsSecurityMetadataSourceThatDoesNotSupportMethodInvocation() throws Throwable {
when(mds.supports(MethodInvocation.class)).thenReturn(false);
interceptor.afterPropertiesSet();
when(this.mds.supports(MethodInvocation.class)).thenReturn(false);
this.interceptor.afterPropertiesSet();
}
@Test(expected = IllegalArgumentException.class)
public void initializationRejectsAccessDecisionManagerThatDoesNotSupportMethodInvocation() throws Exception {
when(mds.supports(MethodInvocation.class)).thenReturn(true);
when(adm.supports(MethodInvocation.class)).thenReturn(false);
interceptor.afterPropertiesSet();
when(this.mds.supports(MethodInvocation.class)).thenReturn(true);
when(this.adm.supports(MethodInvocation.class)).thenReturn(false);
this.interceptor.afterPropertiesSet();
}
@Test(expected = IllegalArgumentException.class)
public void intitalizationRejectsRunAsManagerThatDoesNotSupportMethodInvocation() throws Exception {
final RunAsManager ram = mock(RunAsManager.class);
when(ram.supports(MethodInvocation.class)).thenReturn(false);
interceptor.setRunAsManager(ram);
interceptor.afterPropertiesSet();
this.interceptor.setRunAsManager(ram);
this.interceptor.afterPropertiesSet();
}
@Test(expected = IllegalArgumentException.class)
public void intitalizationRejectsAfterInvocationManagerThatDoesNotSupportMethodInvocation() throws Exception {
final AfterInvocationManager aim = mock(AfterInvocationManager.class);
when(aim.supports(MethodInvocation.class)).thenReturn(false);
interceptor.setAfterInvocationManager(aim);
interceptor.afterPropertiesSet();
this.interceptor.setAfterInvocationManager(aim);
this.interceptor.afterPropertiesSet();
}
@Test(expected = IllegalArgumentException.class)
public void initializationFailsIfAccessDecisionManagerRejectsConfigAttributes() throws Exception {
when(adm.supports(any(ConfigAttribute.class))).thenReturn(false);
interceptor.afterPropertiesSet();
when(this.adm.supports(any(ConfigAttribute.class))).thenReturn(false);
this.interceptor.afterPropertiesSet();
}
@Test
public void validationNotAttemptedIfIsValidateConfigAttributesSetToFalse() throws Exception {
when(adm.supports(MethodInvocation.class)).thenReturn(true);
when(mds.supports(MethodInvocation.class)).thenReturn(true);
interceptor.setValidateConfigAttributes(false);
interceptor.afterPropertiesSet();
verify(mds, never()).getAllConfigAttributes();
verify(adm, never()).supports(any(ConfigAttribute.class));
when(this.adm.supports(MethodInvocation.class)).thenReturn(true);
when(this.mds.supports(MethodInvocation.class)).thenReturn(true);
this.interceptor.setValidateConfigAttributes(false);
this.interceptor.afterPropertiesSet();
verify(this.mds, never()).getAllConfigAttributes();
verify(this.adm, never()).supports(any(ConfigAttribute.class));
}
@Test
public void validationNotAttemptedIfMethodSecurityMetadataSourceReturnsNullForAttributes() throws Exception {
when(adm.supports(MethodInvocation.class)).thenReturn(true);
when(mds.supports(MethodInvocation.class)).thenReturn(true);
when(mds.getAllConfigAttributes()).thenReturn(null);
when(this.adm.supports(MethodInvocation.class)).thenReturn(true);
when(this.mds.supports(MethodInvocation.class)).thenReturn(true);
when(this.mds.getAllConfigAttributes()).thenReturn(null);
interceptor.setValidateConfigAttributes(true);
interceptor.afterPropertiesSet();
verify(adm, never()).supports(any(ConfigAttribute.class));
this.interceptor.setValidateConfigAttributes(true);
this.interceptor.afterPropertiesSet();
verify(this.adm, never()).supports(any(ConfigAttribute.class));
}
@Test
public void callingAPublicMethodFacadeWillNotRepeatSecurityChecksWhenPassedToTheSecuredMethodItFronts() {
mdsReturnsNull();
String result = advisedTarget.publicMakeLowerCase("HELLO");
String result = this.advisedTarget.publicMakeLowerCase("HELLO");
assertThat(result).isEqualTo("hello Authentication empty");
}
@Test
public void callingAPublicMethodWhenPresentingAnAuthenticationObjectDoesntChangeItsAuthenticatedProperty() {
mdsReturnsNull();
SecurityContextHolder.getContext().setAuthentication(token);
assertThat(advisedTarget.publicMakeLowerCase("HELLO"))
SecurityContextHolder.getContext().setAuthentication(this.token);
assertThat(this.advisedTarget.publicMakeLowerCase("HELLO"))
.isEqualTo("hello org.springframework.security.authentication.TestingAuthenticationToken false");
assertThat(!token.isAuthenticated()).isTrue();
assertThat(!this.token.isAuthenticated()).isTrue();
}
@Test(expected = AuthenticationException.class)
@@ -226,87 +226,87 @@ public class MethodSecurityInterceptorTests {
SecurityContextHolder.getContext().setAuthentication(token);
mdsReturnsUserRole();
when(authman.authenticate(token)).thenThrow(new BadCredentialsException("rejected"));
when(this.authman.authenticate(token)).thenThrow(new BadCredentialsException("rejected"));
advisedTarget.makeLowerCase("HELLO");
this.advisedTarget.makeLowerCase("HELLO");
}
@Test
public void callSucceedsIfAccessDecisionManagerGrantsAccess() {
token.setAuthenticated(true);
interceptor.setPublishAuthorizationSuccess(true);
SecurityContextHolder.getContext().setAuthentication(token);
this.token.setAuthenticated(true);
this.interceptor.setPublishAuthorizationSuccess(true);
SecurityContextHolder.getContext().setAuthentication(this.token);
mdsReturnsUserRole();
String result = advisedTarget.makeLowerCase("HELLO");
String result = this.advisedTarget.makeLowerCase("HELLO");
// Note we check the isAuthenticated remained true in following line
assertThat(result)
.isEqualTo("hello org.springframework.security.authentication.TestingAuthenticationToken true");
verify(eventPublisher).publishEvent(any(AuthorizedEvent.class));
verify(this.eventPublisher).publishEvent(any(AuthorizedEvent.class));
}
@Test
public void callIsntMadeWhenAccessDecisionManagerRejectsAccess() {
SecurityContextHolder.getContext().setAuthentication(token);
SecurityContextHolder.getContext().setAuthentication(this.token);
// Use mocked target to make sure invocation doesn't happen (not in expectations
// so test would fail)
createTarget(true);
mdsReturnsUserRole();
when(authman.authenticate(token)).thenReturn(token);
doThrow(new AccessDeniedException("rejected")).when(adm).decide(any(Authentication.class),
when(this.authman.authenticate(this.token)).thenReturn(this.token);
doThrow(new AccessDeniedException("rejected")).when(this.adm).decide(any(Authentication.class),
any(MethodInvocation.class), any(List.class));
try {
advisedTarget.makeUpperCase("HELLO");
this.advisedTarget.makeUpperCase("HELLO");
fail("Expected Exception");
}
catch (AccessDeniedException expected) {
}
verify(eventPublisher).publishEvent(any(AuthorizationFailureEvent.class));
verify(this.eventPublisher).publishEvent(any(AuthorizationFailureEvent.class));
}
@Test(expected = IllegalArgumentException.class)
public void rejectsNullSecuredObjects() throws Throwable {
interceptor.invoke(null);
this.interceptor.invoke(null);
}
@Test
public void runAsReplacementIsCorrectlySet() {
SecurityContext ctx = SecurityContextHolder.getContext();
ctx.setAuthentication(token);
token.setAuthenticated(true);
ctx.setAuthentication(this.token);
this.token.setAuthenticated(true);
final RunAsManager runAs = mock(RunAsManager.class);
final RunAsUserToken runAsToken = new RunAsUserToken("key", "someone", "creds", token.getAuthorities(),
final RunAsUserToken runAsToken = new RunAsUserToken("key", "someone", "creds", this.token.getAuthorities(),
TestingAuthenticationToken.class);
interceptor.setRunAsManager(runAs);
this.interceptor.setRunAsManager(runAs);
mdsReturnsUserRole();
when(runAs.buildRunAs(eq(token), any(MethodInvocation.class), any(List.class))).thenReturn(runAsToken);
when(runAs.buildRunAs(eq(this.token), any(MethodInvocation.class), any(List.class))).thenReturn(runAsToken);
String result = advisedTarget.makeUpperCase("hello");
String result = this.advisedTarget.makeUpperCase("hello");
assertThat(result).isEqualTo("HELLO org.springframework.security.access.intercept.RunAsUserToken true");
// Check we've changed back
assertThat(SecurityContextHolder.getContext()).isSameAs(ctx);
assertThat(SecurityContextHolder.getContext().getAuthentication()).isSameAs(token);
assertThat(SecurityContextHolder.getContext().getAuthentication()).isSameAs(this.token);
}
// SEC-1967
@Test
public void runAsReplacementCleansAfterException() {
createTarget(true);
when(realTarget.makeUpperCase(anyString())).thenThrow(new RuntimeException());
when(this.realTarget.makeUpperCase(anyString())).thenThrow(new RuntimeException());
SecurityContext ctx = SecurityContextHolder.getContext();
ctx.setAuthentication(token);
token.setAuthenticated(true);
ctx.setAuthentication(this.token);
this.token.setAuthenticated(true);
final RunAsManager runAs = mock(RunAsManager.class);
final RunAsUserToken runAsToken = new RunAsUserToken("key", "someone", "creds", token.getAuthorities(),
final RunAsUserToken runAsToken = new RunAsUserToken("key", "someone", "creds", this.token.getAuthorities(),
TestingAuthenticationToken.class);
interceptor.setRunAsManager(runAs);
this.interceptor.setRunAsManager(runAs);
mdsReturnsUserRole();
when(runAs.buildRunAs(eq(token), any(MethodInvocation.class), any(List.class))).thenReturn(runAsToken);
when(runAs.buildRunAs(eq(this.token), any(MethodInvocation.class), any(List.class))).thenReturn(runAsToken);
try {
advisedTarget.makeUpperCase("hello");
this.advisedTarget.makeUpperCase("hello");
fail("Expected Exception");
}
catch (RuntimeException success) {
@@ -314,29 +314,29 @@ public class MethodSecurityInterceptorTests {
// Check we've changed back
assertThat(SecurityContextHolder.getContext()).isSameAs(ctx);
assertThat(SecurityContextHolder.getContext().getAuthentication()).isSameAs(token);
assertThat(SecurityContextHolder.getContext().getAuthentication()).isSameAs(this.token);
}
@Test(expected = AuthenticationCredentialsNotFoundException.class)
public void emptySecurityContextIsRejected() {
mdsReturnsUserRole();
advisedTarget.makeUpperCase("hello");
this.advisedTarget.makeUpperCase("hello");
}
@Test
public void afterInvocationManagerIsNotInvokedIfExceptionIsRaised() throws Throwable {
MethodInvocation mi = mock(MethodInvocation.class);
token.setAuthenticated(true);
SecurityContextHolder.getContext().setAuthentication(token);
this.token.setAuthenticated(true);
SecurityContextHolder.getContext().setAuthentication(this.token);
mdsReturnsUserRole();
AfterInvocationManager aim = mock(AfterInvocationManager.class);
interceptor.setAfterInvocationManager(aim);
this.interceptor.setAfterInvocationManager(aim);
when(mi.proceed()).thenThrow(new Throwable());
try {
interceptor.invoke(mi);
this.interceptor.invoke(mi);
fail("Expected exception");
}
catch (Throwable expected) {
@@ -346,11 +346,11 @@ public class MethodSecurityInterceptorTests {
}
void mdsReturnsNull() {
when(mds.getAttributes(any(MethodInvocation.class))).thenReturn(null);
when(this.mds.getAttributes(any(MethodInvocation.class))).thenReturn(null);
}
void mdsReturnsUserRole() {
when(mds.getAttributes(any(MethodInvocation.class))).thenReturn(SecurityConfig.createList("ROLE_USER"));
when(this.mds.getAttributes(any(MethodInvocation.class))).thenReturn(SecurityConfig.createList("ROLE_USER"));
}
}

Some files were not shown because too many files have changed in this diff Show More