Cwikius-Spring/spring-security
1
0
Fork 0
mirror of synced 2026-05-22 21:33:16 +00:00
Code Issues Packages Projects Releases Wiki Activity

Replace deprecated #check calls with #authorize

Browse Source 
Closes gh-16936

Signed-off-by: Evgeniy Cheban <mister.cheban@gmail.com>
This commit is contained in:
Evgeniy Cheban
2025-04-18 13:11:17 +03:00
committed by Josh Cummings
parent e3add59550
commit b0cecb37d2
6 changed files with 63 additions and 15 deletions
Download Patch File Download Diff File Expand all files Collapse all files
web/src/main/java/org/springframework/security/web/access/intercept/RequestMatcherDelegatingAuthorizationManager.java
+16 -2
View File
@@ -30,6 +30,7 @@ import org.springframework.security.authorization.AuthenticatedAuthorizationMana
import org.springframework.security.authorization.AuthorityAuthorizationManager;
import org.springframework.security.authorization.AuthorizationDecision;
import org.springframework.security.authorization.AuthorizationManager;
import org.springframework.security.authorization.AuthorizationResult;
import org.springframework.security.authorization.SingleResultAuthorizationManager;
import org.springframework.security.core.Authentication;
import org.springframework.security.web.util.UrlUtils;
@@ -69,11 +70,24 @@ public final class RequestMatcherDelegatingAuthorizationManager implements Autho
* @return an {@link AuthorizationDecision}. If there is no {@link RequestMatcher}
* matching the request, or the {@link AuthorizationManager} could not decide, then
* null is returned
* @deprecated please use {@link #authorize(Supplier, Object)} instead
* @deprecated please use {@link #authorize(Supplier, HttpServletRequest)} instead
*/
@Deprecated
@Override
public AuthorizationDecision check(Supplier<Authentication> authentication, HttpServletRequest request) {
AuthorizationResult result = authorize(authentication, request);
if (result == null) {
return null;
}
if (result instanceof AuthorizationDecision decision) {
return decision;
}
throw new IllegalArgumentException(
"Please call #authorize or ensure that the returned result is of type AuthorizationDecision");
}
@Override
public AuthorizationResult authorize(Supplier<Authentication> authentication, HttpServletRequest request) {
if (this.logger.isTraceEnabled()) {
this.logger.trace(LogMessage.format("Authorizing %s", requestLine(request)));
}
@@ -87,7 +101,7 @@ public final class RequestMatcherDelegatingAuthorizationManager implements Autho
this.logger.trace(
LogMessage.format("Checking authorization on %s using %s", requestLine(request), manager));
}
return manager.check(authentication,
return manager.authorize(authentication,
new RequestAuthorizationContext(request, matchResult.getVariables()));
}
}