Add ServerWebExchangeMatcherEntry
This commit is contained in:
+2
-1
@@ -23,6 +23,7 @@ import org.springframework.security.authorization.AuthorityAuthorizationManager;
|
||||
import org.springframework.security.web.server.authorization.AuthorizationWebFilter;
|
||||
import org.springframework.security.web.server.authorization.DelegatingReactiveAuthorizationManager;
|
||||
import org.springframework.security.web.server.util.matcher.ServerWebExchangeMatcher;
|
||||
import org.springframework.security.web.server.util.matcher.ServerWebExchangeMatcherEntry;
|
||||
import org.springframework.web.server.WebFilter;
|
||||
import reactor.core.publisher.Mono;
|
||||
|
||||
@@ -84,7 +85,7 @@ public class AuthorizeExchangeBuilder extends AbstractServerWebExchangeMatcherRe
|
||||
}
|
||||
|
||||
public AuthorizeExchangeBuilder access(ReactiveAuthorizationManager<AuthorizationContext> manager) {
|
||||
managerBldr.add(matcher, manager);
|
||||
managerBldr.add(new ServerWebExchangeMatcherEntry<>(matcher, manager));
|
||||
matcher = null;
|
||||
return AuthorizeExchangeBuilder.this;
|
||||
}
|
||||
|
||||
+11
-10
@@ -20,32 +20,33 @@ package org.springframework.security.web.server.authorization;
|
||||
import org.springframework.security.authorization.AuthorizationDecision;
|
||||
import org.springframework.security.authorization.ReactiveAuthorizationManager;
|
||||
import org.springframework.security.core.Authentication;
|
||||
import org.springframework.security.web.server.util.matcher.ServerWebExchangeMatcherEntry;
|
||||
import org.springframework.security.web.server.util.matcher.ServerWebExchangeMatcher;
|
||||
import org.springframework.web.server.ServerWebExchange;
|
||||
|
||||
import reactor.core.publisher.Flux;
|
||||
import reactor.core.publisher.Mono;
|
||||
|
||||
import java.util.LinkedHashMap;
|
||||
import java.util.Map;
|
||||
import java.util.ArrayList;
|
||||
import java.util.List;
|
||||
|
||||
/**
|
||||
* @author Rob Winch
|
||||
* @since 5.0
|
||||
*/
|
||||
public class DelegatingReactiveAuthorizationManager implements ReactiveAuthorizationManager<ServerWebExchange> {
|
||||
private final LinkedHashMap<ServerWebExchangeMatcher, ReactiveAuthorizationManager<AuthorizationContext>> mappings;
|
||||
private final List<ServerWebExchangeMatcherEntry<ReactiveAuthorizationManager<AuthorizationContext>>> mappings;
|
||||
|
||||
private DelegatingReactiveAuthorizationManager(LinkedHashMap<ServerWebExchangeMatcher, ReactiveAuthorizationManager<AuthorizationContext>> mappings) {
|
||||
private DelegatingReactiveAuthorizationManager(List<ServerWebExchangeMatcherEntry<ReactiveAuthorizationManager<AuthorizationContext>>> mappings) {
|
||||
this.mappings = mappings;
|
||||
}
|
||||
|
||||
@Override
|
||||
public Mono<AuthorizationDecision> check(Mono<Authentication> authentication, ServerWebExchange exchange) {
|
||||
return Flux.fromIterable(mappings.entrySet())
|
||||
.concatMap(entry -> entry.getKey().matches(exchange)
|
||||
return Flux.fromIterable(mappings)
|
||||
.concatMap(mapping -> mapping.getMatcher().matches(exchange)
|
||||
.filter(ServerWebExchangeMatcher.MatchResult::isMatch)
|
||||
.flatMap(r -> entry.getValue().check(authentication, new AuthorizationContext(exchange, r.getVariables()))))
|
||||
.flatMap(r -> mapping.getEntry().check(authentication, new AuthorizationContext(exchange, r.getVariables()))))
|
||||
.next()
|
||||
.defaultIfEmpty(new AuthorizationDecision(false));
|
||||
}
|
||||
@@ -55,13 +56,13 @@ public class DelegatingReactiveAuthorizationManager implements ReactiveAuthoriza
|
||||
}
|
||||
|
||||
public static class Builder {
|
||||
private final LinkedHashMap<ServerWebExchangeMatcher, ReactiveAuthorizationManager<AuthorizationContext>> mappings = new LinkedHashMap<>();
|
||||
private final List<ServerWebExchangeMatcherEntry<ReactiveAuthorizationManager<AuthorizationContext>>> mappings = new ArrayList<>();
|
||||
|
||||
private Builder() {
|
||||
}
|
||||
|
||||
public DelegatingReactiveAuthorizationManager.Builder add(ServerWebExchangeMatcher matcher, ReactiveAuthorizationManager<AuthorizationContext> manager) {
|
||||
this.mappings.put(matcher, manager);
|
||||
public DelegatingReactiveAuthorizationManager.Builder add(ServerWebExchangeMatcherEntry<ReactiveAuthorizationManager<AuthorizationContext>> entry) {
|
||||
this.mappings.add(entry);
|
||||
return this;
|
||||
}
|
||||
|
||||
|
||||
+41
@@ -0,0 +1,41 @@
|
||||
/*
|
||||
*
|
||||
* * Copyright 2002-2017 the original author or authors.
|
||||
* *
|
||||
* * Licensed under the Apache License, Version 2.0 (the "License");
|
||||
* * you may not use this file except in compliance with the License.
|
||||
* * You may obtain a copy of the License at
|
||||
* *
|
||||
* * http://www.apache.org/licenses/LICENSE-2.0
|
||||
* *
|
||||
* * Unless required by applicable law or agreed to in writing, software
|
||||
* * distributed under the License is distributed on an "AS IS" BASIS,
|
||||
* * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
* * See the License for the specific language governing permissions and
|
||||
* * limitations under the License.
|
||||
*
|
||||
*/
|
||||
|
||||
package org.springframework.security.web.server.util.matcher;
|
||||
|
||||
/**
|
||||
* @author Rob Winch
|
||||
* @since 5.0
|
||||
*/
|
||||
public class ServerWebExchangeMatcherEntry<T> {
|
||||
private final ServerWebExchangeMatcher matcher;
|
||||
private final T entry;
|
||||
|
||||
public ServerWebExchangeMatcherEntry(ServerWebExchangeMatcher matcher, T entry) {
|
||||
this.matcher = matcher;
|
||||
this.entry = entry;
|
||||
}
|
||||
|
||||
public ServerWebExchangeMatcher getMatcher() {
|
||||
return matcher;
|
||||
}
|
||||
|
||||
public T getEntry() {
|
||||
return entry;
|
||||
}
|
||||
}
|
||||
+3
-2
@@ -27,6 +27,7 @@ import org.springframework.security.authorization.AuthorityAuthorizationManager;
|
||||
import org.springframework.security.authorization.AuthorizationDecision;
|
||||
import org.springframework.security.core.Authentication;
|
||||
import org.springframework.security.web.server.util.matcher.ServerWebExchangeMatcher;
|
||||
import org.springframework.security.web.server.util.matcher.ServerWebExchangeMatcherEntry;
|
||||
import org.springframework.web.server.ServerWebExchange;
|
||||
import reactor.core.publisher.Mono;
|
||||
|
||||
@@ -62,8 +63,8 @@ public class DelegatingReactiveAuthorizationManagerTests {
|
||||
@Before
|
||||
public void setup() {
|
||||
manager = DelegatingReactiveAuthorizationManager.builder()
|
||||
.add(match1, delegate1)
|
||||
.add(match2, delegate2)
|
||||
.add(new ServerWebExchangeMatcherEntry<>(match1, delegate1))
|
||||
.add(new ServerWebExchangeMatcherEntry<>(match2, delegate2))
|
||||
.build();
|
||||
}
|
||||
|
||||
|
||||
Reference in New Issue
Block a user