1
0
mirror of synced 2026-07-19 09:35:12 +00:00

Add ServerWebExchangeMatcherEntry

This commit is contained in:
Rob Winch
2017-05-31 16:09:54 -05:00
parent 915de03f42
commit e5eda24054
4 changed files with 57 additions and 13 deletions
@@ -23,6 +23,7 @@ import org.springframework.security.authorization.AuthorityAuthorizationManager;
import org.springframework.security.web.server.authorization.AuthorizationWebFilter;
import org.springframework.security.web.server.authorization.DelegatingReactiveAuthorizationManager;
import org.springframework.security.web.server.util.matcher.ServerWebExchangeMatcher;
import org.springframework.security.web.server.util.matcher.ServerWebExchangeMatcherEntry;
import org.springframework.web.server.WebFilter;
import reactor.core.publisher.Mono;
@@ -84,7 +85,7 @@ public class AuthorizeExchangeBuilder extends AbstractServerWebExchangeMatcherRe
}
public AuthorizeExchangeBuilder access(ReactiveAuthorizationManager<AuthorizationContext> manager) {
managerBldr.add(matcher, manager);
managerBldr.add(new ServerWebExchangeMatcherEntry<>(matcher, manager));
matcher = null;
return AuthorizeExchangeBuilder.this;
}
@@ -20,32 +20,33 @@ package org.springframework.security.web.server.authorization;
import org.springframework.security.authorization.AuthorizationDecision;
import org.springframework.security.authorization.ReactiveAuthorizationManager;
import org.springframework.security.core.Authentication;
import org.springframework.security.web.server.util.matcher.ServerWebExchangeMatcherEntry;
import org.springframework.security.web.server.util.matcher.ServerWebExchangeMatcher;
import org.springframework.web.server.ServerWebExchange;
import reactor.core.publisher.Flux;
import reactor.core.publisher.Mono;
import java.util.LinkedHashMap;
import java.util.Map;
import java.util.ArrayList;
import java.util.List;
/**
* @author Rob Winch
* @since 5.0
*/
public class DelegatingReactiveAuthorizationManager implements ReactiveAuthorizationManager<ServerWebExchange> {
private final LinkedHashMap<ServerWebExchangeMatcher, ReactiveAuthorizationManager<AuthorizationContext>> mappings;
private final List<ServerWebExchangeMatcherEntry<ReactiveAuthorizationManager<AuthorizationContext>>> mappings;
private DelegatingReactiveAuthorizationManager(LinkedHashMap<ServerWebExchangeMatcher, ReactiveAuthorizationManager<AuthorizationContext>> mappings) {
private DelegatingReactiveAuthorizationManager(List<ServerWebExchangeMatcherEntry<ReactiveAuthorizationManager<AuthorizationContext>>> mappings) {
this.mappings = mappings;
}
@Override
public Mono<AuthorizationDecision> check(Mono<Authentication> authentication, ServerWebExchange exchange) {
return Flux.fromIterable(mappings.entrySet())
.concatMap(entry -> entry.getKey().matches(exchange)
return Flux.fromIterable(mappings)
.concatMap(mapping -> mapping.getMatcher().matches(exchange)
.filter(ServerWebExchangeMatcher.MatchResult::isMatch)
.flatMap(r -> entry.getValue().check(authentication, new AuthorizationContext(exchange, r.getVariables()))))
.flatMap(r -> mapping.getEntry().check(authentication, new AuthorizationContext(exchange, r.getVariables()))))
.next()
.defaultIfEmpty(new AuthorizationDecision(false));
}
@@ -55,13 +56,13 @@ public class DelegatingReactiveAuthorizationManager implements ReactiveAuthoriza
}
public static class Builder {
private final LinkedHashMap<ServerWebExchangeMatcher, ReactiveAuthorizationManager<AuthorizationContext>> mappings = new LinkedHashMap<>();
private final List<ServerWebExchangeMatcherEntry<ReactiveAuthorizationManager<AuthorizationContext>>> mappings = new ArrayList<>();
private Builder() {
}
public DelegatingReactiveAuthorizationManager.Builder add(ServerWebExchangeMatcher matcher, ReactiveAuthorizationManager<AuthorizationContext> manager) {
this.mappings.put(matcher, manager);
public DelegatingReactiveAuthorizationManager.Builder add(ServerWebExchangeMatcherEntry<ReactiveAuthorizationManager<AuthorizationContext>> entry) {
this.mappings.add(entry);
return this;
}
@@ -0,0 +1,41 @@
/*
*
* * Copyright 2002-2017 the original author or authors.
* *
* * Licensed under the Apache License, Version 2.0 (the "License");
* * you may not use this file except in compliance with the License.
* * You may obtain a copy of the License at
* *
* * http://www.apache.org/licenses/LICENSE-2.0
* *
* * Unless required by applicable law or agreed to in writing, software
* * distributed under the License is distributed on an "AS IS" BASIS,
* * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* * See the License for the specific language governing permissions and
* * limitations under the License.
*
*/
package org.springframework.security.web.server.util.matcher;
/**
* @author Rob Winch
* @since 5.0
*/
public class ServerWebExchangeMatcherEntry<T> {
private final ServerWebExchangeMatcher matcher;
private final T entry;
public ServerWebExchangeMatcherEntry(ServerWebExchangeMatcher matcher, T entry) {
this.matcher = matcher;
this.entry = entry;
}
public ServerWebExchangeMatcher getMatcher() {
return matcher;
}
public T getEntry() {
return entry;
}
}
@@ -27,6 +27,7 @@ import org.springframework.security.authorization.AuthorityAuthorizationManager;
import org.springframework.security.authorization.AuthorizationDecision;
import org.springframework.security.core.Authentication;
import org.springframework.security.web.server.util.matcher.ServerWebExchangeMatcher;
import org.springframework.security.web.server.util.matcher.ServerWebExchangeMatcherEntry;
import org.springframework.web.server.ServerWebExchange;
import reactor.core.publisher.Mono;
@@ -62,8 +63,8 @@ public class DelegatingReactiveAuthorizationManagerTests {
@Before
public void setup() {
manager = DelegatingReactiveAuthorizationManager.builder()
.add(match1, delegate1)
.add(match2, delegate2)
.add(new ServerWebExchangeMatcherEntry<>(match1, delegate1))
.add(new ServerWebExchangeMatcherEntry<>(match2, delegate2))
.build();
}