GitHub-Spring
/
spring-security
mirror of https://github.com/spring-projects/spring-security.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity
Browse Source

Web uses AuthorizationManager<? super RequestAuthorizationContext> 

This allows AuthorizationManager<Object> to be used instead of just
AuthorizationManager<RequestAuthorizationContext>. In addition, the
code was updated to use
`AuthorizationManagerFactory<? super RequestAuthorizationContext>`

Closes gh-17931
pull/17937/head
Rob Winch 3 months ago
parent
675835e525
commit
bce8049815
No known key found for this signature in database
2 changed files with 18 additions and 16 deletions
Whitespace
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Unified View
Diff Options
Show Stats Download Patch File Download Diff File
  1. 20
      config/src/main/java/org/springframework/security/config/annotation/web/configurers/AuthorizeHttpRequestsConfigurer.java
  2. 14
      web/src/main/java/org/springframework/security/web/access/intercept/RequestMatcherDelegatingAuthorizationManager.java

20
config/src/main/java/org/springframework/security/config/annotation/web/configurers/AuthorizeHttpRequestsConfigurer.java
Unescape View File

@ -60,7 +60,7 @@ public final class AuthorizeHttpRequestsConfigurer<H extends HttpSecurityBuilder
private final AuthorizationEventPublisher publisher; private final AuthorizationEventPublisher publisher;
private final AuthorizationManagerFactory<RequestAuthorizationContext> authorizationManagerFactory; private final AuthorizationManagerFactory<? super RequestAuthorizationContext> authorizationManagerFactory;
private ObjectPostProcessor<AuthorizationManager<HttpServletRequest>> postProcessor = ObjectPostProcessor private ObjectPostProcessor<AuthorizationManager<HttpServletRequest>> postProcessor = ObjectPostProcessor
.identity(); .identity();
@ -85,7 +85,7 @@ public final class AuthorizeHttpRequestsConfigurer<H extends HttpSecurityBuilder
provider.ifUnique((postProcessor) -> this.postProcessor = postProcessor); provider.ifUnique((postProcessor) -> this.postProcessor = postProcessor);
} }
private AuthorizationManagerFactory<RequestAuthorizationContext> getAuthorizationManagerFactory( private AuthorizationManagerFactory<? super RequestAuthorizationContext> getAuthorizationManagerFactory(
ApplicationContext context) { ApplicationContext context) {
ResolvableType authorizationManagerFactoryType = ResolvableType ResolvableType authorizationManagerFactoryType = ResolvableType
.forClassWithGenerics(AuthorizationManagerFactory.class, RequestAuthorizationContext.class); .forClassWithGenerics(AuthorizationManagerFactory.class, RequestAuthorizationContext.class);
@ -134,7 +134,7 @@ public final class AuthorizeHttpRequestsConfigurer<H extends HttpSecurityBuilder
} }
private AuthorizationManagerRequestMatcherRegistry addMapping(List<? extends RequestMatcher> matchers, private AuthorizationManagerRequestMatcherRegistry addMapping(List<? extends RequestMatcher> matchers,
AuthorizationManager<RequestAuthorizationContext> manager) { AuthorizationManager<? super RequestAuthorizationContext> manager) {
for (RequestMatcher matcher : matchers) { for (RequestMatcher matcher : matchers) {
this.registry.addMapping(matcher, manager); this.registry.addMapping(matcher, manager);
} }
@ -166,13 +166,15 @@ public final class AuthorizeHttpRequestsConfigurer<H extends HttpSecurityBuilder
setApplicationContext(context); setApplicationContext(context);
} }
private void addMapping(RequestMatcher matcher, AuthorizationManager<RequestAuthorizationContext> manager) { private void addMapping(RequestMatcher matcher,
AuthorizationManager<? super RequestAuthorizationContext> manager) {
this.unmappedMatchers = null; this.unmappedMatchers = null;
this.managerBuilder.add(matcher, manager); this.managerBuilder.add(matcher, manager);
this.mappingCount++; this.mappingCount++;
} }
private void addFirst(RequestMatcher matcher, AuthorizationManager<RequestAuthorizationContext> manager) { private void addFirst(RequestMatcher matcher,
AuthorizationManager<? super RequestAuthorizationContext> manager) {
this.unmappedMatchers = null; this.unmappedMatchers = null;
this.managerBuilder.mappings((m) -> m.add(0, new RequestMatcherEntry<>(matcher, manager))); this.managerBuilder.mappings((m) -> m.add(0, new RequestMatcherEntry<>(matcher, manager)));
this.mappingCount++; this.mappingCount++;
@ -220,7 +222,7 @@ public final class AuthorizeHttpRequestsConfigurer<H extends HttpSecurityBuilder
private final List<? extends RequestMatcher> matchers; private final List<? extends RequestMatcher> matchers;
private AuthorizationManagerFactory<RequestAuthorizationContext> authorizationManagerFactory; private AuthorizationManagerFactory<? super RequestAuthorizationContext> authorizationManagerFactory;
private boolean not; private boolean not;
@ -231,7 +233,7 @@ public final class AuthorizeHttpRequestsConfigurer<H extends HttpSecurityBuilder
* creating instances of {@link AuthorizationManager} * creating instances of {@link AuthorizationManager}
*/ */
AuthorizedUrl(List<? extends RequestMatcher> matchers, AuthorizedUrl(List<? extends RequestMatcher> matchers,
AuthorizationManagerFactory<RequestAuthorizationContext> authorizationManagerFactory) { AuthorizationManagerFactory<? super RequestAuthorizationContext> authorizationManagerFactory) {
this.matchers = matchers; this.matchers = matchers;
this.authorizationManagerFactory = authorizationManagerFactory; this.authorizationManagerFactory = authorizationManagerFactory;
} }
@ -241,7 +243,7 @@ public final class AuthorizeHttpRequestsConfigurer<H extends HttpSecurityBuilder
} }
void setAuthorizationManagerFactory( void setAuthorizationManagerFactory(
AuthorizationManagerFactory<RequestAuthorizationContext> authorizationManagerFactory) { AuthorizationManagerFactory<? super RequestAuthorizationContext> authorizationManagerFactory) {
this.authorizationManagerFactory = authorizationManagerFactory; this.authorizationManagerFactory = authorizationManagerFactory;
} }
@ -403,7 +405,7 @@ public final class AuthorizeHttpRequestsConfigurer<H extends HttpSecurityBuilder
* customizations * customizations
*/ */
public AuthorizationManagerRequestMatcherRegistry access( public AuthorizationManagerRequestMatcherRegistry access(
AuthorizationManager<RequestAuthorizationContext> manager) { AuthorizationManager<? super RequestAuthorizationContext> manager) {
Assert.notNull(manager, "manager cannot be null"); Assert.notNull(manager, "manager cannot be null");
return (this.not) return (this.not)
? AuthorizeHttpRequestsConfigurer.this.addMapping(this.matchers, AuthorizationManagers.not(manager)) ? AuthorizeHttpRequestsConfigurer.this.addMapping(this.matchers, AuthorizationManagers.not(manager))

14
web/src/main/java/org/springframework/security/web/access/intercept/RequestMatcherDelegatingAuthorizationManager.java
Unescape View File

@ -55,10 +55,10 @@ public final class RequestMatcherDelegatingAuthorizationManager implements Autho
private final Log logger = LogFactory.getLog(getClass()); private final Log logger = LogFactory.getLog(getClass());
private final List<RequestMatcherEntry<AuthorizationManager<RequestAuthorizationContext>>> mappings; private final List<RequestMatcherEntry<AuthorizationManager<? super RequestAuthorizationContext>>> mappings;
private RequestMatcherDelegatingAuthorizationManager( private RequestMatcherDelegatingAuthorizationManager(
List<RequestMatcherEntry<AuthorizationManager<RequestAuthorizationContext>>> mappings) { List<RequestMatcherEntry<AuthorizationManager<? super RequestAuthorizationContext>>> mappings) {
Assert.notEmpty(mappings, "mappings cannot be empty"); Assert.notEmpty(mappings, "mappings cannot be empty");
this.mappings = mappings; this.mappings = mappings;
} }
@ -69,12 +69,12 @@ public final class RequestMatcherDelegatingAuthorizationManager implements Autho
if (this.logger.isTraceEnabled()) { if (this.logger.isTraceEnabled()) {
this.logger.trace(LogMessage.format("Authorizing %s", requestLine(request))); this.logger.trace(LogMessage.format("Authorizing %s", requestLine(request)));
} }
for (RequestMatcherEntry<AuthorizationManager<RequestAuthorizationContext>> mapping : this.mappings) { for (RequestMatcherEntry<AuthorizationManager<? super RequestAuthorizationContext>> mapping : this.mappings) {
RequestMatcher matcher = mapping.getRequestMatcher(); RequestMatcher matcher = mapping.getRequestMatcher();
MatchResult matchResult = matcher.matcher(request); MatchResult matchResult = matcher.matcher(request);
if (matchResult.isMatch()) { if (matchResult.isMatch()) {
AuthorizationManager<RequestAuthorizationContext> manager = mapping.getEntry(); AuthorizationManager<? super RequestAuthorizationContext> manager = mapping.getEntry();
if (this.logger.isTraceEnabled()) { if (this.logger.isTraceEnabled()) {
this.logger.trace( this.logger.trace(
LogMessage.format("Checking authorization on %s using %s", requestLine(request), manager)); LogMessage.format("Checking authorization on %s using %s", requestLine(request), manager));
@ -108,7 +108,7 @@ public final class RequestMatcherDelegatingAuthorizationManager implements Autho
private boolean anyRequestConfigured; private boolean anyRequestConfigured;
private final List<RequestMatcherEntry<AuthorizationManager<RequestAuthorizationContext>>> mappings = new ArrayList<>(); private final List<RequestMatcherEntry<AuthorizationManager<? super RequestAuthorizationContext>>> mappings = new ArrayList<>();
/** /**
* Maps a {@link RequestMatcher} to an {@link AuthorizationManager}. * Maps a {@link RequestMatcher} to an {@link AuthorizationManager}.
@ -116,7 +116,7 @@ public final class RequestMatcherDelegatingAuthorizationManager implements Autho
* @param manager the {@link AuthorizationManager} to use * @param manager the {@link AuthorizationManager} to use
* @return the {@link Builder} for further customizations * @return the {@link Builder} for further customizations
*/ */
public Builder add(RequestMatcher matcher, AuthorizationManager<RequestAuthorizationContext> manager) { public Builder add(RequestMatcher matcher, AuthorizationManager<? super RequestAuthorizationContext> manager) {
Assert.state(!this.anyRequestConfigured, "Can't add mappings after anyRequest"); Assert.state(!this.anyRequestConfigured, "Can't add mappings after anyRequest");
Assert.notNull(matcher, "matcher cannot be null"); Assert.notNull(matcher, "matcher cannot be null");
Assert.notNull(manager, "manager cannot be null"); Assert.notNull(manager, "manager cannot be null");
@ -133,7 +133,7 @@ public final class RequestMatcherDelegatingAuthorizationManager implements Autho
* @since 5.7 * @since 5.7
*/ */
public Builder mappings( public Builder mappings(
Consumer<List<RequestMatcherEntry<AuthorizationManager<RequestAuthorizationContext>>>> mappingsConsumer) { Consumer<List<RequestMatcherEntry<AuthorizationManager<? super RequestAuthorizationContext>>>> mappingsConsumer) {
Assert.state(!this.anyRequestConfigured, "Can't configure mappings after anyRequest"); Assert.state(!this.anyRequestConfigured, "Can't configure mappings after anyRequest");
Assert.notNull(mappingsConsumer, "mappingsConsumer cannot be null"); Assert.notNull(mappingsConsumer, "mappingsConsumer cannot be null");
mappingsConsumer.accept(this.mappings); mappingsConsumer.accept(this.mappings);

Write Preview
Loading…
Cancel
Save