private Set<String> expectedScopes(ProviderRequest request) { List<ScopeValidator.Scopes> expectedScopes = request.endpointConfig() .combineAnnotations(ScopeValidator.Scopes.class, EndpointConfig.AnnotationScope.values()); Set<String> result = new HashSet<>(); expectedScopes.stream() .map(ScopeValidator.Scopes::value) .map(Arrays::asList) .map(List::stream) .forEach(stream -> stream.map(ScopeValidator.Scope::value) .forEach(result::add)); return result; }
/** * Create an instance of endpoint config with default values (e.g. all empty). * * @return endpoint config instance */ public static EndpointConfig create() { return builder().build(); }
Optional<Object> maybeUsername = outboundEp.abacAttribute(EP_PROPERTY_OUTBOUND_USER); if (maybeUsername.isPresent()) { String username = maybeUsername.get().toString(); .asOptional() .map(user -> { Optional<Object> password = outboundEp.abacAttribute(EP_PROPERTY_OUTBOUND_PASSWORD); if (password.isPresent()) { return toBasicAuthOutbound(new UserStore.User() {
Collection<Class<? extends Annotation>> annotations = validator.supportedAnnotations(); Optional<? extends AbacValidatorConfig> customObject = epConfig.instance(configClass); if (customObject.isPresent()) { attributes.add(new RuntimeAttribute(validator, customObject.get())); } else { OptionalHelper.from(epConfig.config(configKey)) .ifPresentOrElse(attribConfig -> attributes .add(new RuntimeAttribute(validator, validator.fromConfig(attribConfig))), () -> { for (Class<? extends Annotation> annotation : annotations) { List<? extends Annotation> list = epConfig .combineAnnotations(annotation, EndpointConfig.AnnotationScope.values()); annotationConfig.addAll(list);
.headers(HttpUtil.toSimpleMap(requestContext.getStringHeaders())); EndpointConfig.Builder outboundEp = context.endpointConfig().derive(); for (String name : requestContext.getPropertyNames()) { outboundEp.addAtribute(name, requestContext.getProperty(name));
/** * Get all annotations of a specific class declared on any level. * * @param annotationClass Class of annotation you want * @param scopes scopes the caller is interested in * @param <T> type of annotation wanted * @return list of annotations in order specified by methodFirst parameter */ @SuppressWarnings("unchecked") public <T extends Annotation> List<T> combineAnnotations(Class<T> annotationClass, AnnotationScope... scopes) { List<T> result = new LinkedList<>(); result.addAll((Collection<? extends T>) annotations(scopes).getOrDefault(annotationClass, CollectionsHelper.listOf())); return result; }
Collection<Class<? extends Annotation>> annotations = validator.supportedAnnotations(); Optional<? extends AbacValidatorConfig> customObject = epConfig.instance(configClass); if (customObject.isPresent()) { attributes.add(new RuntimeAttribute(validator, customObject.get())); } else { OptionalHelper.from(epConfig.config(configKey)) .ifPresentOrElse(attribConfig -> attributes .add(new RuntimeAttribute(validator, validator.fromConfig(attribConfig))), () -> { for (Class<? extends Annotation> annotation : annotations) { List<? extends Annotation> list = epConfig .combineAnnotations(annotation, EndpointConfig.AnnotationScope.values()); annotationConfig.addAll(list);
.derive() .configMap(configMap) .customObjects(customObjects.orElse(new ClassToInstanceStore<>()))
private void validateAnnotations(EndpointConfig epConfig, Errors.Collector collector) { .annotations(EndpointConfig.AnnotationScope.values());
@Override public ScopesConfig fromAnnotations(EndpointConfig endpointConfig) { List<Scope> scopes = new ArrayList<>(); for (EndpointConfig.AnnotationScope value : EndpointConfig.AnnotationScope.values()) { List<Annotation> annotations = new ArrayList<>(); for (Class<? extends Annotation> annotation : supportedAnnotations()) { List<? extends Annotation> list = endpointConfig.combineAnnotations(annotation, value); annotations.addAll(list); } for (Annotation annot : annotations) { if (annot instanceof Scopes) { scopes.addAll(Arrays.asList(((Scopes) annot).value())); } else if (annot instanceof Scope) { scopes.add((Scope) annot); } } } return ScopesConfig.create(scopes); }
/** * Derive a new endpoint configuration builder based on this instance. * * @return builder to build a modified copy of this endpoint config */ public Builder derive() { Builder result = builder() .attributes(attributes) .customObjects(customObjects) .configMap(configMap); annotations.forEach(result::annotations); return result; }
EndpointConfig outboundEndpointConfig) { Optional<Object> maybeUsername = outboundEndpointConfig.abacAttribute(EP_PROPERTY_OUTBOUND_USER); return maybeUsername .map(String::valueOf)
.headers(HttpUtil.toSimpleMap(requestContext.getStringHeaders())); EndpointConfig.Builder outboundEp = context.endpointConfig().derive(); for (String name : requestContext.getPropertyNames()) { outboundEp.addAtribute(name, requestContext.getProperty(name));
private void validateAnnotations(EndpointConfig epConfig, Errors.Collector collector) { .annotations(EndpointConfig.AnnotationScope.values());
@Override protected AuthenticationResponse syncAuthenticate(ProviderRequest providerRequest) { if (!authenticate) { return AuthenticationResponse.abstain(); } List<LoginConfig> loginConfigs = providerRequest.endpointConfig() .combineAnnotations(LoginConfig.class, EndpointConfig.AnnotationScope.APPLICATION); try { return loginConfigs.stream() .filter(JwtAuthAnnotationAnalyzer::isMpJwt) .findFirst() .map(loginConfig -> authenticate(providerRequest, loginConfig)) .orElseGet(AuthenticationResponse::abstain); } catch (java.lang.SecurityException e) { return AuthenticationResponse.failed("Failed to process authentication header", e); } }
@Override public SecurityContext build() { if (null == env) { env = SecurityEnvironment.builder(serverTime).build(); } if (null == ec) { ec = EndpointConfig.builder().build(); } return new SecurityContextImpl(this); }
EndpointConfig outboundEndpointConfig) { Optional<Object> maybeUsername = outboundEndpointConfig.abacAttribute(EP_PROPERTY_OUTBOUND_USER); return maybeUsername .map(String::valueOf)
.derive() .configMap(configMap) .customObjects(customObjects.orElse(new ClassToInstanceStore<>()))
@Override public PolicyConfig fromAnnotations(EndpointConfig endpointConfig) { PolicyConfig.Builder resultBuilder = PolicyConfig.builder(); for (EndpointConfig.AnnotationScope value : EndpointConfig.AnnotationScope.values()) { List<Annotation> annotations = new ArrayList<>(); for (Class<? extends Annotation> annotation : supportedAnnotations()) { List<? extends Annotation> list = endpointConfig.combineAnnotations(annotation, value); annotations.addAll(list); } for (Annotation annotation : annotations) { if (annotation instanceof PolicyStatement) { PolicyStatement statement = (PolicyStatement) annotation; resultBuilder.from(PolicyConfig.builder().from(statement).build()); } } } return resultBuilder.build(); }
.build(); EndpointConfig ec = EndpointConfig.builder() .annotations(APPLICATION, filterContext.getMethodSecurity().getApplicationScope()) .annotations(CLASS, filterContext.getMethodSecurity().getResourceScope())