@Override public SimpleSecurity build() { return new SimpleSecurity(userRequired, clientRequired, permissions, roles); } }
protected String getAuthenticationDenyMessage(Authentication authc, SimpleSecurity[] securities) { StringBuilder s = new StringBuilder(); s.append("Expected one of authentications [ "); for(int i=0;i<securities.length;i++) { SimpleSecurity sec = securities[i]; if(i > 0) { s.append(" , "); } s.append("("); s.append("user: ").append(sec.isUserRequired()); s.append(", client: ").append(sec.isClientRequired()); s.append(")"); } s.append(" ], Actual "); s.append("("); s.append("user: ").append(authc.isUserAuthenticated()); s.append(", client: ").append(authc.isClientAuthenticated()); s.append(")"); return s.toString(); }
protected String getAuthorizationDenyMessage(Authentication authc, SimpleSecurity[] securities) { StringBuilder s = new StringBuilder(); s.append("Expected one of authorizations [ "); for(int i=0;i<securities.length;i++) { SimpleSecurity sec = securities[i]; if(i > 0) { s.append(" , "); } s.append("("); s.append(" perms: ").append(Strings.join(sec.getPermissions(), ' ')); s.append(", roles: ").append(Strings.join(sec.getRoles(), ' ')); s.append(")"); } s.append(" ], Actual "); s.append("("); s.append("perms: ").append(Strings.join(authc.getPermissions(), ' ')); s.append(", roles: ").append(Strings.join(authc.getRoles(), ' ')); s.append(")"); return s.toString(); }
List<SimpleSecurity> matches = new ArrayList<>(); for(SimpleSecurity security : securities) { if(security.matchAuthentication(authc)) { matches.add(security);
@Override public Boolean tryCheckAuthorization(SecurityContextHolder context) { //Check roles if(!checkRoles(context, route.getRoles())) { context.setDenyMessage("Roles [" + Strings.join(route.getRoles(), ',') + "] required"); return false; } //Check permissions if(!checkPermissions(context, route.getPermissions())) { context.setDenyMessage("Permissions [" + Strings.join(route.getPermissions(), ',') + "] required"); return false; } SimpleSecurity[] securities = context.getSecurities(); if(null != securities && securities.length > 0) { for(SimpleSecurity security : securities) { if(checkPermissions(context, security.getPermissions()) && checkRoles(context, security.getRoles())) { return true; } } context.setDenyMessage(getAuthorizationDenyMessage(context.getAuthentication(), securities)); return false; } return null; }