public MApiOperationBuilder(Route route) { this.route = route; MApiSecurityReq[] securities = route.getExtension(MApiSecurityReq[].class); if(null != securities) { for(MApiSecurityReq security : securities) { this.security.put(security.getName(), security); } }else { if(!security.containsKey(SwaggerConstants.OAUTH2)){ MApiSecurityReq sec = new MApiSecurityReq(SwaggerConstants.OAUTH2); security.put(sec.getName(), sec); } if(route.getPermissions() != null){ security.get(SwaggerConstants.OAUTH2).addScopes(route.getPermissions()); } } if(null != route.getAllowAnonymous()) { this.allowAnonymous = route.getAllowAnonymous(); } if(null != route.getAllowClientOnly()){ this.allowClientOnly = route.getAllowClientOnly(); } this.extension = route.getExtension(MApiExtension.class); }
public DefaultSecuredPathBuilder(Route route) { this.route = route; this.pattern = route.getPathTemplate(); }
protected SecuredPathBuilder spb(Route route) { SecuredPathBuilder spb = route.getExtension(SecuredPathBuilder.class); if(null == spb) { spb = new DefaultSecuredPathBuilder(route); route.setExtension(SecuredPathBuilder.class, spb); } return spb; }
protected void postConfigApi(App app, ApiConfig c) { c.getApiRoutes().forEach(ar -> { Route route = ar.getRoute(); if(c.isDefaultAnonymous() && null == route.getAllowAnonymous()) { route.setAllowAnonymous(true); } }); }
@Override public void processRoute(Route route) { if(null != route.getAction()){ Ignore ignore = route.getAction().searchAnnotation(Ignore.class); if(null != ignore && ignore.value()){ configurator.ignore(route.getPathTemplate().getTemplate()); if(null != route.getAllowAnonymous()) { spb(route).setAllowAnonymous(route.getAllowAnonymous()); if(null != route.getAllowClientOnly()) { spb(route).setAllowClientOnly(route.getAllowClientOnly()); if(null != route.getAllowRememberMe()) { spb(route).setAllowRememberMe(route.getAllowRememberMe()); if(null != route.getPermissions()) { spb(route).setPermissions(route.getPermissions()); if(null != route.getRoles()) { spb(route).setRoles(route.getRoles()); if(Strings.startsWith(route.getPathTemplate().getTemplate(), prefix)) { log.debug("Set failure handler for path prefix '{}'", route.getPathTemplate()); spb(route).setFailureHandler(handler); SecuredPathBuilder spb = route.removeExtension(SecuredPathBuilder.class); if(null != spb) { route.setExtension(SecuredPath.class, spb.build());
protected boolean isOperationExists(RestdContext context, RouteBuilder route) { for(ApiRoute ar : context.getApiConfig().getApiRoutes()) { Route route1 = ar.getRoute(); if(route.getMethod().equalsIgnoreCase(route1.getMethod()) && route.getPathTemplate().getTemplate().equals(route1.getPathTemplate().getTemplate())) { route.setAction(route1.getAction()); route.setEnabled(false); return true; } } for(RestdOperationSupport support : operationSupports) { if(support.isOperationExists(context, route)) { if(null == route.getEnabled()) { route.setEnabled(false); } return route.isDisabledExplicitly(); } } return false; }
protected void resolveResourceType(App app, ApiConfigurator c , Route route) { Class<?> resourceType = null; Resource resource = route.getAction().searchAnnotation(Resource.class); if(null != resource) { resourceType = resource.value(); } if(null != route.getAction().getController()) { ResourceWrapper rw = route.getAction().getControllerAnnotation(ResourceWrapper.class); if(null != rw) { Class<?> cls = route.getAction().getController().getClass(); if(cls.getTypeParameters().length == 1) { resourceType = cls.getTypeParameters()[0].getGenericDeclaration(); }else { Class<?>[] types = Types.getActualTypeArguments(cls.getGenericSuperclass()); if(types.length == 1) { resourceType = types[0]; } } } } if(null != resourceType) { c.setResourceType(route, resourceType); resolveResourcePermissions(app, c, route, resourceType); } }
if(route.getAllowAnonymous() == Boolean.TRUE) { return true; SimpleSecurity[] securities = route.getSecurities(); if(null != securities && securities.length > 0) { List<SimpleSecurity> matches = new ArrayList<>(); if(authc.isRememberMe() && (null == route.getAllowRememberMe() || !route.getAllowRememberMe())){ return false; if(authc.isClientOnly() && (null == route.getAllowClientOnly() || !route.getAllowClientOnly())) { context.setDenyMessage("client only authentication not allowed"); return false;
protected void setApiMethod(ApiMetadataContext context, ApiMetadataBuilder m, Route route, MApiOperationBuilder op) { String method = route.getMethod(); if("*".equals(method)) { boolean hasBodyParameter = false; for(Argument a : route.getAction().getArguments()) { if(a.getLocation() == Location.REQUEST_BODY || a.getLocation() == Location.PART_PARAM) { hasBodyParameter = true; } } if(hasBodyParameter) { op.setMethod(HTTP.Method.POST); }else{ op.setMethod(HTTP.Method.GET); } }else{ op.setMethod(HTTP.Method.valueOf(method)); } }
protected void createApiPath(ApiMetadataContext context, ApiMetadataBuilder md, Route route) { PathTemplate pt = route.getPathTemplate(); String pathTemplate = Strings.removeStart(pt.getTemplate(), md.getBasePath()); if(!Strings.startsWith(pathTemplate,"/")){ pathTemplate = "/"+pathTemplate; } MApiPathBuilder path = md.getPath(pathTemplate); if(null == path) { path = new MApiPathBuilder(); path.setPathTemplate(pathTemplate); md.addPath(path); } log.debug("Path {} -> {} :", pt, route.getAction()); path.addOperation(createOperation(context, md, route)); }
protected void createApiResponses(ApiMetadataContext context, ApiMetadataBuilder m, Route route, MApiOperationBuilder op) { MApiResponseBuilder[] resps = route.getAction().getExtension(MApiResponseBuilder[].class); if(null != resps && resps.length > 0) { for(MApiResponseBuilder resp : resps) { route.getAction().getAnnotationsByType(Response.class); Integer status = route.getSuccessStatus(); if(null == status) { status = 200; if(route.getAction().hasReturnValue()) { Class<?> returnType = route.getAction().getReturnType(); Type genericReturnType = route.getAction().getGenericReturnType(); resolveApiResponseType(context, m, route.getAction().getControllerClass(), returnType, genericReturnType, resp);
@Override public MApiOperationBuilder createOperation(ApiMetadataContext context, ApiMetadataBuilder m, Route route) { MApiOperationBuilder op = route.getAction().getExtension(MApiOperationBuilder.class); if(null != op){ op.setRoute(route); return op; } op = new MApiOperationBuilder(route); op.setName(route.getAction().getName()); op.setCorsEnabled(route.isCorsEnabled()); //Set http method setApiMethod(context, m, route, op); log.debug(" {}", op.getMethod()); //Create security createApiSecurity(context, m, route, op); //Create parameters. createApiParameters(context, m, route, op); //Create responses. createApiResponses(context, m, route, op); return op; }
@Override public void postProcess(ApiMetadataContext context, ApiMetadataBuilder m) { m.getPaths().values().forEach(p -> { for(MApiOperationBuilder op : p.getOperations()) { Route route = op.getRoute(); if(null != route) { MetaEntity entity = route.getExtension(MetaEntity.class); MApiExtension extension = route.getExtension(MApiExtension.class); if(null != entity && null != extension) { String crud = (String)extension.getAttribute("crud"); if(!Strings.isEmpty(crud)) { doc(route, op, entity, crud); } } } } }); }
protected void resolveResourcePermissions(App app, ApiConfigurator c, Route route, Class<?> resourceType) { if(null != route.getPermissions()) { return; } ResourcePermissions rps = c.config().getResourcePermissionsSet().tryGetResourcePermissions(resourceType); if(null == rps) { return; } MApiPermission[] permissions = rps.resolvePermissions(route, resourceType); if(null != permissions && permissions.length > 0) { String[] values = new String[permissions.length]; for(int i=0;i<values.length;i++) { values[i] = permissions[i].getValue(); } route.setPermissions(values); for(MApiPermission p : permissions) { c.tryAddPermission(p); } } }
@Override public Boolean tryCheckAuthorization(SecurityContextHolder context) { //Check roles if(!checkRoles(context, route.getRoles())) { context.setDenyMessage("Roles [" + Strings.join(route.getRoles(), ',') + "] required"); return false; } //Check permissions if(!checkPermissions(context, route.getPermissions())) { context.setDenyMessage("Permissions [" + Strings.join(route.getPermissions(), ',') + "] required"); return false; } SimpleSecurity[] securities = context.getSecurities(); if(null != securities && securities.length > 0) { for(SimpleSecurity security : securities) { if(checkPermissions(context, security.getPermissions()) && checkRoles(context, security.getRoles())) { return true; } } context.setDenyMessage(getAuthorizationDenyMessage(context.getAuthentication(), securities)); return false; } return null; }
@Override public String[] getPermissions() { return route.getPermissions(); }
@Override public Boolean getAllowAnonymous() { return route.getAllowAnonymous(); }
@Override public Boolean getAllowClientOnly() { return route.getAllowClientOnly(); }
protected void completeProcessDefault(ApiMetadataContext context, ApiMetadata m) { final ApiConfig c = context.getConfig(); m.getPaths().forEach((k,path) -> { for(MApiOperation op : path.getOperations()) { Route route = op.getRoute(); if(null != route) { route.setExtension(MApiPath.class, path); route.setExtension(MApiOperation.class, op); } } }); }