Javadoc Polish
This commit is contained in:
Rob Winch
parent
df3dd23772
commit
b9152701a6
|
|
@ -20,11 +20,20 @@ import org.springframework.security.core.Authentication;
|
|||
import reactor.core.publisher.Mono;
|
||||
|
||||
/**
|
||||
* Determines if the provided {@link Authentication} can be authenticated.
|
||||
*
|
||||
* @author Rob Winch
|
||||
* @since 5.0
|
||||
*/
|
||||
public interface ReactiveAuthenticationManager {
|
||||
|
||||
/**
|
||||
* Attempts to authenticate the provided {@link Authentication}
|
||||
*
|
||||
* @param authentication the {@link Authentication} to test
|
||||
* @return if authentication is successful an {@link Authentication} is returned. If
|
||||
* authentication cannot be determined, an empty Mono is returned. If authentication
|
||||
* fails, a Mono error is returned.
|
||||
*/
|
||||
Mono<Authentication> authenticate(Authentication authentication);
|
||||
}
|
||||
|
|
|
|||
|
|
@ -20,8 +20,13 @@ import org.springframework.security.core.Authentication;
|
|||
import reactor.core.publisher.Mono;
|
||||
|
||||
/**
|
||||
* A {@link ReactiveAuthorizationManager} that determines if the current user is
|
||||
* authenticated.
|
||||
*
|
||||
* @author Rob Winch
|
||||
* @since 5.0
|
||||
* @param <T> The type of object authorization is being performed against. This does not
|
||||
* matter since the authorization decision does not use the object.
|
||||
*/
|
||||
public class AuthenticatedReactiveAuthorizationManager<T> implements ReactiveAuthorizationManager<T> {
|
||||
|
||||
|
|
@ -32,6 +37,11 @@ public class AuthenticatedReactiveAuthorizationManager<T> implements ReactiveAut
|
|||
.defaultIfEmpty(new AuthorizationDecision(false));
|
||||
}
|
||||
|
||||
/**
|
||||
* Gets an instance of {@link AuthenticatedReactiveAuthorizationManager}
|
||||
* @param <T>
|
||||
* @return
|
||||
*/
|
||||
public static <T> AuthenticatedReactiveAuthorizationManager<T> authenticated() {
|
||||
return new AuthenticatedReactiveAuthorizationManager<>();
|
||||
}
|
||||
|
|
|
|||
|
|
@ -21,8 +21,12 @@ import org.springframework.util.Assert;
|
|||
import reactor.core.publisher.Mono;
|
||||
|
||||
/**
|
||||
* A {@link ReactiveAuthorizationManager} that determines if the current user is
|
||||
* authorized by evaluating if the {@link Authentication} contains a specified authority.
|
||||
*
|
||||
* @author Rob Winch
|
||||
* @since 5.0
|
||||
* @param <T> the type of object being authorized
|
||||
*/
|
||||
public class AuthorityReactiveAuthorizationManager<T> implements ReactiveAuthorizationManager<T> {
|
||||
private final String authority;
|
||||
|
|
@ -42,11 +46,27 @@ public class AuthorityReactiveAuthorizationManager<T> implements ReactiveAuthori
|
|||
.defaultIfEmpty(new AuthorizationDecision(false));
|
||||
}
|
||||
|
||||
/**
|
||||
* Creates an instance of {@link AuthorityReactiveAuthorizationManager} with the
|
||||
* provided authority.
|
||||
*
|
||||
* @param authority the authority to check for
|
||||
* @param <T> the type of object being authorized
|
||||
* @return the new instance
|
||||
*/
|
||||
public static <T> AuthorityReactiveAuthorizationManager<T> hasAuthority(String authority) {
|
||||
Assert.notNull(authority, "authority cannot be null");
|
||||
return new AuthorityReactiveAuthorizationManager<>(authority);
|
||||
}
|
||||
|
||||
/**
|
||||
* Creates an instance of {@link AuthorityReactiveAuthorizationManager} with the
|
||||
* provided authority.
|
||||
*
|
||||
* @param role the authority to check for prefixed with "ROLE_"
|
||||
* @param <T> the type of object being authorized
|
||||
* @return the new instance
|
||||
*/
|
||||
public static <T> AuthorityReactiveAuthorizationManager<T> hasRole(String role) {
|
||||
Assert.notNull(role, "role cannot be null");
|
||||
return hasAuthority("ROLE_" + role);
|
||||
|
|
|
|||
|
|
@ -21,13 +21,32 @@ import org.springframework.security.core.Authentication;
|
|||
import reactor.core.publisher.Mono;
|
||||
|
||||
/**
|
||||
* A reactive authorization manager which can determine if an {@link Authentication}
|
||||
* has access to a specific object.
|
||||
*
|
||||
* @author Rob Winch
|
||||
* @since 5.0
|
||||
* @param <T> the type of object that the authorization check is being done one.
|
||||
*/
|
||||
public interface ReactiveAuthorizationManager<T> {
|
||||
/**
|
||||
* Determines if access is granted for a specific authentication and object.
|
||||
*
|
||||
* @param authentication the Authentication to check
|
||||
* @param object the object to check
|
||||
* @return an decision or empty Mono if no decision could be made.
|
||||
*/
|
||||
Mono<AuthorizationDecision> check(Mono<Authentication> authentication, T object);
|
||||
|
||||
/**
|
||||
* Determines if access should be granted for a specific authentication and object
|
||||
*
|
||||
|
||||
* @param authentication the Authentication to check
|
||||
* @param object the object to check
|
||||
* @return an empty Mono if authorization is granted or a Mono error if access is
|
||||
* denied
|
||||
*/
|
||||
default Mono<Void> verify(Mono<Authentication> authentication, T object) {
|
||||
return check(authentication, object)
|
||||
.filter( d -> d.isGranted())
|
||||
|
|
|
|||
Loading…
Reference in New Issue