Javadoc Polish

This commit is contained in:
Rob Winch 2017-12-21 16:43:11 -06:00
parent df3dd23772
commit b9152701a6
4 changed files with 58 additions and 0 deletions

View File

@ -20,11 +20,20 @@ import org.springframework.security.core.Authentication;
import reactor.core.publisher.Mono; import reactor.core.publisher.Mono;
/** /**
* Determines if the provided {@link Authentication} can be authenticated.
* *
* @author Rob Winch * @author Rob Winch
* @since 5.0 * @since 5.0
*/ */
public interface ReactiveAuthenticationManager { public interface ReactiveAuthenticationManager {
/**
* Attempts to authenticate the provided {@link Authentication}
*
* @param authentication the {@link Authentication} to test
* @return if authentication is successful an {@link Authentication} is returned. If
* authentication cannot be determined, an empty Mono is returned. If authentication
* fails, a Mono error is returned.
*/
Mono<Authentication> authenticate(Authentication authentication); Mono<Authentication> authenticate(Authentication authentication);
} }

View File

@ -20,8 +20,13 @@ import org.springframework.security.core.Authentication;
import reactor.core.publisher.Mono; import reactor.core.publisher.Mono;
/** /**
* A {@link ReactiveAuthorizationManager} that determines if the current user is
* authenticated.
*
* @author Rob Winch * @author Rob Winch
* @since 5.0 * @since 5.0
* @param <T> The type of object authorization is being performed against. This does not
* matter since the authorization decision does not use the object.
*/ */
public class AuthenticatedReactiveAuthorizationManager<T> implements ReactiveAuthorizationManager<T> { public class AuthenticatedReactiveAuthorizationManager<T> implements ReactiveAuthorizationManager<T> {
@ -32,6 +37,11 @@ public class AuthenticatedReactiveAuthorizationManager<T> implements ReactiveAut
.defaultIfEmpty(new AuthorizationDecision(false)); .defaultIfEmpty(new AuthorizationDecision(false));
} }
/**
* Gets an instance of {@link AuthenticatedReactiveAuthorizationManager}
* @param <T>
* @return
*/
public static <T> AuthenticatedReactiveAuthorizationManager<T> authenticated() { public static <T> AuthenticatedReactiveAuthorizationManager<T> authenticated() {
return new AuthenticatedReactiveAuthorizationManager<>(); return new AuthenticatedReactiveAuthorizationManager<>();
} }

View File

@ -21,8 +21,12 @@ import org.springframework.util.Assert;
import reactor.core.publisher.Mono; import reactor.core.publisher.Mono;
/** /**
* A {@link ReactiveAuthorizationManager} that determines if the current user is
* authorized by evaluating if the {@link Authentication} contains a specified authority.
*
* @author Rob Winch * @author Rob Winch
* @since 5.0 * @since 5.0
* @param <T> the type of object being authorized
*/ */
public class AuthorityReactiveAuthorizationManager<T> implements ReactiveAuthorizationManager<T> { public class AuthorityReactiveAuthorizationManager<T> implements ReactiveAuthorizationManager<T> {
private final String authority; private final String authority;
@ -42,11 +46,27 @@ public class AuthorityReactiveAuthorizationManager<T> implements ReactiveAuthori
.defaultIfEmpty(new AuthorizationDecision(false)); .defaultIfEmpty(new AuthorizationDecision(false));
} }
/**
* Creates an instance of {@link AuthorityReactiveAuthorizationManager} with the
* provided authority.
*
* @param authority the authority to check for
* @param <T> the type of object being authorized
* @return the new instance
*/
public static <T> AuthorityReactiveAuthorizationManager<T> hasAuthority(String authority) { public static <T> AuthorityReactiveAuthorizationManager<T> hasAuthority(String authority) {
Assert.notNull(authority, "authority cannot be null"); Assert.notNull(authority, "authority cannot be null");
return new AuthorityReactiveAuthorizationManager<>(authority); return new AuthorityReactiveAuthorizationManager<>(authority);
} }
/**
* Creates an instance of {@link AuthorityReactiveAuthorizationManager} with the
* provided authority.
*
* @param role the authority to check for prefixed with "ROLE_"
* @param <T> the type of object being authorized
* @return the new instance
*/
public static <T> AuthorityReactiveAuthorizationManager<T> hasRole(String role) { public static <T> AuthorityReactiveAuthorizationManager<T> hasRole(String role) {
Assert.notNull(role, "role cannot be null"); Assert.notNull(role, "role cannot be null");
return hasAuthority("ROLE_" + role); return hasAuthority("ROLE_" + role);

View File

@ -21,13 +21,32 @@ import org.springframework.security.core.Authentication;
import reactor.core.publisher.Mono; import reactor.core.publisher.Mono;
/** /**
* A reactive authorization manager which can determine if an {@link Authentication}
* has access to a specific object.
* *
* @author Rob Winch * @author Rob Winch
* @since 5.0 * @since 5.0
* @param <T> the type of object that the authorization check is being done one.
*/ */
public interface ReactiveAuthorizationManager<T> { public interface ReactiveAuthorizationManager<T> {
/**
* Determines if access is granted for a specific authentication and object.
*
* @param authentication the Authentication to check
* @param object the object to check
* @return an decision or empty Mono if no decision could be made.
*/
Mono<AuthorizationDecision> check(Mono<Authentication> authentication, T object); Mono<AuthorizationDecision> check(Mono<Authentication> authentication, T object);
/**
* Determines if access should be granted for a specific authentication and object
*
* @param authentication the Authentication to check
* @param object the object to check
* @return an empty Mono if authorization is granted or a Mono error if access is
* denied
*/
default Mono<Void> verify(Mono<Authentication> authentication, T object) { default Mono<Void> verify(Mono<Authentication> authentication, T object) {
return check(authentication, object) return check(authentication, object)
.filter( d -> d.isGranted()) .filter( d -> d.isGranted())