Javadoc Polish
This commit is contained in:
parent
df3dd23772
commit
b9152701a6
|
@ -20,11 +20,20 @@ import org.springframework.security.core.Authentication;
|
||||||
import reactor.core.publisher.Mono;
|
import reactor.core.publisher.Mono;
|
||||||
|
|
||||||
/**
|
/**
|
||||||
|
* Determines if the provided {@link Authentication} can be authenticated.
|
||||||
*
|
*
|
||||||
* @author Rob Winch
|
* @author Rob Winch
|
||||||
* @since 5.0
|
* @since 5.0
|
||||||
*/
|
*/
|
||||||
public interface ReactiveAuthenticationManager {
|
public interface ReactiveAuthenticationManager {
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Attempts to authenticate the provided {@link Authentication}
|
||||||
|
*
|
||||||
|
* @param authentication the {@link Authentication} to test
|
||||||
|
* @return if authentication is successful an {@link Authentication} is returned. If
|
||||||
|
* authentication cannot be determined, an empty Mono is returned. If authentication
|
||||||
|
* fails, a Mono error is returned.
|
||||||
|
*/
|
||||||
Mono<Authentication> authenticate(Authentication authentication);
|
Mono<Authentication> authenticate(Authentication authentication);
|
||||||
}
|
}
|
||||||
|
|
|
@ -20,8 +20,13 @@ import org.springframework.security.core.Authentication;
|
||||||
import reactor.core.publisher.Mono;
|
import reactor.core.publisher.Mono;
|
||||||
|
|
||||||
/**
|
/**
|
||||||
|
* A {@link ReactiveAuthorizationManager} that determines if the current user is
|
||||||
|
* authenticated.
|
||||||
|
*
|
||||||
* @author Rob Winch
|
* @author Rob Winch
|
||||||
* @since 5.0
|
* @since 5.0
|
||||||
|
* @param <T> The type of object authorization is being performed against. This does not
|
||||||
|
* matter since the authorization decision does not use the object.
|
||||||
*/
|
*/
|
||||||
public class AuthenticatedReactiveAuthorizationManager<T> implements ReactiveAuthorizationManager<T> {
|
public class AuthenticatedReactiveAuthorizationManager<T> implements ReactiveAuthorizationManager<T> {
|
||||||
|
|
||||||
|
@ -32,6 +37,11 @@ public class AuthenticatedReactiveAuthorizationManager<T> implements ReactiveAut
|
||||||
.defaultIfEmpty(new AuthorizationDecision(false));
|
.defaultIfEmpty(new AuthorizationDecision(false));
|
||||||
}
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Gets an instance of {@link AuthenticatedReactiveAuthorizationManager}
|
||||||
|
* @param <T>
|
||||||
|
* @return
|
||||||
|
*/
|
||||||
public static <T> AuthenticatedReactiveAuthorizationManager<T> authenticated() {
|
public static <T> AuthenticatedReactiveAuthorizationManager<T> authenticated() {
|
||||||
return new AuthenticatedReactiveAuthorizationManager<>();
|
return new AuthenticatedReactiveAuthorizationManager<>();
|
||||||
}
|
}
|
||||||
|
|
|
@ -21,8 +21,12 @@ import org.springframework.util.Assert;
|
||||||
import reactor.core.publisher.Mono;
|
import reactor.core.publisher.Mono;
|
||||||
|
|
||||||
/**
|
/**
|
||||||
|
* A {@link ReactiveAuthorizationManager} that determines if the current user is
|
||||||
|
* authorized by evaluating if the {@link Authentication} contains a specified authority.
|
||||||
|
*
|
||||||
* @author Rob Winch
|
* @author Rob Winch
|
||||||
* @since 5.0
|
* @since 5.0
|
||||||
|
* @param <T> the type of object being authorized
|
||||||
*/
|
*/
|
||||||
public class AuthorityReactiveAuthorizationManager<T> implements ReactiveAuthorizationManager<T> {
|
public class AuthorityReactiveAuthorizationManager<T> implements ReactiveAuthorizationManager<T> {
|
||||||
private final String authority;
|
private final String authority;
|
||||||
|
@ -42,11 +46,27 @@ public class AuthorityReactiveAuthorizationManager<T> implements ReactiveAuthori
|
||||||
.defaultIfEmpty(new AuthorizationDecision(false));
|
.defaultIfEmpty(new AuthorizationDecision(false));
|
||||||
}
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Creates an instance of {@link AuthorityReactiveAuthorizationManager} with the
|
||||||
|
* provided authority.
|
||||||
|
*
|
||||||
|
* @param authority the authority to check for
|
||||||
|
* @param <T> the type of object being authorized
|
||||||
|
* @return the new instance
|
||||||
|
*/
|
||||||
public static <T> AuthorityReactiveAuthorizationManager<T> hasAuthority(String authority) {
|
public static <T> AuthorityReactiveAuthorizationManager<T> hasAuthority(String authority) {
|
||||||
Assert.notNull(authority, "authority cannot be null");
|
Assert.notNull(authority, "authority cannot be null");
|
||||||
return new AuthorityReactiveAuthorizationManager<>(authority);
|
return new AuthorityReactiveAuthorizationManager<>(authority);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Creates an instance of {@link AuthorityReactiveAuthorizationManager} with the
|
||||||
|
* provided authority.
|
||||||
|
*
|
||||||
|
* @param role the authority to check for prefixed with "ROLE_"
|
||||||
|
* @param <T> the type of object being authorized
|
||||||
|
* @return the new instance
|
||||||
|
*/
|
||||||
public static <T> AuthorityReactiveAuthorizationManager<T> hasRole(String role) {
|
public static <T> AuthorityReactiveAuthorizationManager<T> hasRole(String role) {
|
||||||
Assert.notNull(role, "role cannot be null");
|
Assert.notNull(role, "role cannot be null");
|
||||||
return hasAuthority("ROLE_" + role);
|
return hasAuthority("ROLE_" + role);
|
||||||
|
|
|
@ -21,13 +21,32 @@ import org.springframework.security.core.Authentication;
|
||||||
import reactor.core.publisher.Mono;
|
import reactor.core.publisher.Mono;
|
||||||
|
|
||||||
/**
|
/**
|
||||||
|
* A reactive authorization manager which can determine if an {@link Authentication}
|
||||||
|
* has access to a specific object.
|
||||||
*
|
*
|
||||||
* @author Rob Winch
|
* @author Rob Winch
|
||||||
* @since 5.0
|
* @since 5.0
|
||||||
|
* @param <T> the type of object that the authorization check is being done one.
|
||||||
*/
|
*/
|
||||||
public interface ReactiveAuthorizationManager<T> {
|
public interface ReactiveAuthorizationManager<T> {
|
||||||
|
/**
|
||||||
|
* Determines if access is granted for a specific authentication and object.
|
||||||
|
*
|
||||||
|
* @param authentication the Authentication to check
|
||||||
|
* @param object the object to check
|
||||||
|
* @return an decision or empty Mono if no decision could be made.
|
||||||
|
*/
|
||||||
Mono<AuthorizationDecision> check(Mono<Authentication> authentication, T object);
|
Mono<AuthorizationDecision> check(Mono<Authentication> authentication, T object);
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Determines if access should be granted for a specific authentication and object
|
||||||
|
*
|
||||||
|
|
||||||
|
* @param authentication the Authentication to check
|
||||||
|
* @param object the object to check
|
||||||
|
* @return an empty Mono if authorization is granted or a Mono error if access is
|
||||||
|
* denied
|
||||||
|
*/
|
||||||
default Mono<Void> verify(Mono<Authentication> authentication, T object) {
|
default Mono<Void> verify(Mono<Authentication> authentication, T object) {
|
||||||
return check(authentication, object)
|
return check(authentication, object)
|
||||||
.filter( d -> d.isGranted())
|
.filter( d -> d.isGranted())
|
||||||
|
|
Loading…
Reference in New Issue