Package org.uberfire.security.server.authz.cdi

Source Code of org.uberfire.security.server.authz.cdi.AbstractSecurityInterceptor

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
package org.uberfire.security.server.authz.cdi;

import java.lang.annotation.Annotation;
import java.lang.reflect.Method;
import java.util.ArrayList;
import java.util.Collection;
import java.util.List;
import javax.enterprise.context.SessionScoped;
import javax.inject.Inject;
import javax.interceptor.AroundInvoke;
import javax.interceptor.InvocationContext;

import org.uberfire.security.Subject;
import org.uberfire.security.annotations.RolesType;
import org.uberfire.security.annotations.SecurityTrait;
import org.uberfire.security.authz.AuthorizationException;
import org.uberfire.security.authz.AuthorizationManager;
import org.uberfire.security.authz.RuntimeResource;
import org.uberfire.security.server.cdi.AppResourcesAuthz;

public abstract class AbstractSecurityInterceptor {

    @Inject
    @AppResourcesAuthz
    private AuthorizationManager authzManager;

    @Inject
    @SessionScoped
    private Subject subject;

    @AroundInvoke
    public Object interceptInvoke( final InvocationContext ctx ) throws Exception {

        final Method method = ctx.getMethod();

        final RuntimeResource resource = new RuntimeResource() {

            List<String> roles = null;
            List<String> traits = null;

            @Override
            public String getSignatureId() {
                return method.toString();
            }

            @Override
            public Collection<String> getRoles() {
                if ( roles == null ) {
                    build();
                }
                return roles;
            }

            @Override
            public Collection<String> getTraits() {
                if ( traits == null ) {
                    build();
                }
                return traits;
            }

            private synchronized void build() {
                this.roles = new ArrayList<String>();
                this.traits = new ArrayList<String>();

                final List<Annotation[]> availableAnnotations = new ArrayList<Annotation[]>( 2 );
                availableAnnotations.add( method.getAnnotations() );
                availableAnnotations.add( method.getDeclaringClass().getAnnotations() );

                for ( final Annotation[] annotations : availableAnnotations ) {
                    for ( final Annotation annotation : annotations ) {
                        if ( annotation.annotationType().getAnnotation( RolesType.class ) != null ) {
                            for ( final Method annotationMethod : annotation.getClass().getDeclaredMethods() ) {
                                final String paramName = annotationMethod.getName().intern();
                                if ( paramName.equals( "value" ) ) {
                                    try {
                                        if ( annotationMethod.getReturnType().isArray() ) {
                                            final Object[] params = (Object[]) annotationMethod.invoke( annotation );
                                            for ( final Object param : params ) {
                                                roles.add( param.toString() );
                                            }
                                        } else {
                                            final Object param = annotationMethod.invoke( annotation );
                                            roles.add( param.toString() );
                                        }
                                    } catch ( Exception e ) {
                                    }
                                    break;
                                }
                            }
                        } else if ( annotation.annotationType().getAnnotation( SecurityTrait.class ) != null ) {
                            traits.add( annotation.annotationType().getName() );
                        }
                    }
                }
            }
        };

        if ( !authzManager.authorize( resource, subject ) ) {
            throw new AuthorizationException( "Invalid credentials." );
        }

        return ctx.proceed();
    }

}
TOP

Related Classes of org.uberfire.security.server.authz.cdi.AbstractSecurityInterceptor

  • org.uberfire.security.authz.RuntimeResource
  • java.lang.reflect.Method
  • org.uberfire.security.authz.AuthorizationException
    • TOP
    Copyright © 2018 www.massapi.com. All rights reserved.
    All source code are property of their respective owners. Java is a trademark of Sun Microsystems, Inc and owned by ORACLE Inc. Contact coftware#gmail.com.