Package org.springframework.security.integration.python

Source Code of org.springframework.security.integration.python.PythonInterpreterPreInvocationAdvice

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
package org.springframework.security.integration.python;

import java.io.IOException;
import java.lang.reflect.Method;
import java.util.HashMap;
import java.util.Map;

import org.aopalliance.intercept.MethodInvocation;
import org.python.core.Py;
import org.python.core.PyObject;
import org.python.util.PythonInterpreter;
import org.springframework.core.LocalVariableTableParameterNameDiscoverer;
import org.springframework.core.ParameterNameDiscoverer;
import org.springframework.core.io.Resource;
import org.springframework.core.io.support.PathMatchingResourcePatternResolver;
import org.springframework.security.access.prepost.PreInvocationAttribute;
import org.springframework.security.access.prepost.PreInvocationAuthorizationAdvice;
import org.springframework.security.core.Authentication;
import org.springframework.util.ClassUtils;

public class PythonInterpreterPreInvocationAdvice implements PreInvocationAuthorizationAdvice{
    private final ParameterNameDiscoverer parameterNameDiscoverer = new LocalVariableTableParameterNameDiscoverer();

    public boolean before(Authentication authentication, MethodInvocation mi, PreInvocationAttribute preAttr) {
        PythonInterpreterPreInvocationAttribute pythonAttr = (PythonInterpreterPreInvocationAttribute) preAttr;
        String script = pythonAttr.getScript();

        PythonInterpreter python = new PythonInterpreter();
        python.set("authentication", authentication);
        python.set("args", createArgumentMap(mi));
        python.set("method", mi.getMethod().getName());
        Resource scriptResource = new PathMatchingResourcePatternResolver().getResource(script);

        try {
            python.execfile(scriptResource.getInputStream());
        } catch (IOException e) {
            throw new IllegalArgumentException("Couldn't run python script, " + script, e);
        }

        PyObject allowed = python.get("allow");

        if (allowed == null) {
            throw new IllegalStateException("Python script did not set the permit flag");
        }

        return (Boolean)Py.tojava(allowed, Boolean.class);
    }

    private Map<String,Object> createArgumentMap(MethodInvocation mi) {
        Object[] args = mi.getArguments();
        Object targetObject = mi.getThis();
        Method method = ClassUtils.getMostSpecificMethod(mi.getMethod(), targetObject.getClass());
        String[] paramNames = parameterNameDiscoverer.getParameterNames(method);

        Map<String,Object> argMap = new HashMap<String,Object>();
        for(int i=0; i < args.length; i++) {
            argMap.put(paramNames[i], args[i]);
        }

        return argMap;
    }
}
TOP

Related Classes of org.springframework.security.integration.python.PythonInterpreterPreInvocationAdvice

  • org.python.core.PyObject
  • org.python.util.PythonInterpreter
  • org.springframework.core.io.Resource
  • org.springframework.core.io.support.PathMatchingResourcePatternResolver
  • java.lang.reflect.Method
    • TOP
    Copyright © 2018 www.massapi.com. All rights reserved.
    All source code are property of their respective owners. Java is a trademark of Sun Microsystems, Inc and owned by ORACLE Inc. Contact coftware#gmail.com.