org.springframework.security.authorization.AuthorizationDecision Java Examples

The following examples show how to use org.springframework.security.authorization.AuthorizationDecision. You can vote up the ones you like or vote down the ones you don't like, and go to the original project or source file by following the links above each example. You may check out the related API usage on the sidebar.
Example #1
Source File: ReactiveSecurityApplication.java    From training with Apache License 2.0 6 votes vote down vote up 
@Bean
SecurityWebFilterChain authorization(ServerHttpSecurity http) {
	ReactiveAuthorizationManager<AuthorizationContext> auth =
			(authentication, object) -> Mono.just(new AuthorizationDecision(object.getVariables().get("name").equals("rwinch")));

	//@formatter:off
	return
			http
			.authorizeExchange()
				.pathMatchers("/greeting").authenticated()
				.pathMatchers("/hi/{name}").access(auth)
			.and()
				.csrf()
					.disable()
			.httpBasic()
			.and()
			.build();
	//@formatter:on
}
Example #2
Source File: ReactiveSecurityApplication.java    From training with Apache License 2.0 6 votes vote down vote up 
@Bean
SecurityWebFilterChain authorization(ServerHttpSecurity http) {
	ReactiveAuthorizationManager<AuthorizationContext> auth =
			(authentication, object) -> Mono.just(new AuthorizationDecision(object.getVariables().get("name").equals("rwinch")));

	//@formatter:off
	return
			http
			.authorizeExchange()
				.pathMatchers("/greeting").authenticated()
				.pathMatchers("/hi/{name}").access(auth)
			.and()
				.csrf()
					.disable()
			.httpBasic()
			.and()
			.build();
	//@formatter:on
}
Example #3
Source File: AccessManager.java    From open-cloud with MIT License 5 votes vote down vote up 
@Override
public Mono<AuthorizationDecision> check(Mono<Authentication> authentication, AuthorizationContext authorizationContext) {
    ServerWebExchange exchange = authorizationContext.getExchange();
    String requestPath = exchange.getRequest().getURI().getPath();
    if (!apiProperties.getAccessControl()) {
        return Mono.just(new AuthorizationDecision(true));
    }
    // 是否直接放行
    if (permitAll(requestPath)) {
        return Mono.just(new AuthorizationDecision(true));
    }
    return authentication.map(a -> {
        return new AuthorizationDecision(checkAuthorities(exchange, a, requestPath));
    }).defaultIfEmpty(new AuthorizationDecision(false));
}
Example #4
Source File: SecurityConfig.java    From spring-5-examples with MIT License 5 votes vote down vote up 
private Mono<AuthorizationDecision> currentUserMatchesRole(Mono<Authentication> authentication, AuthorizationContext context) {
  return authentication
      .map(a -> {
        log.warn("role: {}", a.getAuthorities());
        return a;
      })
      .map(a -> a.getAuthorities()
                 .stream()
                 .map(GrantedAuthority::getAuthority)
                 .anyMatch(r -> r.endsWith(ROLE_USER)))
      .map(AuthorizationDecision::new);
}
Example #5
Source File: SecurityConfig.java    From spring-5-examples with MIT License 5 votes vote down vote up 
private Mono<AuthorizationDecision> currentUserMatchesRoleAndPath(Mono<Authentication> authentication, AuthorizationContext context) {
  return authentication
      .map(a -> {
        log.warn("role and path: {}", context.getVariables());
        return a;
      })
      .map(a -> a.getAuthorities()
                 .stream()
                 .map(GrantedAuthority::getAuthority)
                 .anyMatch(r -> r.endsWith(ROLE_USER))
          && a.getName().equals(context.getVariables().get("usernamePathVariable")))
      .map(AuthorizationDecision::new);
}
Example #6
Source File: PermissionAuthManager.java    From microservices-platform with Apache License 2.0 5 votes vote down vote up 
@Override
public Mono<AuthorizationDecision> check(Mono<Authentication> authentication, AuthorizationContext authorizationContext) {
    return authentication.map(auth -> {
        ServerWebExchange exchange = authorizationContext.getExchange();
        ServerHttpRequest request = exchange.getRequest();
        boolean isPermission = super.hasPermission(auth, request.getMethodValue(), request.getURI().getPath());
        return new AuthorizationDecision(isPermission);
    }).defaultIfEmpty(new AuthorizationDecision(false));
}
Example #7
Source File: DemoApplication.java    From spring-reactive-sample with GNU General Public License v3.0 4 votes vote down vote up 
private Mono<AuthorizationDecision> currentUserMatchesPath(Mono<Authentication> authentication, AuthorizationContext context) {
    return authentication
        .map(a -> context.getVariables().get("user").equals(a.getName()))
        .map(granted -> new AuthorizationDecision(granted));
}
Example #8
Source File: DemoApplication.java    From spring-reactive-sample with GNU General Public License v3.0 4 votes vote down vote up 
private Mono<AuthorizationDecision> currentUserMatchesPath(Mono<Authentication> authentication, AuthorizationContext context) {
	return authentication
		.map( a -> context.getVariables().get("user").equals(a.getName()))
		.map( granted -> new AuthorizationDecision(granted));
}
Example #9
Source File: DemoApplication.java    From spring-reactive-sample with GNU General Public License v3.0 4 votes vote down vote up 
private Mono<AuthorizationDecision> currentUserMatchesPath(Mono<Authentication> authentication, AuthorizationContext context) {
    return authentication
        .map(a -> context.getVariables().get("user").equals(a.getName()))
        .map(granted -> new AuthorizationDecision(granted));
}
Example #10
Source File: SecurityConfig.java    From spring-reactive-sample with GNU General Public License v3.0 4 votes vote down vote up 
private Mono<AuthorizationDecision> currentUserMatchesPath(Mono<Authentication> authentication, AuthorizationContext context) {
	return authentication
		.map( a -> context.getVariables().get("user").equals(a.getName()))
		.map( granted -> new AuthorizationDecision(granted));
}
Example #11
Source File: SecurityConfig.java    From spring-reactive-sample with GNU General Public License v3.0 4 votes vote down vote up 
private Mono<AuthorizationDecision> currentUserMatchesPath(Mono<Authentication> authentication, AuthorizationContext context) {
    return authentication
            .map(a -> context.getVariables().get("user").equals(a.getName()))
            .map(granted -> new AuthorizationDecision(granted));
}
Example #12
Source File: SecurityConfig.java    From spring-reactive-sample with GNU General Public License v3.0 4 votes vote down vote up 
private Mono<AuthorizationDecision> currentUserMatchesPath(Mono<Authentication> authentication, AuthorizationContext context) {
	return authentication
		.map( a -> context.getVariables().get("user").equals(a.getName()))
		.map( granted -> new AuthorizationDecision(granted));
}
Example #13
Source File: DemoApplication.java    From spring-reactive-sample with GNU General Public License v3.0 4 votes vote down vote up 
private Mono<AuthorizationDecision> currentUserMatchesPath(Mono<Authentication> authentication, AuthorizationContext context) {
    return authentication
        .map(a -> context.getVariables().get("user").equals(a.getName()))
        .map(granted -> new AuthorizationDecision(granted));
}
Example #14
Source File: DemoApplication.java    From spring-reactive-sample with GNU General Public License v3.0 4 votes vote down vote up 
private Mono<AuthorizationDecision> currentUserMatchesPath(Mono<Authentication> authentication, AuthorizationContext context) {
    return authentication
        .map(a -> context.getVariables().get("user").equals(a.getName()))
        .map(granted -> new AuthorizationDecision(granted));
}
Example #15
Source File: SecurityConfig.java    From spring-reactive-sample with GNU General Public License v3.0 4 votes vote down vote up 
private Mono<AuthorizationDecision> currentUserMatchesPath(Mono<Authentication> authentication, AuthorizationContext context) {
    return authentication
        .map(a -> context.getVariables().get("user").equals(a.getName()))
        .map(granted -> new AuthorizationDecision(granted));
}
Example #16
Source File: SecurityConfig.java    From spring-reactive-sample with GNU General Public License v3.0 4 votes vote down vote up 
private Mono<AuthorizationDecision> currentUserMatchesPath(Mono<Authentication> authentication, AuthorizationContext context) {
	return authentication
		.map( a -> context.getVariables().get("user").equals(a.getName()))
		.map( granted -> new AuthorizationDecision(granted));
}
Example #17
Source File: DemoApplication.java    From spring-reactive-sample with GNU General Public License v3.0 4 votes vote down vote up 
private Mono<AuthorizationDecision> currentUserMatchesPath(Mono<Authentication> authentication, AuthorizationContext context) {
    return authentication
        .map(a -> context.getVariables().get("user").equals(a.getName()))
        .map(granted -> new AuthorizationDecision(granted));
}
Example #18
Source File: SecurityConfig.java    From spring-reactive-sample with GNU General Public License v3.0 4 votes vote down vote up 
private Mono<AuthorizationDecision> currentUserMatchesPath(Mono<Authentication> authentication, AuthorizationContext context) {
    return authentication
        .map(a -> context.getVariables().get("user").equals(a.getName()))
        .map(granted -> new AuthorizationDecision(granted));
}
Example #19
Source File: SecurityConfig.java    From spring-reactive-sample with GNU General Public License v3.0 4 votes vote down vote up 
private Mono<AuthorizationDecision> currentUserMatchesPath(Mono<Authentication> authentication, AuthorizationContext context) {
	return authentication
		.map( a -> context.getVariables().get("user").equals(a.getName()))
		.map( granted -> new AuthorizationDecision(granted));
}
Example #20
Source File: SecurityConfig.java    From spring-reactive-sample with GNU General Public License v3.0 4 votes vote down vote up 
private Mono<AuthorizationDecision> currentUserMatchesPath(Mono<Authentication> authentication, AuthorizationContext context) {
	return authentication
		.map( a -> context.getVariables().get("user").equals(a.getName()))
		.map( granted -> new AuthorizationDecision(granted));
}
Example #21
Source File: SecurityConfig.java    From spring-reactive-sample with GNU General Public License v3.0 4 votes vote down vote up 
private Mono<AuthorizationDecision> currentUserMatchesPath(Mono<Authentication> authentication, AuthorizationContext context) {
    return authentication
            .map(a -> context.getVariables().get("user").equals(a.getName()))
            .map(granted -> new AuthorizationDecision(granted));
}
Example #22
Source File: DemoApplication.java    From spring-reactive-sample with GNU General Public License v3.0 4 votes vote down vote up 
private Mono<AuthorizationDecision> currentUserMatchesPath(Mono<Authentication> authentication, AuthorizationContext context) {
    return authentication
        .map(a -> context.getVariables().get("user").equals(a.getName()))
        .map(granted -> new AuthorizationDecision(granted));
}
Example #23
Source File: SecurityConfig.java    From spring-reactive-sample with GNU General Public License v3.0 4 votes vote down vote up 
private Mono<AuthorizationDecision> currentUserMatchesPath(Mono<Authentication> authentication, AuthorizationContext context) {
    return authentication
        .map(a -> context.getVariables().get("user").equals(a.getName()))
        .map(granted -> new AuthorizationDecision(granted));
}
Example #24
Source File: DemoApplication.java    From spring-reactive-sample with GNU General Public License v3.0 4 votes vote down vote up 
private Mono<AuthorizationDecision> currentUserMatchesPath(Mono<Authentication> authentication, AuthorizationContext context) {
	return authentication
		.map( a -> context.getVariables().get("user").equals(a.getName()))
		.map( granted -> new AuthorizationDecision(granted));
}