@Override public boolean equals(Object o) { if (this == o) return true; if (o == null || !getClass().isAssignableFrom(o.getClass())) return false; Permission that = (Permission) o; if (getResourceId() != null || getResourceName() != null) { if (!getResourceId().equals(that.resourceId)) { return false; } if (getScopes().isEmpty() && that.getScopes().isEmpty()) { return true; } } else if (that.resourceId != null) { return false; } for (String scope : that.getScopes()) { if (getScopes().contains(scope)) { return true; } } return false; }
public void addPermission(String resourceId, String... scopes) { if (permissions == null) { permissions = new PermissionTicketToken(new ArrayList<Permission>()); } Permission permission = null; for (Permission resourcePermission : permissions.getPermissions()) { if (resourcePermission.getResourceId() != null && resourcePermission.getResourceId().equals(resourceId)) { permission = resourcePermission; break; } } if (permission == null) { permission = new Permission(resourceId, new HashSet<String>()); permissions.getPermissions().add(permission); } permission.getScopes().addAll(Arrays.asList(scopes)); }
private boolean hasValidClaims(Permission permission, Map<String, List<String>> claims) { Map<String, Set<String>> grantedClaims = permission.getClaims(); if (grantedClaims != null) { if (claims.isEmpty()) { return false; } for (Entry<String, Set<String>> entry : grantedClaims.entrySet()) { List<String> requestClaims = claims.get(entry.getKey()); if (requestClaims == null || requestClaims.isEmpty() || !entry.getValue().containsAll(requestClaims)) { return false; } } } return true; }
String resourceId = permission.getResourceId(); Set<String> scopes = permission.getScopes(); StringBuilder value = new StringBuilder();
public boolean hasScopePermission(String scopeName) { if (this.authzToken == null) { return false; } Authorization authorization = this.authzToken.getAuthorization(); if (authorization == null) { return false; } for (Permission permission : authorization.getPermissions()) { if (permission.getScopes().contains(scopeName)) { return true; } } return false; }
private boolean matchResourcePermission(PathConfig actualPathConfig, Permission permission) { return permission.getResourceId().equals(actualPathConfig.getId()); }
private boolean hasResourceScopePermission(MethodConfig methodConfig, Permission permission) { List<String> requiredScopes = methodConfig.getScopes(); Set<String> allowedScopes = permission.getScopes(); if (allowedScopes.isEmpty()) { return true; } PolicyEnforcerConfig.ScopeEnforcementMode enforcementMode = methodConfig.getScopesEnforcementMode(); if (PolicyEnforcerConfig.ScopeEnforcementMode.ALL.equals(enforcementMode)) { return allowedScopes.containsAll(requiredScopes); } if (PolicyEnforcerConfig.ScopeEnforcementMode.ANY.equals(enforcementMode)) { for (String requiredScope : requiredScopes) { if (allowedScopes.contains(requiredScope)) { return true; } } } return requiredScopes.isEmpty(); }
if (permission.getResourceId() != null) { if (isResourcePermission(actualPathConfig, permission)) { hasPermission = true;
public boolean hasPermission(String resourceName, String scopeName) { if (this.authzToken == null) { return false; } Authorization authorization = this.authzToken.getAuthorization(); if (authorization == null) { return false; } for (Permission permission : authorization.getPermissions()) { if (resourceName.equalsIgnoreCase(permission.getResourceName()) || resourceName.equalsIgnoreCase(permission.getResourceId())) { if (scopeName == null) { return true; } if (permission.getScopes().contains(scopeName)) { return true; } } } if (current != null) { if (current.getName().equals(resourceName)) { return true; } } return false; }