@Override public void configure(ResourceInfo resourceInfo, FeatureContext context) { if (DynamicallyBoundFilterResource.class == resourceInfo.getResourceClass()) { context.register(DynamicallyBoundFilter.class); } } }
@Override public void configure(ResourceInfo resourceInfo, FeatureContext context) { if (DynamicallyBoundInterceptorResource.class == resourceInfo.getResourceClass()) { context.register(DynamicallyBoundInterceptor.class); } } }
@Override public void configure(ResourceInfo resourceInfo, FeatureContext context) { final Class<?> resourceClass = resourceInfo.getResourceClass(); final Method resourceMethod = resourceInfo.getResourceMethod(); if (serverStatus.hasCapability(ServerStatus.Capability.MASTER)) return; if (resourceMethod.isAnnotationPresent(RestrictToMaster.class) || resourceClass.isAnnotationPresent(RestrictToMaster.class)) { context.register(restrictToMasterFilter); } } }
@Override public void configure(ResourceInfo resourceInfo, FeatureContext context) { if (resourceInfo.getResourceClass().getName().indexOf("scouterx.") == 0) { if (resourceInfo.getResourceMethod().getAnnotation(NoAuth.class) == null) { context.register(AuthFilter.class); } } } }
@Override public void configure(ResourceInfo resourceInfo, FeatureContext context) { final Method resourceMethod = resourceInfo.getResourceMethod(); if (resourceMethod.isAnnotationPresent(Timed.class)) { LOG.debug("Setting up filter for Timed resource method: {}#{}", resourceInfo.getResourceClass().getCanonicalName(), resourceMethod.getName()); context.register(new TimedMetricsFilter(metricRegistry, resourceInfo)); } if (resourceMethod.isAnnotationPresent(Metered.class)) { LOG.debug("Setting up filter for Metered resource method: {}#{}", resourceInfo.getResourceClass().getCanonicalName(), resourceMethod.getName()); context.register(new MeteredMetricsFilter(metricRegistry, resourceInfo)); } if (resourceMethod.isAnnotationPresent(ExceptionMetered.class)) { LOG.debug("Setting up filter for ExceptionMetered resource method: {}#{}", resourceInfo.getResourceClass().getCanonicalName(), resourceMethod.getName()); context.register(new ExceptionMeteredMetricsFilter(metricRegistry, resourceInfo)); } } }
@Override public void configure(ResourceInfo resourceInfo, FeatureContext context) { List<Annotation> authzSpecs = new ArrayList<Annotation>(); for (Class<? extends Annotation> annotationClass : shiroAnnotations) { // XXX What is the performance of getAnnotation vs getAnnotations? Annotation classAuthzSpec = resourceInfo.getResourceClass().getAnnotation(annotationClass); Annotation methodAuthzSpec = resourceInfo.getResourceMethod().getAnnotation(annotationClass); if (classAuthzSpec != null) authzSpecs.add(classAuthzSpec); if (methodAuthzSpec != null) authzSpecs.add(methodAuthzSpec); } if (!authzSpecs.isEmpty()) { context.register(new AnnotationAuthorizationFilter(authzSpecs), Priorities.AUTHORIZATION); } }
@Override public void configure(ResourceInfo resourceInfo, FeatureContext context) { final Class<?> resourceClass = resourceInfo.getResourceClass(); final Method resourceMethod = resourceInfo.getResourceMethod(); context.register(ShiroSecurityContextFilter.class); if (resourceMethod.isAnnotationPresent(RequiresAuthentication.class) || resourceClass.isAnnotationPresent(RequiresAuthentication.class)) { if (resourceMethod.isAnnotationPresent(RequiresGuest.class)) { LOG.debug("Resource method {}#{} is marked as unauthenticated, skipping setting filter."); } else { LOG.debug("Resource method {}#{} requires an authenticated user.", resourceClass.getCanonicalName(), resourceMethod.getName()); context.register(new ShiroAuthenticationFilter()); } } if (resourceMethod.isAnnotationPresent(RequiresPermissions.class) || resourceClass.isAnnotationPresent(RequiresPermissions.class)) { RequiresPermissions requiresPermissions = resourceClass.getAnnotation(RequiresPermissions.class); if (requiresPermissions == null) { requiresPermissions = resourceMethod.getAnnotation(RequiresPermissions.class); } LOG.debug("Resource method {}#{} requires an authorization checks.", resourceClass.getCanonicalName(), resourceMethod.getName()); context.register(new ShiroAuthorizationFilter(requiresPermissions)); } // TODO this is the wrong approach, we should have an Environment and proper request wrapping context.register((ContainerResponseFilter) (requestContext, responseContext) -> ThreadContext.unbindSubject()); } }
/** * Invoked prior to request invocation during {@link ContainerRequestFilter#filter(ContainerRequestContext)} * where the resource info was injected from context. * * <p>Adds the tags {@link #RESOURCE_CLASS} and {@link #RESOURCE_METHOD}. Override or use {@link #NOOP} * to change this behavior. */ protected void resourceInfo(ResourceInfo resourceInfo, SpanCustomizer customizer) { customizer.tag(RESOURCE_CLASS, resourceInfo.getResourceClass().getSimpleName()); customizer.tag(RESOURCE_METHOD, resourceInfo.getResourceMethod().getName()); }
Class<?> resourceClass = resourceInfo.getResourceClass(); List<Role> classRoles = extractRoles(resourceClass);
@Override public void configure(final ResourceInfo resourceInfo, final FeatureContext configuration) { AnnotatedMethod am = new AnnotatedMethod(resourceInfo.getResourceMethod()); // RolesAllowed on the method takes precedence over PermitAll RolesAllowed ra = am.getAnnotation(RolesAllowed.class); if (ra != null) { configuration.register(AuthCheckFilter.INSTANCE); return; } // PermitAll takes precedence over RolesAllowed on the class if (am.isAnnotationPresent(PermitAll.class)) { // Do nothing. return; } // RolesAllowed on the class takes precedence over PermitAll ra = resourceInfo.getResourceClass().getAnnotation(RolesAllowed.class); if (ra != null) { configuration.register(AuthCheckFilter.INSTANCE); } }
@Override public void configure(ResourceInfo resourceInfo, FeatureContext context) { final AnnotatedMethod am = new AnnotatedMethod(resourceInfo.getResourceMethod()); final Annotation[][] parameterAnnotations = am.getParameterAnnotations(); final Class<?>[] parameterTypes = am.getParameterTypes(); // First, check for any @Auth annotations on the method. for (int i = 0; i < parameterAnnotations.length; i++) { for (final Annotation annotation : parameterAnnotations[i]) { if (annotation instanceof Auth) { // Optional auth requires that a concrete AuthFilter be provided. if (parameterTypes[i].equals(Optional.class) && authFilter != null) { context.register(new WebApplicationExceptionCatchingFilter(authFilter)); return; } else { registerAuthFilter(context); return; } } } } // Second, check for any authorization annotations on the class or method. // Note that @DenyAll shouldn't be attached to classes. final boolean annotationOnClass = (resourceInfo.getResourceClass().getAnnotation(RolesAllowed.class) != null) || (resourceInfo.getResourceClass().getAnnotation(PermitAll.class) != null); final boolean annotationOnMethod = am.isAnnotationPresent(RolesAllowed.class) || am.isAnnotationPresent(DenyAll.class) || am.isAnnotationPresent(PermitAll.class); if (annotationOnClass || annotationOnMethod) { registerAuthFilter(context); } }
@Override public void configure(final ResourceInfo resourceInfo, final FeatureContext configuration) { final AnnotatedMethod am = new AnnotatedMethod(resourceInfo.getResourceMethod()); // DenyAll on the method take precedence over RolesAllowed and PermitAll if (am.isAnnotationPresent(DenyAll.class)) { configuration.register(new RolesAllowedRequestFilter()); return; } // RolesAllowed on the method takes precedence over PermitAll RolesAllowed ra = am.getAnnotation(RolesAllowed.class); if (ra != null) { configuration.register(new RolesAllowedRequestFilter(ra.value())); return; } // PermitAll takes precedence over RolesAllowed on the class if (am.isAnnotationPresent(PermitAll.class)) { // Do nothing. return; } // DenyAll can't be attached to classes // RolesAllowed on the class takes precedence over PermitAll ra = resourceInfo.getResourceClass().getAnnotation(RolesAllowed.class); if (ra != null) { configuration.register(new RolesAllowedRequestFilter(ra.value())); } }
private SecurityDefinition getMethodSecurity(Method definitionMethod) { // Check cache if (resourceMethodSecurity.containsKey(definitionMethod)) { return resourceMethodSecurity.get(definitionMethod); } // Jersey model 'definition method' is the method that contains JAX-RS/Jersey annotations. JAX-RS does not support // merging annotations from a parent, so we don't have to look for annotations on corresponding methods of interfaces // and abstract classes implemented by the definition method. // Jersey model does not have a 'definition class', so we have to find it from a handler class Class<?> definitionClass = getDefinitionClass(resourceInfo.getResourceClass()); SecurityDefinition definition = this.resourceClassSecurity .computeIfAbsent(definitionClass, aClass -> securityForClass(definitionClass, appWideSecurity)); Authenticated atn = definitionMethod.getAnnotation(Authenticated.class); Authorized atz = definitionMethod.getAnnotation(Authorized.class); Audited audited = definitionMethod.getAnnotation(Audited.class); SecurityDefinition methodDef = definition.copyMe(); methodDef.add(atn); methodDef.add(atz); methodDef.add(audited); addCustomAnnotations(methodDef.getOperationScope(), definitionMethod); resourceMethodSecurity.put(definitionMethod, methodDef); for (AnnotationAnalyzer analyzer : analyzers) { AnnotationAnalyzer.AnalyzerResponse analyzerResponse = analyzer.analyze(definitionMethod, definition.analyzerResponse(analyzer)); methodDef.analyzerResponse(analyzer, analyzerResponse); } return methodDef; }
@Override public void configure(final ResourceInfo resourceInfo, final FeatureContext configuration) { final AnnotatedMethod am = new AnnotatedMethod(resourceInfo.getResourceMethod()); // DenyAll on the method take precedence over RolesAllowed and PermitAll if (am.isAnnotationPresent(DenyAll.class)) { configuration.register(new RolesAllowedRequestFilter()); return; } // RolesAllowed on the method takes precedence over PermitAll RolesAllowed ra = am.getAnnotation(RolesAllowed.class); if (ra != null) { configuration.register(new RolesAllowedRequestFilter(ra.value())); return; } // PermitAll takes precedence over RolesAllowed on the class if (am.isAnnotationPresent(PermitAll.class)) { // Do nothing. return; } // DenyAll can't be attached to classes // RolesAllowed on the class takes precedence over PermitAll ra = resourceInfo.getResourceClass().getAnnotation(RolesAllowed.class); if (ra != null) { configuration.register(new RolesAllowedRequestFilter(ra.value())); } }
.getProducibleMediaTypes(requestProvider.get(), extendedUriInfoProvider.get(), null); final Class<?> resourceClass = resourceInfoProvider.get().getResourceClass(); if (viewable instanceof ImplicitViewable) {
@Override public void configure(ResourceInfo resourceInfo, FeatureContext configurable) { Signed signed = resourceInfo.getResourceMethod().getAnnotation(Signed.class); if (signed == null) { signed = (Signed) resourceInfo.getResourceClass().getAnnotation(Signed.class); } if (signed == null) return; configurable.register(new DigitalSigningHeaderDecorator(signed)); }
@Override public void configure(ResourceInfo resourceInfo, FeatureContext configurable) { Verify verify = resourceInfo.getResourceMethod().getAnnotation(Verify.class); Verifications verifications = resourceInfo.getResourceClass().getAnnotation(Verifications.class); if (verify != null || verifications != null) { configurable.register(new DigitalVerificationHeaderDecorator(verify, verifications)); } }
@Override public void configure(ResourceInfo resourceInfo, FeatureContext configurable) { Signed signed = resourceInfo.getResourceMethod().getAnnotation(Signed.class); if (signed == null) { signed = (Signed) resourceInfo.getResourceClass().getAnnotation(Signed.class); } if (signed == null) return; configurable.register(new DigitalSigningHeaderDecorator(signed)); }
@Override public void configure(ResourceInfo resourceInfo, FeatureContext configurable) { @SuppressWarnings("rawtypes") final Class declaring = resourceInfo.getResourceClass(); final Method method = resourceInfo.getResourceMethod(); if (declaring == null || method == null) return; for (Annotation[] annotations : method.getParameterAnnotations()) { String encoding = getEncoding(annotations); if (encoding != null) { configurable.register(new ClientContentEncodingAnnotationFilter(encoding)); return; } } }
@Override public void configure(ResourceInfo resourceInfo, FeatureContext configurable) { Verify verify = resourceInfo.getResourceMethod().getAnnotation(Verify.class); Verifications verifications = resourceInfo.getResourceClass().getAnnotation(Verifications.class); resourceInfo.getResourceMethod(); if (verify != null || verifications != null) { configurable.register(new DigitalVerificationHeaderDecorator(verify, verifications, hasEntityParameter(resourceInfo.getResourceMethod()))); } }