public ProjectPermissionIRequestParameter(ApiKeyService apiKeyService, Method method) { final ApiOperation annotation = method.getAnnotation(ApiOperation.class); Authorization[] authorizations = annotation == null ? new Authorization[0] : Arrays.stream(annotation.authorizations()).filter(auth -> !auth.value().equals("")).toArray(value -> new Authorization[value]); if (authorizations.length == 0) { throw new IllegalStateException(method.toGenericString() + ": The permission check component requires endpoints to have authorizations definition in @ApiOperation. " + "Use @IgnorePermissionCheck to bypass security check in method " + method.toString()); } if (annotation != null && !annotation.consumes().isEmpty() && !annotation.consumes().equals("application/json")) { throw new IllegalStateException("The permission check component requires endpoint to consume application/json. " + "Use @IgnorePermissionCheck to bypass security check in method " + method.toString()); } Api clazzOperation = method.getDeclaringClass().getAnnotation(Api.class); if (authorizations.length == 0 && (clazzOperation == null || clazzOperation.authorizations().length == 0)) { throw new IllegalArgumentException(String.format("Authorization for method %s is not defined. " + "You must use @IgnorePermissionCheck if the endpoint doesn't need permission check", method.toString())); } if (authorizations.length != 1) { throw new IllegalArgumentException(); } type = ApiKeyService.AccessKeyType.fromKey(authorizations[0].value()); this.apiKeyService = apiKeyService; }