@Override public Object wrap(final Req req, final HandlerInvocation invocation) throws Exception { TokenAuthData auth = HttpUtils.getAuth(req); String username = auth != null ? auth.user : null; if (U.isEmpty(username)) { HttpUtils.clearUserData(req); } Set<String> roles = userRoles(req, username); Set<String> scope = auth != null ? auth.scope : null; if (U.notEmpty(requiredRoles) && !Secure.hasAnyRole(username, roles, requiredRoles)) { throw new SecurityException("The user doesn't have the required roles!"); } Ctx ctx = Ctxs.required(); ctx.setUser(new UserInfo(username, roles, scope)); return invocation.invoke(); }
@Override public Object wrap(final Req req, final HandlerInvocation invocation) throws Exception { TokenAuthData auth = HttpUtils.getAuth(req); String username = auth != null ? auth.user : null; if (U.isEmpty(username)) { HttpUtils.clearUserData(req); } Set<String> roles = userRoles(req, username); Set<String> scope = auth != null ? auth.scope : null; if (U.notEmpty(requiredRoles) && !Secure.hasAnyRole(username, roles, requiredRoles)) { throw new SecurityException("The user doesn't have the required roles!"); } Ctx ctx = Ctxs.required(); ctx.setUser(new UserInfo(username, roles, scope)); return invocation.invoke(); }