/** * Loads the access token dependencies for the given request. This will be a set of {@link ProtectedResourceDetails#getId() resource ids} * for which an OAuth access token is required. * * @param request The request. * @param response The response * @param filterChain The filter chain * @return The access token dependencies (could be empty). */ protected Set<String> getAccessTokenDependencies(HttpServletRequest request, HttpServletResponse response, FilterChain filterChain) { Set<String> deps = new TreeSet<String>(); if (getObjectDefinitionSource() != null) { FilterInvocation invocation = new FilterInvocation(request, response, filterChain); Collection<ConfigAttribute> attributes = getObjectDefinitionSource().getAttributes(invocation); if (attributes != null) { for (ConfigAttribute attribute : attributes) { deps.add(attribute.getAttribute()); } } } return deps; }
@Test public void validateCustomMetadataSource() { FilterInvocationSecurityMetadataSource customMetaDataSource = mock(FilterInvocationSecurityMetadataSource.class); fsi.setSecurityMetadataSource(customMetaDataSource); validator.validate(fcp); verify(customMetaDataSource).getAttributes(any()); } }
FilterInvocationSecurityMetadataSource fids = fsi.getSecurityMetadataSource(); Collection<ConfigAttribute> attributes = fids.getAttributes(loginRequest);
FilterInvocationSecurityMetadataSource fids = fsi.getSecurityMetadataSource(); Collection<ConfigAttribute> attributes = fids.getAttributes(loginRequest);
@Override public Collection<ConfigAttribute> getAttributes(Object object) throws IllegalArgumentException { if (RequestContextHolder.getRequestAttributes() == null) return null; return wrappedMetadataSource.getAttributes(object); }
public void doFilter(ServletRequest req, ServletResponse res, FilterChain chain) throws IOException, ServletException { HttpServletRequest request = (HttpServletRequest) req; HttpServletResponse response = (HttpServletResponse) res; FilterInvocation fi = new FilterInvocation(request, response, chain); Collection<ConfigAttribute> attr = this.securityMetadataSource.getAttributes(fi); if (attr != null) { if (this.logger.isDebugEnabled()) { this.logger.debug( "Request: " + fi.toString() + "; ConfigAttributes: " + attr); } this.channelDecisionManager.decide(fi, attr); if (fi.getResponse().isCommitted()) { return; } } chain.doFilter(request, response); }
fsi.getSecurityMetadataSource(); Collection<ConfigAttribute> attributes = fids.getAttributes(loginRequest);
FilterInvocationSecurityMetadataSource fids = fsi.getSecurityMetadataSource(); Collection<ConfigAttribute> attributes = fids.getAttributes(loginRequest);