All Downloads are FREE. Search and download functionalities are using the official Maven repository.
  • Log In
  • Register

    • com.sap.cloud.security.ams.spring.handler.resourceserver.ResourceServerExpressionHandler Maven / Gradle / Ivy

    Go to download

    Client Library for integrating Spring applications with SAP Authorization Management Service (AMS)

    The newest version!
    /************************************************************************
 * © 2019-2023 SAP SE or an SAP affiliate company. All rights reserved. *
 ************************************************************************/
package com.sap.cloud.security.ams.spring.handler.resourceserver;

import com.sap.cloud.security.ams.dcl.client.pdp.PolicyDecisionPoint;
import com.sap.cloud.security.ams.spring.adapter.PolicyDecisionPointSecurityExpression;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.security.core.Authentication;
import org.springframework.security.oauth2.jwt.Jwt;
import org.springframework.security.oauth2.server.resource.authentication.JwtAuthenticationToken;

interface ResourceServerExpressionHandler {

	Logger LOGGER = LoggerFactory.getLogger(ResourceServerExpressionHandler.class);

	default PolicyDecisionPointSecurityExpression createSecurityExpressionRoot(Authentication authentication,
			PolicyDecisionPoint policyDecisionPoint) {
		LOGGER.debug("Creating SPEL Method Expressions for Authentication of type {}.", authentication.getClass());

		PolicyDecisionPointSecurityExpression expression;
		if (authentication instanceof Jwt jwt) {
			expression = new PolicyDecisionPointSecurityExpression(authentication, jwt.getClaims());
		} else if (authentication instanceof JwtAuthenticationToken jwtAuthenticationToken) {
			expression = new PolicyDecisionPointSecurityExpression(authentication,
					jwtAuthenticationToken.getTokenAttributes());
		} else {
			LOGGER.error("Error creating SPEL Method Expressions: authentication {} is not supported.",
					authentication.getPrincipal());
			return null;
		}
		return expression.policyDecisionPoint(policyDecisionPoint);
	}

}




    © 2015 - 2025 Weber Informatics LLC | Privacy Policy