• Home
• com.sap.cloud.security.ams.client
• spring-ams
• 2.0.0
• source code
• ResourceServerMethodSecurityExpressionHandler.java

×

Project download

Many resources are needed to download a project. Please understand that we have to compensate our server costs. Thank you in advance.
Project price only 1 $

You can buy this project and download/modify it how often you want.

com.sap.cloud.security.ams.spring.handler.resourceserver.ResourceServerMethodSecurityExpressionHandler Maven / Gradle / Ivy

/************************************************************************
* © 2019-2023 SAP SE or an SAP affiliate company. All rights reserved. *
************************************************************************/
package com.sap.cloud.security.ams.spring.handler.resourceserver;

import com.sap.cloud.security.ams.dcl.client.pdp.PolicyDecisionPoint;
import org.aopalliance.intercept.MethodInvocation;
import org.springframework.expression.EvaluationContext;
import org.springframework.expression.spel.support.StandardEvaluationContext;
import org.springframework.security.access.expression.method.DefaultMethodSecurityExpressionHandler;
import org.springframework.security.access.expression.method.MethodSecurityExpressionOperations;
import org.springframework.security.core.Authentication;

import java.util.function.Supplier;

/**
 * Method Security Expression Handler extension for AMS Policy Decision Point Security Expressions
 * 

 * This class is only loaded in case org.springframework.security:spring-security-oauth2-resource-server is provided by
 * the consuming application.
 */
public class ResourceServerMethodSecurityExpressionHandler extends DefaultMethodSecurityExpressionHandler
		implements ResourceServerExpressionHandler {
	private PolicyDecisionPoint policyDecisionPoint;

	private ResourceServerMethodSecurityExpressionHandler() {
		// use factory methods instead
	}

	public static ResourceServerMethodSecurityExpressionHandler getInstance(PolicyDecisionPoint policyDecisionPoint) {
		ResourceServerMethodSecurityExpressionHandler instance = new ResourceServerMethodSecurityExpressionHandler();
		instance.policyDecisionPoint = policyDecisionPoint;
		return instance;
	}


	@Override
	public EvaluationContext createEvaluationContext(Supplier authentication, MethodInvocation mi) {
		StandardEvaluationContext context = (StandardEvaluationContext) super.createEvaluationContext(authentication,
				mi);
		MethodSecurityExpressionOperations delegate = (MethodSecurityExpressionOperations) context.getRootObject()
				.getValue();
		if (delegate != null) {
			context.setRootObject(createSecurityExpressionRoot(delegate.getAuthentication(), policyDecisionPoint));
		}
		return context;
	}

}