org.springframework.boot.actuate.autoconfigure.security.reactive.EndpointRequest Maven / Gradle / Ivy
Go to download
Show more of this group Show more artifacts with this name
Show all versions of spring-boot-actuator-autoconfigure Show documentation
Show all versions of spring-boot-actuator-autoconfigure Show documentation
Spring Boot Actuator AutoConfigure
/*
* Copyright 2012-2020 the original author or authors.
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* https://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
package org.springframework.boot.actuate.autoconfigure.security.reactive;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.Collections;
import java.util.LinkedHashSet;
import java.util.List;
import java.util.Objects;
import java.util.Set;
import java.util.function.Supplier;
import java.util.stream.Collectors;
import java.util.stream.Stream;
import reactor.core.publisher.Mono;
import org.springframework.beans.factory.NoSuchBeanDefinitionException;
import org.springframework.boot.actuate.autoconfigure.endpoint.web.WebEndpointProperties;
import org.springframework.boot.actuate.autoconfigure.web.server.ManagementPortType;
import org.springframework.boot.actuate.endpoint.EndpointId;
import org.springframework.boot.actuate.endpoint.annotation.Endpoint;
import org.springframework.boot.actuate.endpoint.web.PathMappedEndpoints;
import org.springframework.boot.security.reactive.ApplicationContextServerWebExchangeMatcher;
import org.springframework.context.ApplicationContext;
import org.springframework.core.annotation.MergedAnnotation;
import org.springframework.core.annotation.MergedAnnotations;
import org.springframework.security.web.server.util.matcher.OrServerWebExchangeMatcher;
import org.springframework.security.web.server.util.matcher.PathPatternParserServerWebExchangeMatcher;
import org.springframework.security.web.server.util.matcher.ServerWebExchangeMatcher;
import org.springframework.security.web.server.util.matcher.ServerWebExchangeMatcher.MatchResult;
import org.springframework.util.Assert;
import org.springframework.util.StringUtils;
import org.springframework.web.server.ServerWebExchange;
/**
* Factory that can be used to create a {@link ServerWebExchangeMatcher} for actuator
* endpoint locations.
*
* @author Madhura Bhave
* @since 2.0.0
*/
public final class EndpointRequest {
private static final ServerWebExchangeMatcher EMPTY_MATCHER = (request) -> MatchResult.notMatch();
private EndpointRequest() {
}
/**
* Returns a matcher that includes all {@link Endpoint actuator endpoints}. It also
* includes the links endpoint which is present at the base path of the actuator
* endpoints. The {@link EndpointServerWebExchangeMatcher#excluding(Class...)
* excluding} method can be used to further remove specific endpoints if required. For
* example:
* EndpointRequest.toAnyEndpoint().excluding(ShutdownEndpoint.class)
*
* @return the configured {@link ServerWebExchangeMatcher}
*/
public static EndpointServerWebExchangeMatcher toAnyEndpoint() {
return new EndpointServerWebExchangeMatcher(true);
}
/**
* Returns a matcher that includes the specified {@link Endpoint actuator endpoints}.
* For example:
* EndpointRequest.to(ShutdownEndpoint.class, HealthEndpoint.class)
*
* @param endpoints the endpoints to include
* @return the configured {@link ServerWebExchangeMatcher}
*/
public static EndpointServerWebExchangeMatcher to(Class... endpoints) {
return new EndpointServerWebExchangeMatcher(endpoints, false);
}
/**
* Returns a matcher that includes the specified {@link Endpoint actuator endpoints}.
* For example:
* EndpointRequest.to("shutdown", "health")
*
* @param endpoints the endpoints to include
* @return the configured {@link ServerWebExchangeMatcher}
*/
public static EndpointServerWebExchangeMatcher to(String... endpoints) {
return new EndpointServerWebExchangeMatcher(endpoints, false);
}
/**
* Returns a matcher that matches only on the links endpoint. It can be used when
* security configuration for the links endpoint is different from the other
* {@link Endpoint actuator endpoints}. The
* {@link EndpointServerWebExchangeMatcher#excludingLinks() excludingLinks} method can
* be used in combination with this to remove the links endpoint from
* {@link EndpointRequest#toAnyEndpoint() toAnyEndpoint}. For example:
*
* EndpointRequest.toLinks()
*
* @return the configured {@link ServerWebExchangeMatcher}
*/
public static LinksServerWebExchangeMatcher toLinks() {
return new LinksServerWebExchangeMatcher();
}
/**
* Base class for supported request matchers.
*/
private abstract static class AbstractWebExchangeMatcher extends ApplicationContextServerWebExchangeMatcher {
private ManagementPortType managementPortType;
AbstractWebExchangeMatcher(Class contextClass) {
super(contextClass);
}
@Override
protected boolean ignoreApplicationContext(ApplicationContext applicationContext) {
if (this.managementPortType == null) {
this.managementPortType = ManagementPortType.get(applicationContext.getEnvironment());
}
if (this.managementPortType == ManagementPortType.DIFFERENT) {
if (applicationContext.getParent() == null) {
return true;
}
String managementContextId = applicationContext.getParent().getId() + ":management";
if (!managementContextId.equals(applicationContext.getId())) {
return true;
}
}
return false;
}
}
/**
* The {@link ServerWebExchangeMatcher} used to match against {@link Endpoint actuator
* endpoints}.
*/
public static final class EndpointServerWebExchangeMatcher extends AbstractWebExchangeMatcher {
private final List