All Downloads are FREE. Search and download functionalities are using the official Maven repository.

org.springframework.security.oauth2.provider.expression.OAuth2MethodSecurityExpressionHandler Maven / Gradle / Ivy

Go to download 

package org.springframework.security.oauth2.provider.expression;

import org.aopalliance.intercept.MethodInvocation;
import org.springframework.expression.ExpressionParser;
import org.springframework.expression.spel.support.StandardEvaluationContext;
import org.springframework.security.access.expression.method.DefaultMethodSecurityExpressionHandler;
import org.springframework.security.core.Authentication;

/**
 * 

 * A security expression handler that can handle default method security expressions plus the set provided by
 * {@link OAuth2SecurityExpressionMethods} using the variable oauth2 to access the methods. For example, the expression
 * #oauth2.clientHasRole('ROLE_ADMIN') would invoke {@link OAuth2SecurityExpressionMethods#clientHasRole}
 * 

 * 

 * By default the {@link OAuth2ExpressionParser} is used. If this is undesirable one can inject their own
 * {@link ExpressionParser} using {@link #setExpressionParser(ExpressionParser)}.
 * 

 * 
 * @author Dave Syer
 * @author Rob Winch
 * @see OAuth2ExpressionParser
 */
public class OAuth2MethodSecurityExpressionHandler extends DefaultMethodSecurityExpressionHandler {

	public OAuth2MethodSecurityExpressionHandler() {
		setExpressionParser(new OAuth2ExpressionParser(getExpressionParser()));
	}

	@Override
	public StandardEvaluationContext createEvaluationContextInternal(Authentication authentication, MethodInvocation mi) {
		StandardEvaluationContext ec = super.createEvaluationContextInternal(authentication, mi);
		ec.setVariable("oauth2", new OAuth2SecurityExpressionMethods(authentication));
		return ec;
	}
}




© 2015 - 2024 Weber Informatics LLC | Privacy Policy