org.wildfly.security.authz.MappedRoleMapper Maven / Gradle / Ivy
Go to download
This artifact provides a single jar that contains all classes required to use remote EJB and JMS, including
all dependencies. It is intended for use by those not using maven, maven users should just import the EJB and
JMS BOM's instead (shaded JAR's cause lots of problems with maven, as it is very easy to inadvertently end up
with different versions on classes on the class path).
The newest version!
/*
* JBoss, Home of Professional Open Source.
* Copyright 2018 Red Hat, Inc., and individual contributors
* as indicated by the @author tags.
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
package org.wildfly.security.authz;
import java.util.LinkedHashMap;
import java.util.LinkedHashSet;
import java.util.Map;
import java.util.Set;
import static org.wildfly.security.auth.server._private.ElytronMessages.log;
/**
* A simple mapping role mapper.
*
* Maps each role to a set of new roles using a String to Set map.
*
* @author Martin Mazanek
*/
public class MappedRoleMapper implements RoleMapper {
private final Map> reverseRoleMap = new LinkedHashMap<>();
private volatile boolean initialized = false;
/**
* Construct a new instance.
* Called from WildFly core when using this as a custom component. You should not use this constructor and use {@link MappedRoleMapper.Builder} instead.
* You must call {@link #initialize(Map)} to configure mapping map before usage.
*
* @see MappedRoleMapper.Builder
*/
public MappedRoleMapper() {}
private MappedRoleMapper(Map> roleMap) {
Set>> entrySet = roleMap.entrySet();
for (Map.Entry> entry : entrySet) {
for (String mappedRole : entry.getValue()) {
Set rolesToMappedRole = reverseRoleMap.get(mappedRole);
if (rolesToMappedRole == null) {
rolesToMappedRole = new LinkedHashSet<>();
reverseRoleMap.put(mappedRole, rolesToMappedRole);
}
rolesToMappedRole.add(entry.getKey());
}
}
initialized = true;
}
/**
* Custom component method.
* Called from WildFly core. Used to include mapped role mapping functionality in older WildFly versions.
*
* @param configuration map of mapping rules where key is delegate role and value is whitespace separated list of new roles
* @throws IllegalStateException when called mapper is already initialized
*/
public void initialize(final Map configuration) {
if (initialized) {
throw log.roleMappedAlreadyInitialized();
}
reverseRoleMap.clear();
configuration.forEach( (key, value) -> {
String[] newRoles = value.split("\\s+");
for (String newRole : newRoles) {
Set rolesToMappedRole = reverseRoleMap.get(newRole);
if (rolesToMappedRole == null) {
rolesToMappedRole = new LinkedHashSet<>();
reverseRoleMap.put(newRole, rolesToMappedRole);
}
rolesToMappedRole.add(key);
}
});
initialized = true;
}
@Override
public Roles mapRoles(Roles rolesToMap) {
if (!initialized) {
throw log.roleMappedNotInitialized();
}
return new MappedRoles(rolesToMap, this.reverseRoleMap);
}
/**
* Construct a new {@link Builder} for creating the {@link MappedRoleMapper}.
*
* @return a new {@link Builder} for creating the {@link MappedRoleMapper}.
*/
public static Builder builder() {
return new Builder();
}
/**
* A builder for map backed role mappers.
*/
public static class Builder {
private Map> roleMap;
Builder() {
}
/**
* Build and return the resulting {@link MappedRoleMapper}.
*
* @return the resulting {@link MappedRoleMapper}
*/
public MappedRoleMapper build() {
return new MappedRoleMapper(roleMap);
}
/**
* Set the {@link Map} to use for mapping roles
*
* @param roleMap the role map
* @return {@code this} builder to allow chaining.
*/
public Builder setRoleMap(Map> roleMap) {
this.roleMap = roleMap;
return this;
}
}
}