View Javadoc
1   /*
2    * Copyright 2008-2009 Web Cohesion
3    *
4    * Licensed under the Apache License, Version 2.0 (the "License");
5    * you may not use this file except in compliance with the License.
6    * You may obtain a copy of the License at
7    *
8    *   https://www.apache.org/licenses/LICENSE-2.0
9    *
10   * Unless required by applicable law or agreed to in writing, software
11   * distributed under the License is distributed on an "AS IS" BASIS,
12   * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13   * See the License for the specific language governing permissions and
14   * limitations under the License.
15   */
16  
17  package org.springframework.security.oauth.provider.attributes;
18  
19  import org.springframework.security.access.ConfigAttribute;
20  import org.springframework.security.access.method.AbstractFallbackMethodSecurityMetadataSource;
21  import org.springframework.core.annotation.AnnotationUtils;
22  
23  import java.util.Collection;
24  import java.util.ArrayList;
25  import java.util.List;
26  import java.lang.reflect.Method;
27  import java.lang.annotation.Annotation;
28  
29  /**
30   * @author Ryan Heaton
31   * @author Andrew McCall
32   */
33  public class ConsumerSecurityMetadataSource extends AbstractFallbackMethodSecurityMetadataSource {
34  
35    protected List<ConfigAttribute> findAttributes(Class<?> clazz) {
36      return processAnnotations(clazz.getAnnotations());
37    }
38  
39    protected List<ConfigAttribute> findAttributes(Method method, Class<?> targetClass) {
40      return processAnnotations(AnnotationUtils.getAnnotations(method));
41    }
42  
43    public Collection<ConfigAttribute> getAllConfigAttributes() {
44      return null;
45    }
46  
47    private List<ConfigAttribute> processAnnotations(Annotation[] annotations) {
48      if (annotations == null || annotations.length == 0) {
49        return null;
50      }
51      List<ConfigAttribute> attributes = new ArrayList<ConfigAttribute>();
52  
53      // Process DenyAll, Permit all, then Roles, then Keys
54  
55      for (Annotation a : annotations) {
56        if (a instanceof DenyAllConsumers) {
57          attributes.add(ConsumerSecurityConfig.DENY_ALL_ATTRIBUTE);
58          return attributes;
59        }
60        if (a instanceof PermitAllConsumers) {
61          attributes.add(ConsumerSecurityConfig.PERMIT_ALL_ATTRIBUTE);
62          return attributes;
63        }
64        if (a instanceof ConsumerRolesAllowed) {
65          ConsumerRolesAllowed ra = (ConsumerRolesAllowed) a;
66          for (String role : ra.value()) {
67            attributes.add(new ConsumerSecurityConfig(role, ConsumerSecurityConfig.ConsumerSecurityType.CONSUMER_ROLE));
68          }
69          return attributes;
70        }
71        if (a instanceof ConsumerKeysAllowed) {
72          ConsumerKeysAllowed ka = (ConsumerKeysAllowed) a;
73          for (String key : ka.value()) {
74            attributes.add(new ConsumerSecurityConfig(key, ConsumerSecurityConfig.ConsumerSecurityType.CONSUMER_KEY));
75          }
76          return attributes;
77        }
78      }
79      return null;
80  
81  
82    }
83  
84  }