View Javadoc
1   /*
2    * Copyright 2006-2011 the original author or authors.
3    * 
4    * Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with
5    * the License. You may obtain a copy of the License at
6    * 
7    * https://www.apache.org/licenses/LICENSE-2.0
8    * 
9    * Unless required by applicable law or agreed to in writing, software distributed under the License is distributed on
10   * an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the License for the
11   * specific language governing permissions and limitations under the License.
12   */
13  package org.springframework.security.oauth2.provider.expression;
14  
15  import org.springframework.expression.ExpressionParser;
16  import org.springframework.expression.spel.support.StandardEvaluationContext;
17  import org.springframework.security.core.Authentication;
18  import org.springframework.security.web.FilterInvocation;
19  import org.springframework.security.web.access.expression.DefaultWebSecurityExpressionHandler;
20  
21  /**
22   * <p>
23   * A security expression handler that can handle default web security expressions plus the set provided by
24   * {@link OAuth2SecurityExpressionMethods} using the variable oauth2 to access the methods. For example, the expression
25   * <code>#oauth2.clientHasRole('ROLE_ADMIN')</code> would invoke {@link OAuth2SecurityExpressionMethods#clientHasRole}.
26   * </p>
27   * <p>
28   * By default the {@link OAuth2ExpressionParser} is used. If this is undesirable one can inject their own
29   * {@link ExpressionParser} using {@link #setExpressionParser(ExpressionParser)}.
30   * </p>
31   * 
32   * @author Dave Syer
33   * @author Rob Winch
34   * 
35   * @see OAuth2ExpressionParser
36   */
37  public class OAuth2WebSecurityExpressionHandler extends DefaultWebSecurityExpressionHandler {
38  	public OAuth2WebSecurityExpressionHandler() {
39  		setExpressionParser(new OAuth2ExpressionParser(getExpressionParser()));
40  	}
41  
42  	@Override
43  	protected StandardEvaluationContext createEvaluationContextInternal(Authentication authentication,
44  			FilterInvocation invocation) {
45  		StandardEvaluationContext ec = super.createEvaluationContextInternal(authentication, invocation);
46  		ec.setVariable("oauth2", new OAuth2SecurityExpressionMethods(authentication));
47  		return ec;
48  	}
49  }