Package io.micronaut.security.rules
Class AbstractSecurityRule
- java.lang.Object
-
- io.micronaut.security.rules.AbstractSecurityRule
-
- All Implemented Interfaces:
io.micronaut.core.order.Ordered
,SecurityRule
- Direct Known Subclasses:
ConfigurationInterceptUrlMapRule
,IpPatternsRule
,SecuredAnnotationRule
public abstract class AbstractSecurityRule extends java.lang.Object implements SecurityRule
A baseSecurityRule
class to extend from that provides helper methods to get the roles from the claims and compare them to the roles allowed by the rule.- Since:
- 1.0
- Author:
- James Kleeh
-
-
Field Summary
-
Fields inherited from interface io.micronaut.core.order.Ordered
HIGHEST_PRECEDENCE, LOWEST_PRECEDENCE
-
Fields inherited from interface io.micronaut.security.rules.SecurityRule
DENY_ALL, IS_ANONYMOUS, IS_AUTHENTICATED
-
-
Method Summary
All Methods Instance Methods Concrete Methods Modifier and Type Method Description protected SecurityRuleResult
compareRoles(java.util.List<java.lang.String> requiredRoles, java.util.List<java.lang.String> grantedRoles)
Compares the given roles to determine if the request is allowed by comparing if any of the granted roles is in the required roles list.protected java.util.List<java.lang.String>
getRoles(java.util.Map<java.lang.String,java.lang.Object> claims)
AppendsSecurityRule.IS_ANONYMOUS
if not authenticated.-
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
-
Methods inherited from interface io.micronaut.security.rules.SecurityRule
check
-
-
-
-
Method Detail
-
getRoles
protected java.util.List<java.lang.String> getRoles(java.util.Map<java.lang.String,java.lang.Object> claims)
AppendsSecurityRule.IS_ANONYMOUS
if not authenticated. If the claims contain one or more roles,SecurityRule.IS_AUTHENTICATED
is appended to the list.- Parameters:
claims
- The claims of the token, null if not authenticated- Returns:
- The granted roles
-
compareRoles
protected SecurityRuleResult compareRoles(java.util.List<java.lang.String> requiredRoles, java.util.List<java.lang.String> grantedRoles)
Compares the given roles to determine if the request is allowed by comparing if any of the granted roles is in the required roles list.- Parameters:
requiredRoles
- The list of roles required to be authorizedgrantedRoles
- The list of roles granted to the user- Returns:
SecurityRuleResult.REJECTED
if none of the granted roles appears in the required roles list.SecurityRuleResult.ALLOWED
otherwise.
-
-