Skip to content
This repository has been archived by the owner on May 22, 2021. It is now read-only.

Commit

Permalink
Added scope merging feature (just request)
Browse files Browse the repository at this point in the history
  • Loading branch information
@PAException
PAException committed May 11, 2020
1 parent 2650a51 commit d913fc8
Showing 1 changed file with 20 additions and 5 deletions.
25 changes: 20 additions & 5 deletions spring-auth/src/main/java/com/gewia/common/spring/auth/interceptor/ScopeInterceptor.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -6,6 +6,7 @@
import com.gewia.common.spring.auth.AuthScope;
import com.gewia.common.spring.auth.Authentication;
import com.gewia.common.util.Pair;
import java.util.ArrayList;
import java.util.List;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
Expand All @@ -25,13 +26,18 @@ public boolean preHandle(HttpServletRequest request, HttpServletResponse respons

HandlerMethod method = (HandlerMethod) handler;

AuthScope[] authScopes;
Authentication auth = method.getMethodAnnotation(Authentication.class);
if (auth == null) {
response.setStatus(HttpStatus.OK.value());
return true;
AuthScope methodAuthScope = method.getMethodAnnotation(AuthScope.class);
if (auth != null) authScopes = auth.value();
else {
if (methodAuthScope == null) {
response.setStatus(HttpStatus.OK.value());
return true;
}
authScopes = new AuthScope[]{methodAuthScope};
}

AuthScope[] authScopes = auth.value();

String jwt = request.getHeader("Authorization");
if (jwt == null || jwt.isBlank()) return false;
Expand All @@ -41,7 +47,16 @@ public boolean preHandle(HttpServletRequest request, HttpServletResponse respons
if (result.getRight() != JwtUtil.VerificationResult.SUCCESS) return false;

Claim claim = result.getLeft().getClaim("scopes");
List<String> userScopes = claim.asList(String.class);
List<String> userScopes = new ArrayList<>();
for (String userScope : claim.asList(String.class)) {
String[] splitUserScope = userScope.split("\\+");
if (splitUserScope.length < 2) userScopes.add(userScope);
else {
for (int i = 1; i < splitUserScope.length; i++)
userScopes.add(splitUserScope[0] + "." + splitUserScope[i]);
}
}

for (AuthScope authScope : authScopes) {
String scope = authScope.scope();
if (scope.isBlank()) scope = authScope.value();
Expand Down

0 comments on commit d913fc8

Please sign in to comment.