org.glassfish.jersey.server.model.AnnotatedMethod Java Examples

The following examples show how to use org.glassfish.jersey.server.model.AnnotatedMethod. You can vote up the ones you like or vote down the ones you don't like, and go to the original project or source file by following the links above each example. You may check out the related API usage on the sidebar.
Example #1
Source File: AuthDynamicFeature.java    From Bats with Apache License 2.0 6 votes vote down vote up 
@Override
public void configure(final ResourceInfo resourceInfo, final FeatureContext configuration) {
  AnnotatedMethod am = new AnnotatedMethod(resourceInfo.getResourceMethod());

  // RolesAllowed on the method takes precedence over PermitAll
  RolesAllowed ra = am.getAnnotation(RolesAllowed.class);
  if (ra != null) {
    configuration.register(AuthCheckFilter.INSTANCE);
    return;
  }

  // PermitAll takes precedence over RolesAllowed on the class
  // This avoids putting AuthCheckFilter in the request flow for all path's which
  // are defined under PermitAll annotation. That is requests for "/", "/login", "/mainLogin" and "/spnegoLogin"
  // path's doesn't go through AuthCheckFilter.
  if (am.isAnnotationPresent(PermitAll.class)) {
    // Do nothing.
    return;
  }

  // RolesAllowed on the class takes precedence over PermitAll
  ra = resourceInfo.getResourceClass().getAnnotation(RolesAllowed.class);
  if (ra != null) {
    configuration.register(AuthCheckFilter.INSTANCE);
  }
}
Example #2
Source File: AuthDynamicFeature.java    From dropwizard-simpleauth with Apache License 2.0 6 votes vote down vote up 
@Override
public void configure(ResourceInfo resourceInfo, FeatureContext context) {
  AnnotatedMethod annotatedMethod       = new AnnotatedMethod(resourceInfo.getResourceMethod());
  Annotation[][]  parameterAnnotations  = annotatedMethod.getParameterAnnotations();
  Class<?>[]      parameterTypes        = annotatedMethod.getParameterTypes      ();
  Type[]          parameterGenericTypes = annotatedMethod.getGenericParameterTypes();

  verifyAuthAnnotations(parameterAnnotations);

  for (int i=0;i<parameterAnnotations.length;i++) {
    for (Annotation annotation : parameterAnnotations[i]) {
      if (annotation instanceof Auth) {
        Type parameterType = parameterTypes[i];

        if (parameterType == Optional.class) {
          parameterType = ((ParameterizedType)parameterGenericTypes[i]).getActualTypeArguments()[0];
          context.register(new WebApplicationExceptionCatchingFilter(getFilterFor(parameterType)));
        } else {
          context.register(getFilterFor(parameterType));
        }
      }
    }
  }
}
Example #3
Source File: AuthDynamicFeature.java    From dropwizard-java8 with Apache License 2.0 6 votes vote down vote up 
@Override
public void configure(ResourceInfo resourceInfo, FeatureContext context) {
    final AnnotatedMethod am = new AnnotatedMethod(resourceInfo.getResourceMethod());
    final Annotation[][] parameterAnnotations = am.getParameterAnnotations();
    if (am.isAnnotationPresent(RolesAllowed.class) || am.isAnnotationPresent(DenyAll.class) ||
        am.isAnnotationPresent(PermitAll.class)) {
        context.register(authFilter);
    } else {
        for (Annotation[] annotations : parameterAnnotations) {
            for (Annotation annotation : annotations) {
                if (annotation instanceof Auth) {
                    context.register(authFilter);
                    return;
                }
            }
        }
    }
}
Example #4
Source File: RateLimited429EnforcerFeature.java    From ratelimitj with Apache License 2.0 5 votes vote down vote up 
@Override
public void configure(final ResourceInfo resourceInfo,
                      final FeatureContext context) {

    final AnnotatedMethod method = new AnnotatedMethod(resourceInfo.getResourceMethod());
    final RateLimited rateLimited = method.getAnnotation(RateLimited.class);

    if (null != rateLimited) {
        context.register(RateLimit429EnforcerFilter.class);
    }
}
Example #5
Source File: RolesAllowedChecker.java    From rest-schemagen with Apache License 2.0 5 votes vote down vote up 
@Override
public boolean test(Scope scope) {

    AnnotatedMethod am = new AnnotatedMethod(scope.getInvokedMethod());

    // DenyAll on the method take precedence over RolesAllowed and PermitAll
    if (am.isAnnotationPresent(DenyAll.class)) {
        return false;
    }

    // RolesAllowed on the method takes precedence over PermitAll
    RolesAllowed ra = am.getAnnotation(RolesAllowed.class);
    if (ra != null) {
        return checkRoles(ra.value());
    }

    // PermitAll takes precedence over RolesAllowed on the class
    if (am.isAnnotationPresent(PermitAll.class)) {
        // Do nothing.
        return true;
    }

    // DenyAll can't be attached to classes

    // RolesAllowed on the class takes precedence over PermitAll
    ra = scope.getInvokedClass().getAnnotation(RolesAllowed.class);
    if (ra != null) {
        return checkRoles(ra.value());
    }
    return true;
}
Example #6
Source File: RolesAnnotationFilter.java    From datacollector with Apache License 2.0 5 votes vote down vote up 
@Override
public void configure(ResourceInfo resourceInfo, FeatureContext context) {
  final AnnotatedMethod am = new AnnotatedMethod(resourceInfo.getResourceMethod());

  // DenyAll on the method take precedence over RolesAllowed and PermitAll
  if (am.isAnnotationPresent(DenyAll.class)) {
    context.register(new RolesAllowedRequestFilter());
    return;
  }

  // RolesAllowed on the method takes precedence over PermitAll
  RolesAllowed ra = am.getAnnotation(RolesAllowed.class);
  if (ra != null) {
    context.register(new RolesAllowedRequestFilter(ra.value()));
    return;
  }

  // PermitAll takes precedence over RolesAllowed on the class
  if (am.isAnnotationPresent(PermitAll.class)) {
    // Do nothing.
    return;
  }

  // DenyAll can't be attached to classes

  // RolesAllowed on the class takes precedence over PermitAll
  ra = resourceInfo.getResourceClass().getAnnotation(RolesAllowed.class);
  if (ra != null) {
    context.register(new RolesAllowedRequestFilter(ra.value()));
  }
}
Example #7
Source File: RateLimit429EnforcerFilter.java    From ratelimitj with Apache License 2.0 4 votes vote down vote up 
@Override
public void filter(final ContainerRequestContext requestContext) {

    try {
        AnnotatedMethod method = new AnnotatedMethod(resource.getResourceMethod());
        RateLimited rateLimited = method.getAnnotation(RateLimited.class);

        RequestRateLimiter rateLimit = factory.getInstance(toLimitRules(rateLimited));

        KeyPart[] keyParts = rateLimited.keys();


        Optional<CharSequence> keyResult = KeyPart.combineKeysParts(rateLimited.groupKeyPrefix(), Arrays.asList(keyParts), request, resource, securityContext);


        CharSequence key;
        if (keyResult.isPresent()) {
            key = keyResult.get();
        } else {
            LOG.warn("No keys were provided by the key providers '{}'",
                    Arrays.stream(keyParts)
                            .map(KeyPart::getClass)
                            .map(Object::toString)
                            .collect(Collectors.joining(", ")));
            return;
        }

        boolean overLimit = rateLimit.overLimitWhenIncremented(key.toString());
        if (overLimit) {
            if (!rateLimited.reportOnly()) {
                LOG.info("rate-limit key '{}' over limit. HTTP Status 429 returned.", key);
                requestContext.abortWith(Response.status(HTTP_STATUS_TOO_MANY_REQUESTS).build());
            } else {
                LOG.info("rate-limit key '{}' over limit. ReportOnly is true, no action taken.", key);
            }
            LOG.debug("rate-limit key '{}' under limit.", key);
        }
    } catch (Exception e) {
        LOG.error("Error occurred checking rate-limit. Assuming under limit", e);
    }
}