From 6c10822ebe94172d54ee7ae33009a73dee8a1d62 Mon Sep 17 00:00:00 2001 From: Josh Cummings Date: Thu, 21 Mar 2024 15:50:18 -0600 Subject: [PATCH] Add Supplier Support Issue gh-14597 --- .../AuthorizationAdvisorProxyFactory.java | 10 +++++++++- .../AuthorizationAdvisorProxyFactoryTests.java | 12 ++++++++++++ 2 files changed, 21 insertions(+), 1 deletion(-) diff --git a/core/src/main/java/org/springframework/security/authorization/AuthorizationAdvisorProxyFactory.java b/core/src/main/java/org/springframework/security/authorization/AuthorizationAdvisorProxyFactory.java index f8f6707b6e4..4d967f1e446 100644 --- a/core/src/main/java/org/springframework/security/authorization/AuthorizationAdvisorProxyFactory.java +++ b/core/src/main/java/org/springframework/security/authorization/AuthorizationAdvisorProxyFactory.java @@ -254,7 +254,8 @@ public interface TargetVisitor { /** * The default {@link TargetVisitor}, which will proxy {@link Class} instances as * well as instances contained in reactive types (if reactor is present), - * collection types, and other container types like {@link Optional} + * collection types, and other container types like {@link Optional} and + * {@link Supplier} */ static TargetVisitor defaults() { return AuthorizationAdvisorProxyFactory.DEFAULT_VISITOR; @@ -351,6 +352,9 @@ public Object visit(AuthorizationAdvisorProxyFactory proxyFactory, Object target if (target instanceof Optional optional) { return proxyOptional(proxyFactory, optional); } + if (target instanceof Supplier supplier) { + return proxySupplier(proxyFactory, supplier); + } return null; } @@ -483,6 +487,10 @@ private Optional proxyOptional(AuthorizationProxyFactory proxyFactory, Option return optional.map(proxyFactory::proxy); } + private Supplier proxySupplier(AuthorizationProxyFactory proxyFactory, Supplier supplier) { + return () -> proxyFactory.proxy(supplier.get()); + } + } private static class ReactiveTypeVisitor implements TargetVisitor { diff --git a/core/src/test/java/org/springframework/security/authorization/AuthorizationAdvisorProxyFactoryTests.java b/core/src/test/java/org/springframework/security/authorization/AuthorizationAdvisorProxyFactoryTests.java index 432489175c0..ef3451c60fc 100644 --- a/core/src/test/java/org/springframework/security/authorization/AuthorizationAdvisorProxyFactoryTests.java +++ b/core/src/test/java/org/springframework/security/authorization/AuthorizationAdvisorProxyFactoryTests.java @@ -31,6 +31,7 @@ import java.util.SortedSet; import java.util.TreeMap; import java.util.TreeSet; +import java.util.function.Supplier; import java.util.stream.Stream; import org.jetbrains.annotations.NotNull; @@ -242,6 +243,17 @@ public void proxyWhenPreAuthorizeForOptionalThenHonors() { SecurityContextHolder.clearContext(); } + @Test + public void proxyWhenPreAuthorizeForSupplierThenHonors() { + SecurityContextHolder.getContext().setAuthentication(this.user); + AuthorizationAdvisorProxyFactory factory = AuthorizationAdvisorProxyFactory.withDefaults(); + Supplier flights = () -> this.flight; + assertThat(flights.get().getAltitude()).isEqualTo(35000d); + Supplier secured = proxy(factory, flights); + assertThatExceptionOfType(AccessDeniedException.class).isThrownBy(() -> secured.get().getAltitude()); + SecurityContextHolder.clearContext(); + } + @Test public void proxyWhenPreAuthorizeForStreamThenHonors() { SecurityContextHolder.getContext().setAuthentication(this.user);