Examples with AnnotatedMethod - org.glassfish.jersey.server.model.AnnotatedMethod

Example 11 with AnnotatedMethod

use of org.glassfish.jersey.server.model.AnnotatedMethod in project ratelimitj by mokies.

the class RateLimit429EnforcerFilter method filter.

@Override
public void filter(final ContainerRequestContext requestContext) {
    try {
        AnnotatedMethod method = new AnnotatedMethod(resource.getResourceMethod());
        RateLimited rateLimited = method.getAnnotation(RateLimited.class);
        RequestRateLimiter rateLimit = factory.getInstance(toLimitRules(rateLimited));
        KeyProvider keyProvider = rateLimited.key();
        KeyPart[] keyParts = rateLimited.keys();
        if (keyProvider == Key.NO_VALUE && keyParts.length == 0) {
            LOG.warn("No keys were provided by the key provide");
            return;
        }
        Optional<CharSequence> legacyKey = keyProvider.create(request, resource, securityContext);
        CharSequence key;
        if (legacyKey.isPresent()) {
            key = legacyKey.get();
        } else {
            Optional<CharSequence> keyResult = KeyPart.combineKeysParts(rateLimited.groupKeyPrefix(), Arrays.asList(keyParts), request, resource, securityContext);
            if (keyResult.isPresent()) {
                key = keyResult.get();
            } else {
                LOG.warn("No keys were provided by the key providers '{}'", Arrays.stream(keyParts).map(KeyPart::getClass).map(Object::toString).collect(Collectors.joining(", ")));
                return;
            }
        }
        // if (legacyKey.isPresent()) {
        boolean overLimit = rateLimit.overLimitWhenIncremented(key.toString());
        if (overLimit) {
            if (!rateLimited.reportOnly()) {
                LOG.info("rate-limit key '{}' over limit. HTTP Status 429 returned.", key);
                requestContext.abortWith(Response.status(HTTP_STATUS_TOO_MANY_REQUESTS).build());
            } else {
                LOG.info("rate-limit key '{}' over limit. ReportOnly is true, no action taken.", key);
            }
            LOG.debug("rate-limit key '{}' under limit.", key);
        }
    // } else {
    // //LOG.warn("No key was provided by the key provide '{}'", keyProvider.getClass());
    // }
    } catch (Exception e) {
        LOG.error("Error occurred checking rate-limit. Assuming under limit", e);
    }
}

Also used : RequestRateLimiter(es.moki.ratelimitj.core.limiter.request.RequestRateLimiter) AnnotatedMethod(org.glassfish.jersey.server.model.AnnotatedMethod) RateLimited(es.moki.ratelimij.dropwizard.annotation.RateLimited)

Example 12 with AnnotatedMethod

use of org.glassfish.jersey.server.model.AnnotatedMethod in project drill by apache.

the class AuthDynamicFeature method configure.

@Override
public void configure(final ResourceInfo resourceInfo, final FeatureContext configuration) {
    AnnotatedMethod am = new AnnotatedMethod(resourceInfo.getResourceMethod());
    // RolesAllowed on the method takes precedence over PermitAll
    RolesAllowed ra = am.getAnnotation(RolesAllowed.class);
    if (ra != null) {
        configuration.register(AuthCheckFilter.INSTANCE);
        return;
    }
    // PermitAll takes precedence over RolesAllowed on the class
    if (am.isAnnotationPresent(PermitAll.class)) {
        // Do nothing.
        return;
    }
    // RolesAllowed on the class takes precedence over PermitAll
    ra = resourceInfo.getResourceClass().getAnnotation(RolesAllowed.class);
    if (ra != null) {
        configuration.register(AuthCheckFilter.INSTANCE);
    }
}

Also used : RolesAllowed(javax.annotation.security.RolesAllowed) AnnotatedMethod(org.glassfish.jersey.server.model.AnnotatedMethod)

Example 13 with AnnotatedMethod

use of org.glassfish.jersey.server.model.AnnotatedMethod in project drill by apache.

the class AuthDynamicFeature method configure.

@Override
public void configure(final ResourceInfo resourceInfo, final FeatureContext configuration) {
    AnnotatedMethod am = new AnnotatedMethod(resourceInfo.getResourceMethod());
    // RolesAllowed on the method takes precedence over PermitAll
    RolesAllowed ra = am.getAnnotation(RolesAllowed.class);
    if (ra != null) {
        configuration.register(AuthCheckFilter.INSTANCE);
        return;
    }
    // path's doesn't go through AuthCheckFilter.
    if (am.isAnnotationPresent(PermitAll.class)) {
        // Do nothing.
        return;
    }
    // RolesAllowed on the class takes precedence over PermitAll
    ra = resourceInfo.getResourceClass().getAnnotation(RolesAllowed.class);
    if (ra != null) {
        configuration.register(AuthCheckFilter.INSTANCE);
    }
}

Also used : RolesAllowed(javax.annotation.security.RolesAllowed) AnnotatedMethod(org.glassfish.jersey.server.model.AnnotatedMethod)

Aggregations

AnnotatedMethod (org.glassfish.jersey.server.model.AnnotatedMethod)13 RolesAllowed (javax.annotation.security.RolesAllowed)7 RateLimited (es.moki.ratelimij.dropwizard.annotation.RateLimited)2 Annotation (java.lang.annotation.Annotation)2 Optional (java.util.Optional)2 HttpMethod (javax.ws.rs.HttpMethod)2 RequestRateLimiter (es.moki.ratelimitj.core.limiter.request.RequestRateLimiter)1 Field (java.lang.reflect.Field)1 Method (java.lang.reflect.Method)1 ParameterizedType (java.lang.reflect.ParameterizedType)1 Type (java.lang.reflect.Type)1 PermitAll (javax.annotation.security.PermitAll)1 Path (javax.ws.rs.Path)1 QueryParam (javax.ws.rs.QueryParam)1 ContainerRequestFilter (javax.ws.rs.container.ContainerRequestFilter)1 ResourceMappingContext (org.glassfish.jersey.linking.mapping.ResourceMappingContext)1 MethodList (org.glassfish.jersey.server.model.MethodList)1