java如何将if语句逻辑重写为web安全过滤器中的反应式方法?
我对ProjectReactor和WebFlux很熟悉,我想将我目前的传统、阻塞式安全过滤器改写为反应式安全过滤器,即:
当前筛选器如下所示:
@Component
@Slf4j
public class WhitelistingFilter extends OncePerRequestFilter {
private static final String SECURITY_PROPERTIES = "security.properties";
private final Properties securityProperties = readConfigurationFile(SECURITY_PROPERTIES);
private final String whitelistingEnabled = securityProperties.getProperty("whitelisting.enabled", FALSE.toString());
private final RedisTemplate<String, Object> whitelistingRedisTemplate;
private final AwsCognitoIdTokenProcessor awsCognitoIdTokenProcessor;
public WhitelistingFilter(
@Qualifier("whitelistingRedisTemplate")
RedisTemplate<String, Object> whitelistingRedisTemplate,
AwsCognitoIdTokenProcessor awsCognitoIdTokenProcessor) {
this.whitelistingRedisTemplate = whitelistingRedisTemplate;
this.awsCognitoIdTokenProcessor = awsCognitoIdTokenProcessor;
}
@Override
protected boolean shouldNotFilter(@NonNull HttpServletRequest request) {
AntPathMatcher pathMatcher = new AntPathMatcher();
return Stream.of(USER_LOGIN_URL, ADMIN_LOGIN_URL, SIGNUP_BY_ADMIN_URL, SIGNUP_URL, LOGOUT_URL)
.anyMatch(p -> pathMatcher.match(p, request.getServletPath())) || whitelistingDisabled();
}
private boolean whitelistingDisabled() {
return FALSE.toString().equalsIgnoreCase(whitelistingEnabled);
}
@Override
protected void doFilterInternal(@NonNull HttpServletRequest httpServletRequest, @NonNull HttpServletResponse httpServletResponse, @NonNull FilterChain filterChain) {
try {
Authentication authentication = awsCognitoIdTokenProcessor.getAuthentication(httpServletRequest);
Optional<String> username = Optional.ofNullable(authentication.getName());
if (username.isPresent() && usernameWhitelisted(username.get())) {
log.info("User with username: {} is present in whitelisting", username.get());
filterChain.doFilter(httpServletRequest, httpServletResponse);
} else {
httpServletResponse.setStatus(HttpServletResponse.SC_UNAUTHORIZED);
log.error("Username: {} not whitelisted or empty", username.orElse(""));
}
} catch (Exception e) {
logger.error("Error occurred while checking user in redis whitelisting", e);
SecurityContextHolder.clearContext();
}
}
private boolean usernameWhitelisted(String username) {
return Boolean.TRUE.equals(whitelistingRedisTemplate.hasKey(WHITELISTING_PREFIX + username));
}
}
新的、不完整的、被动的方法类如下所示:
@Component
@Slf4j
public class WhitelistingFilter implements WebFilter {
private static final String SECURITY_PROPERTIES = "security.properties";
public final List<String> whitelistedUrls =
List.of(USER_LOGIN_URL, ADMIN_LOGIN_URL, SIGNUP_BY_ADMIN_URL, SIGNUP_URL, LOGOUT_URL);
private final Properties securityProperties = readConfigurationFile(SECURITY_PROPERTIES);
private final String whitelistingEnabled = securityProperties.getProperty("whitelisting.enabled", FALSE.toString());
private final ReactiveRedisOperations<String, Object> whitelistingRedisTemplate;
private final AuthenticationManager authenticationManager;
public WhitelistingFilter(
@Qualifier("reactiveWhitelistingRedisTemplate")
ReactiveRedisOperations<String, Object> whitelistingRedisTemplate,
AuthenticationManager authenticationManager) {
this.whitelistingRedisTemplate = whitelistingRedisTemplate;
this.authenticationManager = authenticationManager;
}
@Override
public Mono<Void> filter(ServerWebExchange exchange, WebFilterChain chain) {
Mono<String> username =
ReactiveSecurityContextHolder.getContext()
.map(SecurityContext::getAuthentication)
.map(Authentication::getName);
//logic here
}
private Mono<Boolean> whitelistingDisabled() {
return Mono.just(FALSE.toString().equalsIgnoreCase(whitelistingEnabled));
}
private Mono<Boolean> usernameWhitelisted(Mono<String> username) {
return whitelistingRedisTemplate.hasKey(WHITELISTING_PREFIX + username);
}
}
我更改了usernameWhitelisted()
和whitelistingDisabled()
方法,以返回Mono的,但我不知道如何验证用户名是否是白名单,以及在被动方法中是否启用了白名单。我试图做某事
username.flatMap(u -> {
if(two conditions here)
})
但通过这种方法,我为if语句提供了Mono,这与Java语义相矛盾。对于如何重写代码并使其以被动方式工作的建议,我将不胜感激
共 (0) 个答案