获取 ContainerRequestFilter 中的资源类注释值

2022-09-03 04:57:46

我正在努力理解休息拦截器注释如何添加稍后在过滤器中可见的不同值。给定下面的代码,我希望一旦进入过滤器,权限值就会有 foo 和 bar,但是它们是空的。任何帮助将不胜感激。

注解

package edu.psu.swe.fortress.poc.interceptor;

import java.lang.annotation.ElementType;
import java.lang.annotation.Retention;
import java.lang.annotation.RetentionPolicy;
import java.lang.annotation.Target;

import javax.enterprise.util.Nonbinding;
import javax.ws.rs.NameBinding;

@NameBinding
@Target({ElementType.TYPE, ElementType.METHOD})
@Retention(value=RetentionPolicy.RUNTIME)
public @interface FortressProtected
{
  @Nonbinding String[] permissions() default {};
}

滤波器

package edu.psu.swe.fortress.poc.interceptor;

import java.io.IOException;
import java.lang.annotation.Annotation;

import javax.ws.rs.container.ContainerRequestContext;
import javax.ws.rs.container.ContainerRequestFilter;
import javax.ws.rs.ext.Provider;

@Provider
@FortressProtected
public class FortressAuthorizer implements ContainerRequestFilter
{

  @Override
  public void filter(ContainerRequestContext requestContext) throws     IOException
  {
    System.out.println("In the interceptor");
    Class<?> clazz = this.getClass();
    FortressProtected annotation = clazz.getAnnotation(edu.psu.swe.fortress.poc.interceptor.FortressProtected.class);

    System.out.println("Annotation? " + clazz.isAnnotation());

    for (Annotation a : clazz.getAnnotations())
    {
      System.out.println(a);
    }

    for (String s : annotation.permissions())
    {
      System.out.println(s);
    }
  }
}

应用配置

package edu.psu.swe.fortress.poc.rest;

import java.util.HashSet;
import java.util.Set;

import javax.ws.rs.ApplicationPath;
import javax.ws.rs.core.Application;

import edu.psu.swe.fortress.poc.interceptor.FortressAuthorizer;
import edu.psu.swe.fortress.poc.interceptor.FortressProtected;

@ApplicationPath("")
public class FortressTestApp extends Application
{
  private Set<Class<?>> clazzez_ = new HashSet<>();
  {
    clazzez_.add(ResourceImpl.class);
    clazzez_.add(FortressProtected.class);
    clazzez_.add(FortressAuthorizer.class);
  }
  public Set<Class<?>> getClasses()
  {
    return clazzez_;
  }
}

资源类

package edu.psu.swe.fortress.poc.rest;

import javax.ws.rs.GET;
import javax.ws.rs.Path;
import javax.ws.rs.Produces;

import edu.psu.swe.fortress.poc.interceptor.FortressProtected;

@FortressProtected(permissions={"foo", "bar"})
@Path("tests")
public class ResourceImpl
{
  @GET
  @Produces("application/text")
  public String getHello()
  {
    FortressProtected annotation = this.getClass().getAnnotation(edu.psu.swe.fortress.poc.interceptor.FortressProtected.class);

    System.out.println(annotation.toString());

    return "hello";
  }
}

日志输出如下所示:

15:59:55,223 INFO [stdout] (default task-9) @edu.psu.swe.fortress.poc.interceptor.FortressProtected(permissions=[]) 15:59:55,229 INFO [stdout] (default task-9) @edu.psu.swe.fortress.poc.interceptor.FortressProtected(permissions=[foo, bar])

提前致谢。


答案 1

在过滤器中查看此内容

Class<?> clazz = this.getClass();
FortressProtected annotation = clazz.getAnnotation(FortressProtected.class);

this.getClass()对应于筛选器类(其批注没有值)。相反,您需要在ResourceImpl

有几个选择。您可以显式使用 。但这样做的问题是,一旦你绑定了多个类,你如何匹配哪个类对应于哪个请求。因此,下一个选项更可行。ResourceImpl.class.getAnnotation(...)

你要做的是注入资源信息。有了这个,你可以调用它或方法。这些方法分别返回匹配的方法和类。然后,您可以在类级别和方法级别检查注释(因为我们也可以在方法级别进行绑定)。所以你可能有更多这样的东西:getResourceMethodgetResourceClass

@Provider
@FortressProtected
public class FortressAuthorizer implements ContainerRequestFilter {

  @Context
  ResourceInfo resourceInfo;

  @Override
  public void filter(ContainerRequestContext requestContext) throws IOException {

    Class<?> resourceClass = resourceInfo.getResourceClass();
    FortressProtected classAnnot = resourceClass.getAnnotation(FortressProtected.class);
    if (classAnnot != null) {
      // do something with annotation
    }

    Method resourceMethod = resourceInfo.getResourceMethod();
    FortressProtected methodAnnot = resourceMethod.getAnnotation(FortressProtected.class);
    if (methodAnnot != null) {
      // do something with annotation
    }
  }
}

答案 2

推荐