enh(jakarta-ee): intruduced ShiroFilter.isSecurityManagerTypeOf() met…

…hod and unwrapSecurityManager() is generic so casting is avoided
apache · Apr 19, 2024 · 1ee2b75 · 1ee2b75
1 parent b31d0a8
commit 1ee2b75
Show file tree

Hide file tree

Showing 2 changed files with 23 additions and 8 deletions.
diff --git a/support/jakarta-ee/src/main/java/org/apache/shiro/ee/filters/FormResubmitSupport.java b/support/jakarta-ee/src/main/java/org/apache/shiro/ee/filters/FormResubmitSupport.java
@@ -33,6 +33,7 @@
 import java.util.Collections;
 import org.apache.shiro.ee.filters.Forms.FallbackPredicate;
 import static org.apache.shiro.ee.filters.FormResubmitSupportCookies.transformCookieHeader;
+import static org.apache.shiro.ee.filters.ShiroFilter.isSecurityManagerTypeOf;
 import static org.apache.shiro.ee.filters.ShiroFilter.unwrapSecurityManager;
 import static org.apache.shiro.ee.listeners.EnvironmentLoaderListener.isFormResubmitDisabled;
 import java.io.IOException;
@@ -137,11 +138,11 @@ static class PartialAjaxResult {
     }
 
     static void savePostDataForResubmit(HttpServletRequest request, HttpServletResponse response, @NonNull String loginUrl) {
-        if (isPostRequest(request) && unwrapSecurityManager(SecurityUtils.getSecurityManager())
-                instanceof DefaultSecurityManager) {
+        if (isPostRequest(request) && isSecurityManagerTypeOf(SecurityUtils.getSecurityManager(),
+                DefaultSecurityManager.class)) {
             String postData = getPostData(request);
             var cacheKey = UUID.randomUUID();
-            var dsm = (DefaultSecurityManager) unwrapSecurityManager(SecurityUtils.getSecurityManager());
+            DefaultSecurityManager dsm = unwrapSecurityManager(SecurityUtils.getSecurityManager());
             if (dsm.getCacheManager() != null) {
                 var cache = dsm.getCacheManager().getCache(FORM_DATA_CACHE);
                 var rememberMeManager = (AbstractRememberMeManager) dsm.getRememberMeManager();
@@ -179,8 +180,8 @@ static String getPostData(ServletRequest request) {
 
     static String getSavedFormDataFromKey(@NonNull String savedFormDataKey) {
         String savedFormData = null;
-        if (unwrapSecurityManager(SecurityUtils.getSecurityManager()) instanceof DefaultSecurityManager) {
-            var dsm = (DefaultSecurityManager) unwrapSecurityManager(SecurityUtils.getSecurityManager());
+        if (isSecurityManagerTypeOf(SecurityUtils.getSecurityManager(), DefaultSecurityManager.class)) {
+            DefaultSecurityManager dsm = unwrapSecurityManager(SecurityUtils.getSecurityManager());
             if (dsm.getCacheManager() != null) {
                 var cache = dsm.getCacheManager().getCache(FORM_DATA_CACHE);
                 var cacheKey = UUID.fromString(savedFormDataKey);

diff --git a/support/jakarta-ee/src/main/java/org/apache/shiro/ee/filters/ShiroFilter.java b/support/jakarta-ee/src/main/java/org/apache/shiro/ee/filters/ShiroFilter.java
@@ -178,19 +178,33 @@ public Subject createSubject(SubjectContext context) {
         }
     }
 
+    /**
+     * Determines if the specified security manager is of the specified type or a subclass of the specified type.
+     *
+     * @param securityManager
+     * @param type
+     * @return true if the security manager is of the specified type or a subclass of the specified type, false otherwise.
+     */
+    public static boolean isSecurityManagerTypeOf(SecurityManager securityManager,
+                                                  Class<? extends SecurityManager> type) {
+        return type.isAssignableFrom(unwrapSecurityManager(securityManager).getClass());
+    }
+
     /**
      * Unwraps the security manager. This method should only be used under limited circumstances,
      * Because the returned value is no longer wrapped, it will not be able to create subjects correctly.
      *
+     * @param <SM> the desired type of the security manager
      * @param securityManager
      * @return unwrapped security manager
      */
-    public static org.apache.shiro.mgt.SecurityManager unwrapSecurityManager(SecurityManager securityManager) {
+    @SuppressWarnings("unchecked")
+    public static <SM extends SecurityManager> SM unwrapSecurityManager(SecurityManager securityManager) {
         if (securityManager instanceof WrappedSecurityManager) {
             WrappedSecurityManager wsm = (WrappedSecurityManager) securityManager;
-            return wsm.wrapped;
+            return (SM) wsm.wrapped;
         } else {
-            return securityManager;
+            return (SM) securityManager;
         }
     }