Skip to content

Add @AuthenticationPrincipal/@CurrentSecurityContext Interface Support for Expression Templates #16201

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 1 commit into from
Dec 19, 2024
Merged

Add @AuthenticationPrincipal/@CurrentSecurityContext Interface Support for Expression Templates #16201

merged 1 commit into from
Dec 19, 2024

Conversation

kse-music
Copy link
Contributor

@kse-music kse-music commented Dec 2, 2024
edited
Loading

Closes gh-16248

@spring-projects-issues spring-projects-issues added the status: waiting-for-triage An issue we've not yet triaged label Dec 2, 2024
@kse-music kse-music marked this pull request as draft December 2, 2024 05:19
@kse-music kse-music marked this pull request as ready for review December 2, 2024 07:28
jzheaux
jzheaux requested changes Dec 4, 2024
View reviewed changes
Copy link
Contributor

@jzheaux jzheaux left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thanks for the PR, @kse-music! I've left some feedback inline.

In addition, let's please change the argument resolvers to fall back to MethodParameter#findParameterAnnotation (the previous behavior) if they haven't supplied an AnnotationTemplateExpressionDefaults.

The reason for this is historically the argument resolvers have simply picked the first annotation they find instead of enforcing Security's no-duplicate policy and we don't want to change that expectation in a minor release.

@kse-music kse-music force-pushed the gh-16177 branch 2 times, most recently from 195eba4 to 760ec9c Compare December 5, 2024 02:04
@kse-music
Copy link
Contributor Author

kse-music commented Dec 5, 2024
edited
Loading

@jzheaux All feedback is done.But if fall back to MethodParameter#findParameterAnnotation when they haven't supplied an AnnotationTemplateExpressionDefaults, then use @AuthenticationPrincipal as meta-annotations is not working .

For example #15286.

@Retention(RetentionPolicy.RUNTIME)
@AuthenticationPrincipal
public @interface CurrentUser {
	@AliasFor(annotation = AuthenticationPrincipal.class)
	String expression() default "";
}

Unless support meta-annotations also need to provide an AnnotationTemplateExpressionDefaults?

@jzheaux
Copy link
Contributor

jzheaux commented Dec 5, 2024

Unless support meta-annotations also need to provide an AnnotationTemplateExpressionDefaults?

That's correct. Please see this section of the reference for more details.

@kse-music
Copy link
Contributor Author

That's correct. Please see this section of the reference for more details.

Thanks, @jzheaux . Now all checks have now passed

jzheaux
jzheaux requested changes Dec 5, 2024
View reviewed changes
Copy link
Contributor

@jzheaux jzheaux left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thanks for the PR, @kse-music, great job. I've left some feedback inline.

@jzheaux jzheaux self-assigned this Dec 5, 2024
@jzheaux jzheaux added in: core An issue in spring-security-core type: bug A general bug and removed status: waiting-for-triage An issue we've not yet triaged labels Dec 5, 2024
@jzheaux
Copy link
Contributor

jzheaux commented Dec 5, 2024

@kse-music, one more thing. I'm not comfortable releasing this big of a change on a maintenance release. So let's split this PR into two: One for the additional support in SecurityAnnotationScanners and one for the fallback logic in the argument resolvers. The fallback logic will be merged and released in 6.4 and the rest will release in 6.5.

@kse-music kse-music force-pushed the gh-16177 branch 2 times, most recently from 4bab2ed to 5ad3baf Compare December 6, 2024 02:30
@kse-music
Copy link
Contributor Author

@jzheaux If use fallback logic, it may not be easy to support aliasFor , as comment said, or you write a search for parameter annotation inheritance?

@kse-music kse-music force-pushed the gh-16177 branch 2 times, most recently from 3a20373 to 1f052b9 Compare December 7, 2024 01:23
@kse-music kse-music mentioned this pull request Dec 9, 2024
Merged
@jzheaux jzheaux changed the title Support @AuthenticationPrincipal on interfaces Add @AuthenticationPrincipal/@CurrentSecurityContext Interface Support for Expression Templates Dec 9, 2024
@jzheaux jzheaux added this to the 6.5.x milestone Dec 9, 2024
@jzheaux
Copy link
Contributor

jzheaux commented Dec 9, 2024

I've opened #16248. Would you please change the commit message to point to that ticket instead?

@kse-music kse-music force-pushed the gh-16177 branch 3 times, most recently from 01f378c to d856fb1 Compare December 9, 2024 18:45
@kse-music
Copy link
Contributor Author

I've opened #16248. Would you please change the commit message to point to that ticket instead?

Done

@jzheaux jzheaux modified the milestones: 6.5.x, 6.5.0-M1 Dec 19, 2024
@jzheaux jzheaux added type: enhancement A general enhancement and removed type: bug A general bug labels Dec 19, 2024
jzheaux
jzheaux requested changes Dec 19, 2024
View reviewed changes
Copy link
Contributor

@jzheaux jzheaux left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@kse-music, thanks for your patience while I got back to this. After some testing, I have some additional feedback; are you able to address it?

@kse-music
Copy link
Contributor Author

@jzheaux All feedback is done.

@jzheaux jzheaux merged commit 95ec49a into spring-projects:main Dec 19, 2024
6 checks passed
@jzheaux
Copy link
Contributor

jzheaux commented Dec 19, 2024

Lovely, @kse-music. All merged and thank you again.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@jzheaux jzheaux jzheaux approved these changes

Assignees

@jzheaux jzheaux

Labels
in: core An issue in spring-security-core type: enhancement A general enhancement
Projects
None yet
Milestone
6.5.0-M1
Development

Successfully merging this pull request may close these issues.

Support Meta-Annotation Parameters on Parameter Annotations
3 participants
@kse-music @jzheaux @spring-projects-issues