-
Notifications
You must be signed in to change notification settings - Fork 2.6k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Support Quarkus REST endpoint security annotations placed on endpoint implementations #41784
Support Quarkus REST endpoint security annotations placed on endpoint implementations #41784
Conversation
887ea99
to
d31ccbe
Compare
This comment has been minimized.
This comment has been minimized.
...ver/runtime/src/main/java/org/jboss/resteasy/reactive/server/model/ServerResourceMethod.java
Outdated
Show resolved
Hide resolved
d31ccbe
to
d30e0e6
Compare
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Amazing work!
This comment has been minimized.
This comment has been minimized.
I have only renamed one property and added Javadoc, before this change it worked so I think it's flaky. Anyway |
|
Almost certainly unrelated, but I relaunched that job anyway |
...va/io/quarkus/resteasy/reactive/server/runtime/security/EagerSecurityInterceptorHandler.java
Show resolved
Hide resolved
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Everything is done very precisely with a great test coverage, minor question about the exception message, up to Michal what to do with it...
Thanks @michalvavrik
Status for workflow
|
Status | Name | Step | Failures | Logs | Raw logs | Build scan |
---|---|---|---|---|---|---|
✔️ | Native Tests - HTTP | Failures | Logs | Raw logs | 🚧 |
Failures
⚙️ Native Tests - HTTP #
- Failing: integration-tests/rest-client
📦 integration-tests/rest-client
✖ Failed to execute goal uk.co.automatictester:truststore-maven-plugin:3.0.0:generate-truststore (wrong-host-truststore) on project quarkus-integration-test-rest-client: Execution wrong-host-truststore of goal uk.co.automatictester:truststore-maven-plugin:3.0.0:generate-truststore failed: Unable to establish TLS connection with: wrong.host.badssl.com:443
I've just merged and noticed the test failure, but it does not look related at all |
I think @geoand re-run the test failure and it was fixed. So the CI was green. |
follow-up for the #41564
This PR aims to assure that when a security annotation is placed on a method that is actually invoked (returns endpoint response), than security is applied. Also, that when the security is applied, then default JAX-RS security is not applied as requested in the #39964. Extra tests comparing to #41564 are to assert endpoint implementation is identified for supported scenarios (tested scenarios). CDI interceptors that are backup for eager checks here are untouched by this PR, as well as all existing tests.