3

如果ResourceFilterFactory注释ContainerRequestFilter存在于AbstractMethod.

过滤器读取 cookie 或 API 密钥并检查它是否仍然有效,并在请求上设置一个属性。检查是昂贵的,所以我只希望它在注释存在时发生。

我想将生成的对象注入到我的资源中,但似乎注入发生在ResourceFilterFactory应用过滤器之前。如果我将过滤器ResourceConfig作为.PROPERTY_CONTAINER_REQUEST_FILTERSAbstractMethod

如何弥合差距,以便仅在方法具有注释时应用过滤器并注入字段?

我的代码看起来像这样。AuthFilter被调用后UserIdProviderc.getProperties().get(USER_ID_PROPERTY)总是如此null

public class AuthFilter implements ContainerRequestFilter {
  public ContainerRequest filter(ContainerRequest request) {
    Integer userId = …; // expensive lookup
    request.getProperties().set(USER_ID_PROPERTY, userId);
    return request;
  }
}

public class AuthFilterFactory implements ResourceFilterFactory {
  // …
  public List<ResourceFilter> create(AbstractMethod am) {
    if (am.isAnnotationPresent(RequireAuth.class) || am.getResource().isAnnotationPresent(RequireAuth.class)) {
      return Collections.singletonList(new ResourceFilter() {
        public ContainerRequestFilter getRequestFilter() {
          return authFilter;
        }
      });
    }
    else {
      return null
    }
  }
}

InjectableProvider:

@Provider
public class UserIdProvider implements InjectableProvider<UserId, Parameter> {
  public ComponentScope getScope() {
    return ComponentScope.PerRequest;
  }

  public Injectable<? extends Object> getInjectable(ComponentContext ic, UserId a, final Parameter t) {
    return new AbstractHttpContextInjectable<Integer>() {
      public Integer getValue(HttpContext c) {
        return (Integer) c.getProperties().get(USER_ID_PROPERTY);
      }
    }
  }
}

资源:

@Path("/user")
public class UserResource {
  @UserId
  Integer userId;

  // userId should only be set on this method
  @GET
  @RequireAuth
  public UserDetails get() {
    // …
  }

  // the auth filter should not be called for this method
  @POST
  @Path("/login")
  public String login() {
    // …
  }
}
4

0 回答 0