diff --git a/config/src/main/java/org/springframework/security/config/annotation/method/configuration/DeferringObservationReactiveAuthorizationManager.java b/config/src/main/java/org/springframework/security/config/annotation/method/configuration/DeferringObservationReactiveAuthorizationManager.java new file mode 100644 index 00000000000..9061cb64bb7 --- /dev/null +++ b/config/src/main/java/org/springframework/security/config/annotation/method/configuration/DeferringObservationReactiveAuthorizationManager.java @@ -0,0 +1,51 @@ +/* + * Copyright 2002-2023 the original author or authors. + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * https://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +package org.springframework.security.config.annotation.method.configuration; + +import java.util.function.Supplier; + +import io.micrometer.observation.ObservationRegistry; +import reactor.core.publisher.Mono; + +import org.springframework.beans.factory.ObjectProvider; +import org.springframework.security.authorization.AuthorizationDecision; +import org.springframework.security.authorization.ObservationReactiveAuthorizationManager; +import org.springframework.security.authorization.ReactiveAuthorizationManager; +import org.springframework.security.core.Authentication; +import org.springframework.util.function.SingletonSupplier; + +final class DeferringObservationReactiveAuthorizationManager implements ReactiveAuthorizationManager { + + private final Supplier> delegate; + + DeferringObservationReactiveAuthorizationManager(ObjectProvider provider, + ReactiveAuthorizationManager delegate) { + this.delegate = SingletonSupplier.of(() -> { + ObservationRegistry registry = provider.getIfAvailable(() -> ObservationRegistry.NOOP); + if (registry.isNoop()) { + return delegate; + } + return new ObservationReactiveAuthorizationManager<>(registry, delegate); + }); + } + + @Override + public Mono check(Mono authentication, T object) { + return this.delegate.get().check(authentication, object); + } + +} diff --git a/config/src/main/java/org/springframework/security/config/annotation/method/configuration/ReactiveAuthorizationManagerMethodSecurityConfiguration.java b/config/src/main/java/org/springframework/security/config/annotation/method/configuration/ReactiveAuthorizationManagerMethodSecurityConfiguration.java index 40e498e512c..4f53005f7c8 100644 --- a/config/src/main/java/org/springframework/security/config/annotation/method/configuration/ReactiveAuthorizationManagerMethodSecurityConfiguration.java +++ b/config/src/main/java/org/springframework/security/config/annotation/method/configuration/ReactiveAuthorizationManagerMethodSecurityConfiguration.java @@ -1,5 +1,5 @@ /* - * Copyright 2002-2022 the original author or authors. + * Copyright 2002-2023 the original author or authors. * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. @@ -28,7 +28,6 @@ import org.springframework.security.access.expression.method.DefaultMethodSecurityExpressionHandler; import org.springframework.security.access.expression.method.MethodSecurityExpressionHandler; import org.springframework.security.authentication.ReactiveAuthenticationManager; -import org.springframework.security.authorization.ObservationReactiveAuthorizationManager; import org.springframework.security.authorization.ReactiveAuthorizationManager; import org.springframework.security.authorization.method.AuthorizationManagerAfterReactiveMethodInterceptor; import org.springframework.security.authorization.method.AuthorizationManagerBeforeReactiveMethodInterceptor; @@ -93,11 +92,7 @@ static DefaultMethodSecurityExpressionHandler methodSecurityExpressionHandler( static ReactiveAuthorizationManager manager(ReactiveAuthorizationManager delegate, ObjectProvider registryProvider) { - ObservationRegistry registry = registryProvider.getIfAvailable(() -> ObservationRegistry.NOOP); - if (registry.isNoop()) { - return delegate; - } - return new ObservationReactiveAuthorizationManager<>(registry, delegate); + return new DeferringObservationReactiveAuthorizationManager<>(registryProvider, delegate); } }