From 7319cf2f0fa9b032a73d2071d7b7da8d243578be Mon Sep 17 00:00:00 2001 From: Max Batischev Date: Thu, 4 Apr 2024 23:32:14 +0300 Subject: [PATCH] Add support AuthorizationResult for AuthorizationManager Added a new authorization method to AuthorizationManager that returns AuthorizationResult. Closes gh-14843 --- .../authorization/AuthorizationManager.java | 17 ++++++++++++++++- 1 file changed, 16 insertions(+), 1 deletion(-) diff --git a/core/src/main/java/org/springframework/security/authorization/AuthorizationManager.java b/core/src/main/java/org/springframework/security/authorization/AuthorizationManager.java index 221d5f01c6b..24efbab411c 100644 --- a/core/src/main/java/org/springframework/security/authorization/AuthorizationManager.java +++ b/core/src/main/java/org/springframework/security/authorization/AuthorizationManager.java @@ -1,5 +1,5 @@ /* - * Copyright 2002-2020 the original author or authors. + * Copyright 2002-2024 the original author or authors. * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. @@ -50,8 +50,23 @@ default void verify(Supplier authentication, T object) { * @param authentication the {@link Supplier} of the {@link Authentication} to check * @param object the {@link T} object to check * @return an {@link AuthorizationDecision} or null if no decision could be made + * @deprecated Use {{@link #authorize(Supplier, Object)}} instead */ + @Deprecated @Nullable AuthorizationDecision check(Supplier authentication, T object); + /** + * Determines if access should be granted for a specific authentication and object. + * @param authentication the {@link Supplier} of the {@link Authentication} to + * authorize + * @param object the {@link T} object to authorize + * @return an {@link AuthorizationResult} or null if no result could be made + * @since 6.3 + */ + @Nullable + default AuthorizationResult authorize(Supplier authentication, T object) { + return check(authentication, object); + } + }