New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Create a new Resteasy Context Map #13335
Conversation
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I think it's safer to use the other addCloseableContextDataLevel
because it also removes the context data map. If you don't you're fucking up any pending client context.
Map<Class<?>, Object> map = new HashMap<>(); | ||
map.put(SecurityContext.class, new QuarkusResteasySecurityContext(request, routingContext)); | ||
map.put(RoutingContext.class, routingContext); | ||
ResteasyContext.pushContextDataMap(map); |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I think you should be using the variant that creates a new Closeable
context : addCloseableContextDataLevel
that you can use in a try-with-resource.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
What about async requests?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Async requests need to capture this context anyway, since we've no idea what thread they'll be in when they get executed. This doesn't destroy anything, BTW. It just pops it from the current context stack and restore the previous context map.
This provides a slight performance advantage, but most importantly will prevent an existing client context from interfering with the server one. This can happen if the authentication layer is using the REST client to access external services. Fixes quarkusio#13317
8eab583
to
912d62e
Compare
This provides a slight performance advantage,
but most importantly will prevent an existing
client context from interfering with the server one.
This can happen if the authentication layer is using
the REST client to access external services.
Fixes #13317