diff --git a/spring-grpc-core/src/main/java/org/springframework/grpc/server/security/AuthenticationProcessInterceptor.java b/spring-grpc-core/src/main/java/org/springframework/grpc/server/security/AuthenticationProcessInterceptor.java index 0417bdd4..a2b573ac 100644 --- a/spring-grpc-core/src/main/java/org/springframework/grpc/server/security/AuthenticationProcessInterceptor.java +++ b/spring-grpc-core/src/main/java/org/springframework/grpc/server/security/AuthenticationProcessInterceptor.java @@ -66,7 +66,7 @@ public AuthenticationProcessInterceptor(AuthenticationManager authenticationMana public Listener interceptCall(ServerCall call, Metadata headers, ServerCallHandler next) { SecurityContext securityContext = SecurityContextHolder.getContext(); - Authentication user = this.extractor.extract(headers, call.getAttributes()); + Authentication user = this.extractor.extract(headers, call.getAttributes(), call.getMethodDescriptor()); if (user != null) { user = this.authenticationManager.authenticate(user); securityContext.setAuthentication(user); diff --git a/spring-grpc-core/src/main/java/org/springframework/grpc/server/security/BearerTokenAuthenticationExtractor.java b/spring-grpc-core/src/main/java/org/springframework/grpc/server/security/BearerTokenAuthenticationExtractor.java index 8661712b..4598be7e 100644 --- a/spring-grpc-core/src/main/java/org/springframework/grpc/server/security/BearerTokenAuthenticationExtractor.java +++ b/spring-grpc-core/src/main/java/org/springframework/grpc/server/security/BearerTokenAuthenticationExtractor.java @@ -23,6 +23,7 @@ import io.grpc.Attributes; import io.grpc.Metadata; +import io.grpc.MethodDescriptor; /** * Extracts the HTTP Basic authentication credentials from the gRPC request headers. If @@ -36,7 +37,7 @@ public class BearerTokenAuthenticationExtractor implements GrpcAuthenticationExtractor { @Override - public Authentication extract(Metadata headers, Attributes attributes) { + public Authentication extract(Metadata headers, Attributes attributes, MethodDescriptor method) { String auth = headers.get(GrpcSecurity.AUTHORIZATION_KEY); if (auth == null) { return null; diff --git a/spring-grpc-core/src/main/java/org/springframework/grpc/server/security/GrpcAuthenticationExtractor.java b/spring-grpc-core/src/main/java/org/springframework/grpc/server/security/GrpcAuthenticationExtractor.java index 5a041576..8ffd93ec 100644 --- a/spring-grpc-core/src/main/java/org/springframework/grpc/server/security/GrpcAuthenticationExtractor.java +++ b/spring-grpc-core/src/main/java/org/springframework/grpc/server/security/GrpcAuthenticationExtractor.java @@ -19,9 +19,10 @@ import io.grpc.Attributes; import io.grpc.Metadata; +import io.grpc.MethodDescriptor; public interface GrpcAuthenticationExtractor { - Authentication extract(Metadata headers, Attributes attributes); + Authentication extract(Metadata headers, Attributes attributes, MethodDescriptor method); } diff --git a/spring-grpc-core/src/main/java/org/springframework/grpc/server/security/GrpcSecurity.java b/spring-grpc-core/src/main/java/org/springframework/grpc/server/security/GrpcSecurity.java index 2e6d224a..1d130952 100644 --- a/spring-grpc-core/src/main/java/org/springframework/grpc/server/security/GrpcSecurity.java +++ b/spring-grpc-core/src/main/java/org/springframework/grpc/server/security/GrpcSecurity.java @@ -35,6 +35,7 @@ import io.grpc.Attributes; import io.grpc.Metadata; +import io.grpc.MethodDescriptor; import io.micrometer.observation.ObservationRegistry; /** @@ -196,9 +197,9 @@ private static class CompositeAuthenticationExtractor implements GrpcAuthenticat } @Override - public Authentication extract(Metadata headers, Attributes attributes) { + public Authentication extract(Metadata headers, Attributes attributes, MethodDescriptor method) { for (GrpcAuthenticationExtractor extractor : this.extractors) { - Authentication authentication = extractor.extract(headers, attributes); + Authentication authentication = extractor.extract(headers, attributes, method); if (authentication != null) { return authentication; } diff --git a/spring-grpc-core/src/main/java/org/springframework/grpc/server/security/HttpBasicAuthenticationExtractor.java b/spring-grpc-core/src/main/java/org/springframework/grpc/server/security/HttpBasicAuthenticationExtractor.java index 21036f78..901700ab 100644 --- a/spring-grpc-core/src/main/java/org/springframework/grpc/server/security/HttpBasicAuthenticationExtractor.java +++ b/spring-grpc-core/src/main/java/org/springframework/grpc/server/security/HttpBasicAuthenticationExtractor.java @@ -24,6 +24,7 @@ import io.grpc.Attributes; import io.grpc.Metadata; +import io.grpc.MethodDescriptor; /** * Extracts the HTTP Basic authentication credentials from the gRPC request headers. If @@ -37,7 +38,7 @@ public class HttpBasicAuthenticationExtractor implements GrpcAuthenticationExtractor { @Override - public Authentication extract(Metadata headers, Attributes attributes) { + public Authentication extract(Metadata headers, Attributes attributes, MethodDescriptor method) { String auth = headers.get(GrpcSecurity.AUTHORIZATION_KEY); if (auth == null) { return null; diff --git a/spring-grpc-core/src/main/java/org/springframework/grpc/server/security/SslContextPreAuthenticationExtractor.java b/spring-grpc-core/src/main/java/org/springframework/grpc/server/security/SslContextPreAuthenticationExtractor.java index 3a767135..baeeb268 100644 --- a/spring-grpc-core/src/main/java/org/springframework/grpc/server/security/SslContextPreAuthenticationExtractor.java +++ b/spring-grpc-core/src/main/java/org/springframework/grpc/server/security/SslContextPreAuthenticationExtractor.java @@ -31,6 +31,7 @@ import io.grpc.Attributes; import io.grpc.Grpc; import io.grpc.Metadata; +import io.grpc.MethodDescriptor; public class SslContextPreAuthenticationExtractor implements GrpcAuthenticationExtractor { @@ -45,7 +46,7 @@ public SslContextPreAuthenticationExtractor(X509PrincipalExtractor principalExtr } @Override - public Authentication extract(Metadata headers, Attributes attributes) { + public Authentication extract(Metadata headers, Attributes attributes, MethodDescriptor method) { SSLSession session = attributes.get(Grpc.TRANSPORT_ATTR_SSL_SESSION); if (session != null) { X509Certificate[] certificates = initCertificates(session);