public void validateBindings()

in deltaspike/modules/security/impl/src/main/java/org/apache/deltaspike/security/impl/extension/SecurityExtension.java [124:199]

• 64 lines of code
• 14 McCabe index (conditional complexity)

    public void validateBindings(@Observes AfterBeanDiscovery event, BeanManager beanManager)
    {
        if (!isActivated)
        {
            return;
        }

        SecurityMetaDataStorage metaDataStorage = getMetaDataStorage();

        metaDataStorage.registerSecuredMethods();

        for (final AnnotatedMethod<?> method : metaDataStorage.getSecuredMethods())
        {
            // Here we simply want to validate that each method that is annotated with
            // one or more security bindings has a valid authorizer for each binding

            Class<?> targetClass = method.getDeclaringType().getJavaClass();
            Method targetMethod = method.getJavaMember();
            for (final Annotation annotation : SecurityUtils.getSecurityBindingTypes(targetClass, targetMethod)) 
            {
                boolean found = false;

                Set<AuthorizationParameter> authorizationParameters = new HashSet<AuthorizationParameter>();
                for (AnnotatedParameter<?> parameter : (List<AnnotatedParameter<?>>) (List<?>) method.getParameters())
                {
                    Set<Annotation> securityParameterBindings = null;
                    for (Annotation a : parameter.getAnnotations())
                    {
                        if (SecurityUtils.isMetaAnnotatedWithSecurityParameterBinding(a))
                        {
                            if (securityParameterBindings == null)
                            {
                                securityParameterBindings = new HashSet<Annotation>();
                            }
                            securityParameterBindings.add(a);
                        }
                    }
                    if (securityParameterBindings != null)
                    {
                        AuthorizationParameter authorizationParameter
                            = new AuthorizationParameter(parameter.getBaseType(), securityParameterBindings);
                        authorizationParameters.add(authorizationParameter);
                    }
                }
                // Validate the authorizer
                for (Authorizer auth : metaDataStorage.getAuthorizers())
                {
                    if (auth.matchesBindings(annotation, authorizationParameters, targetMethod.getReturnType())) 
                    {
                        found = true;
                        break;
                    }
                }

                if (!found) 
                {
                    event.addDefinitionError(new SecurityDefinitionException("Secured type " +
                            method.getDeclaringType().getJavaClass().getName() +
                            " has no matching authorizer method for security binding @" +
                            annotation.annotationType().getName()));
                }
            }

            for (final Annotation annotation : method.getAnnotations()) 
            {
                if (SecurityUtils.isMetaAnnotatedWithSecurityBindingType(annotation))
                {
                    metaDataStorage.registerSecuredMethod(targetClass, targetMethod);
                    break;
                }
            }
        }

        // Clear securedTypes, we don't require it any more
        metaDataStorage.resetSecuredMethods();
    }