Update document

Signed-off-by: Tran Ngoc Nhan <ngocnhan.tran1996@gmail.com>
2025-06-21 01:41:15 +07:00 · 2025-06-21 01:41:15 +07:00 · d1c4351eb8
parent ee4d971db8
commit d1c4351eb8
7 changed files with 36 additions and 37 deletions
--- a/docs/modules/ROOT/pages/reactive/authorization/method.adoc
+++ b/docs/modules/ROOT/pages/reactive/authorization/method.adoc
@ -308,7 +308,7 @@ Java::
@Component
 public class MyPreAuthorizeAuthorizationManager implements ReactiveAuthorizationManager<MethodInvocation> {
    @Override
-    public Mono<AuthorizationDecision> check(Supplier<Authentication> authentication, MethodInvocation invocation) {
+    public Mono<AuthorizationResult> authorize(Supplier<Authentication> authentication, MethodInvocation invocation) {
        // ... authorization logic
    }
@ -321,7 +321,7 @@ Kotlin::
 ----
@Component
 class MyPreAuthorizeAuthorizationManager : ReactiveAuthorizationManager<MethodInvocation> {
-    override fun check(authentication: Supplier<Authentication>, invocation: MethodInvocation): Mono<AuthorizationDecision> {
+    override fun authorize(authentication: Supplier<Authentication>, invocation: MethodInvocation): Mono<AuthorizationResult> {
        // ... authorization logic
    }
--- a/docs/modules/ROOT/pages/servlet/appendix/faq.adoc
+++ b/docs/modules/ROOT/pages/servlet/appendix/faq.adoc
@ -544,7 +544,7 @@ public class DynamicAuthorizationManager implements AuthorizationManager<Request
 	// ...
    @Override
-    public AuthorizationDecision check(Supplier<Authentication> authentication, RequestAuthorizationContext context) {
+    public AuthorizationResult authorize(Supplier<Authentication> authentication, RequestAuthorizationContext context) {
 		// query the external service
    }
 }
@ -565,7 +565,7 @@ class DynamicAuthorizationManager : AuthorizationManager<RequestAuthorizationCon
    // ...
-    override fun check(authentication: Supplier<Authentication?>?, context: RequestAuthorizationContext?): AuthorizationDecision {
+    override fun authorize(authentication: Supplier<Authentication?>?, context: RequestAuthorizationContext?): AuthorizationResult {
 		// look up rules from the database
    }
 }
@ -595,7 +595,7 @@ public class DynamicAuthorizationManager implements AuthorizationManager<MethodI
 	// ...
    @Override
-    public AuthorizationDecision check(Supplier<Authentication> authentication, MethodInvocation invocation) {
+    public AuthorizationResult authorize(Supplier<Authentication> authentication, MethodInvocation invocation) {
 		// query the external service
    }
 }
@ -617,7 +617,7 @@ class DynamicAuthorizationManager : AuthorizationManager<MethodInvocation?> {
    private val authz: MyExternalAuthorizationService? = null
     // ...
-    override fun check(authentication: Supplier<Authentication?>?, invocation: MethodInvocation?): AuthorizationDecision {
+    override fun authorize(authentication: Supplier<Authentication?>?, invocation: MethodInvocation?): AuthorizationResult {
 		// query the external service
    }
 }
--- a/docs/modules/ROOT/pages/servlet/authorization/architecture.adoc
+++ b/docs/modules/ROOT/pages/servlet/authorization/architecture.adoc
@ -99,7 +99,7 @@ The `AuthorizationManager` interface contains two methods:
 [source,java]
 ----
-AuthorizationDecision check(Supplier<Authentication> authentication, Object secureObject);
+AuthorizationResult authorize(Supplier<Authentication> authentication, Object secureObject);
 default void verify(Supplier<Authentication> authentication, Object secureObject)
        throws AccessDeniedException {
@ -113,7 +113,7 @@ For example, let's assume the secure object was a `MethodInvocation`.
 It would be easy to query the `MethodInvocation` for any `Customer` argument, and then implement some sort of security logic in the `AuthorizationManager` to ensure the principal is permitted to operate on that customer.
 Implementations are expected to return a positive `AuthorizationDecision` if access is granted, negative `AuthorizationDecision` if access is denied, and a null `AuthorizationDecision` when abstaining from making a decision.
-`verify` calls `check` and subsequently throws an `AccessDeniedException` in the case of a negative `AuthorizationDecision`.
+`verify` calls `authorize` and subsequently throws an `AccessDeniedException` in the case of a negative `AuthorizationDecision`.
 [[authz-delegate-authorization-manager]]
 === Delegate-based AuthorizationManager Implementations
@ -180,7 +180,7 @@ public class AccessDecisionManagerAuthorizationManagerAdapter implements Authori
    private final SecurityMetadataSource securityMetadataSource;
    @Override
-    public AuthorizationDecision check(Supplier<Authentication> authentication, Object object) {
+    public AuthorizationResult authorize(Supplier<Authentication> authentication, Object object) {
        try {
            Collection<ConfigAttribute> attributes = this.securityMetadataSource.getAttributes(object);
            this.accessDecisionManager.decide(authentication.get(), object, attributes);
@ -216,7 +216,7 @@ public class AccessDecisionVoterAuthorizationManagerAdapter implements Authoriza
    private final SecurityMetadataSource securityMetadataSource;
    @Override
-    public AuthorizationDecision check(Supplier<Authentication> authentication, Object object) {
+    public AuthorizationResult authorize(Supplier<Authentication> authentication, Object object) {
        Collection<ConfigAttribute> attributes = this.securityMetadataSource.getAttributes(object);
        int decision = this.accessDecisionVoter.vote(authentication.get(), object, attributes);
        switch (decision) {
--- a/docs/modules/ROOT/pages/servlet/authorization/authorize-http-requests.adoc
+++ b/docs/modules/ROOT/pages/servlet/authorization/authorize-http-requests.adoc
@ -861,7 +861,7 @@ Java::
@Component
 public final class OpenPolicyAgentAuthorizationManager implements AuthorizationManager<RequestAuthorizationContext> {
    @Override
-    public AuthorizationDecision check(Supplier<Authentication> authentication, RequestAuthorizationContext context) {
+    public AuthorizationResult authorize(Supplier<Authentication> authentication, RequestAuthorizationContext context) {
        // make request to Open Policy Agent
    }
 }
--- a/docs/modules/ROOT/pages/servlet/authorization/events.adoc
+++ b/docs/modules/ROOT/pages/servlet/authorization/events.adoc
@ -95,29 +95,28 @@ public class MyAuthorizationEventPublisher implements AuthorizationEventPublishe
    @Override
    public <T> void publishAuthorizationEvent(Supplier<Authentication> authentication,
-            T object, AuthorizationDecision decision) {
+        T object, AuthorizationResult result) {
-        if (decision == null) {
+        if (result == null) {
            return;
        }
-        if (!decision.isGranted()) {
+        if (!result.isGranted()) {
-            this.delegate.publishAuthorizationEvent(authentication, object, decision);
+            this.delegate.publishAuthorizationEvent(authentication, object, result);
            return;
        }
-        if (shouldThisEventBePublished(decision)) {
+        if (shouldThisEventBePublished(result)) {
            AuthorizationGrantedEvent granted = new AuthorizationGrantedEvent(
-                    authentication, object, decision);
+                authentication, object, result);
            this.publisher.publishEvent(granted);
        }
    }
-    private boolean shouldThisEventBePublished(AuthorizationDecision decision) {
+    private boolean shouldThisEventBePublished(AuthorizationResult result) {
-        if (!(decision instanceof AuthorityAuthorizationDecision)) {
+        if (result instanceof AuthorityAuthorizationDecision authorityAuthorizationDecision) {
-            return false;
+            Collection<GrantedAuthority> authorities = authorityAuthorizationDecision.getAuthorities();
-        }
+            for (GrantedAuthority authority : authorities) {
-        Collection<GrantedAuthority> authorities = ((AuthorityAuthorizationDecision) decision).getAuthorities();
+                if ("ROLE_ADMIN".equals(authority.getAuthority())) {
-        for (GrantedAuthority authority : authorities) {
+                    return true;
-            if ("ROLE_ADMIN".equals(authority.getAuthority())) {
+                }
                return true;
            }
        }
        return false;
@ -137,22 +136,22 @@ class MyAuthorizationEventPublisher(val publisher: ApplicationEventPublisher,
    override fun <T : Any?> publishAuthorizationEvent(
        authentication: Supplier<Authentication>?,
        `object`: T,
-        decision: AuthorizationDecision?
+        result: AuthorizationResult?
    ) {
-        if (decision == null) {
+        if (result == null) {
            return
        }
-        if (!decision.isGranted) {
+        if (!result.isGranted) {
-            this.delegate.publishAuthorizationEvent(authentication, `object`, decision)
+            this.delegate.publishAuthorizationEvent(authentication, `object`, result)
            return
        }
-        if (shouldThisEventBePublished(decision)) {
+        if (shouldThisEventBePublished(result)) {
-            val granted = AuthorizationGrantedEvent(authentication, `object`, decision)
+            val granted = AuthorizationGrantedEvent(authentication, `object`, result)
            this.publisher.publishEvent(granted)
        }
    }
-    private fun shouldThisEventBePublished(decision: AuthorizationDecision): Boolean {
+    private fun shouldThisEventBePublished(result: AuthorizationResult): Boolean {
        if (decision !is AuthorityAuthorizationDecision) {
            return false
        }
--- a/docs/modules/ROOT/pages/servlet/authorization/method-security.adoc
+++ b/docs/modules/ROOT/pages/servlet/authorization/method-security.adoc
@ -1371,12 +1371,12 @@ Java::
@Component
 public class MyAuthorizationManager implements AuthorizationManager<MethodInvocation>, AuthorizationManager<MethodInvocationResult> {
    @Override
-    public AuthorizationDecision check(Supplier<Authentication> authentication, MethodInvocation invocation) {
+    public AuthorizationResult authorize(Supplier<Authentication> authentication, MethodInvocation invocation) {
        // ... authorization logic
    }
    @Override
-    public AuthorizationDecision check(Supplier<Authentication> authentication, MethodInvocationResult invocation) {
+    public AuthorizationResult authorize(Supplier<Authentication> authentication, MethodInvocationResult invocation) {
        // ... authorization logic
    }
 }
@ -1388,11 +1388,11 @@ Kotlin::
 ----
@Component
 class MyAuthorizationManager : AuthorizationManager<MethodInvocation>, AuthorizationManager<MethodInvocationResult> {
-    override fun check(authentication: Supplier<Authentication>, invocation: MethodInvocation): AuthorizationDecision {
+    override fun authorize(authentication: Supplier<Authentication>, invocation: MethodInvocation): AuthorizationResult {
        // ... authorization logic
    }
-    override fun check(authentication: Supplier<Authentication>, invocation: MethodInvocationResult): AuthorizationDecision {
+    override fun authorize(authentication: Supplier<Authentication>, invocation: MethodInvocationResult): AuthorizationResult {
        // ... authorization logic
    }
 }
--- a/docs/modules/ROOT/pages/servlet/integrations/websocket.adoc
+++ b/docs/modules/ROOT/pages/servlet/integrations/websocket.adoc
@ -227,7 +227,7 @@ public final class MessageExpressionAuthorizationManager implements Authorizatio
 	}
 	@Override
-	public AuthorizationDecision check(Supplier<Authentication> authentication, MessageAuthorizationContext<?> context) {
+	public AuthorizationResult authorize(Supplier<Authentication> authentication, MessageAuthorizationContext<?> context) {
 		EvaluationContext ctx = this.expressionHandler.createEvaluationContext(authentication, context.getMessage());
 		boolean granted = ExpressionUtils.evaluateAsBoolean(this.expression, ctx);
 		return new ExpressionAuthorizationDecision(granted, this.expression);