覆盖来自外部库 (Quarkus) 的 bean
[英]Override beans from an external library (Quarkus)
问题描述
I want to override a bean that's used by Quarkus to disable authentication/authorization.
我想覆盖 Quarkus 用来禁用身份验证/授权的 bean。
With the following implementation, it works that REST endpoints can be configured at start time to not be secured:通过以下实现,可以在启动时将 REST 端点配置为不受保护:
@Alternative
@Priority(1)
@ApplicationScoped
public class CustomOidcAuthController extends TestAuthController {
private static final Logger LOGGER = Logger.getLogger(CustomOidcAuthController.class);
@ConfigProperty(name = "quarkus.oidc.enabled", defaultValue = "false")
boolean quarkusOidcEnabled;
@PostConstruct
public void check() {
LOGGER.info("isAuthorizationEnabled(): " + isAuthorizationEnabled());
}
@Override
public boolean isAuthorizationEnabled() {
return quarkusOidcEnabled;
}
}
This is with the Bean residing in the same Quarkus module.这是因为 Bean 驻留在同一个 Quarkus 模块中。
However, I want to externalize this class into a separate library and if I do this, it no longer works.但是,我想将此 class 外部化到一个单独的库中,如果我这样做,它将不再有效。
Noteworthy:值得注意的是:
- Yes, the
@Priorityof my bean (1) is higher than the default (3000)是的,我的 bean (1) 的@Priority高于默认值 (3000) - The beans are discovered, if I explicitly inject them.如果我明确地注入它们,就会发现这些 bean。
- They are however not used, if I inject the subtype that Quarkus uses internally (either
TestAuthControllerorAuthorizationController).但是,如果我注入 Quarkus 在内部使用的子类型( TestAuthController或AuthorizationController),则不会使用它们。- Therefore the endpoints are always secured因此端点始终是安全的
- As can be seen here from the IntelliJ debugger从 IntelliJ 调试器可以看出这里
- Therefore the endpoints are always secured
- Currently I have an empty
beans.xml, but with building a Jandex Index I also observe the same behavior (related How to create a Jandex index in Quarkus for classes in a external module )目前我有一个空beans.xml,但是在构建 Jandex 索引时,我也观察到了相同的行为(与How to create a Jandex index in Quarkus for classes in a external module相关) - I can get the behavior I want, if I use
quarkus.arc.selected-alternatives=com.xxx.CustomOidcAuthController, however this is not preferable, since each Service using the library would need to configure this and this will certainly cause problems, because it can be easily forgotten.如果我使用quarkus.arc.selected-alternatives=com.xxx.CustomOidcAuthController,我可以获得我想要的行为,但这不是可取的,因为使用该库的每个服务都需要配置它,这肯定会导致问题,因为它很容易被遗忘。
2 个解决方案
解决方案1
1 2022-08-03 05:17:14
Yes, the @Priority of my bean (1) is higher than the default (3000)
According to CDI specification, an alternative with highest priority is selected.根据 CDI 规范,选择具有最高优先级的替代方案。 See this part of the CDI 2.0 specification .请参阅CDI 2.0 规范的这一部分。 Here is a CDI TCK test asserting that higher priority 'wins' during typesafe resolution. 这是一个 CDI TCK 测试,断言在类型安全解析期间更高优先级“获胜”。
Therefore, your approach is correct and you just need to make sure your custom bean is an alternative with priority value higher than that of TestAuthController .因此,您的方法是正确的,您只需要确保您的自定义 bean 是优先级值高于TestAuthController的替代方案。
解决方案2
1 已采纳 2022-08-03 07:33:02
Well, the priority of the TestAuthController is indeed 3000 and therefore it takes precedence.好吧, TestAuthController的优先级确实是3000 ,因此它具有优先权。 Injection of CustomOidcAuthController works because there's no other bean that has CustomOidcAuthController in its set of bean types.注入CustomOidcAuthController有效,因为没有其他 bean 在其 bean 类型集中具有CustomOidcAuthController 。
In other words, it works as expected (and defined by the spec).换句话说,它按预期工作(并由规范定义)。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.