Would be great to have a PR, both for a reproducer / sample application and the extension We can go from there.
> On Mar 10, 2025, at 3:24 PM, [email protected] wrote: > > Figured out how to avoid needing access to the annotation class using > "DotName". I guess I could do the same thing for ANY of the shiro classes I > reference. I don't know enough to know the ins/outs of when that is better > vs using .class. > > This is my minimal processor class in the deployment module of the extension: > > package com.example.quarkus.shiro.deployment; > > import io.quarkus.arc.deployment.AdditionalBeanBuildItem; > import io.quarkus.arc.deployment.AnnotationsTransformerBuildItem; > import io.quarkus.deployment.annotations.BuildProducer; > import io.quarkus.deployment.annotations.BuildStep; > import io.quarkus.deployment.builditem.FeatureBuildItem; > import jakarta.annotation.security.DenyAll; > import jakarta.annotation.security.PermitAll; > import jakarta.annotation.security.RolesAllowed; > import org.apache.shiro.authz.annotation.RequiresAuthentication; > import org.apache.shiro.authz.annotation.RequiresGuest; > import org.apache.shiro.authz.annotation.RequiresPermissions; > import org.apache.shiro.authz.annotation.RequiresRoles; > import org.apache.shiro.authz.annotation.RequiresUser; > import org.apache.shiro.cdi.ShiroSecurityInterceptor; > import org.jboss.jandex.AnnotationInstance; > import org.jboss.jandex.AnnotationTransformation; > import org.jboss.jandex.DotName; > > class QuarkusShiroProcessor { > > private static final String FEATURE = "quarkus-shiro"; > > @BuildStep > FeatureBuildItem feature() { > return new FeatureBuildItem(FEATURE); > } > > @BuildStep > AnnotationsTransformerBuildItem transformAnnotations() { > return new > AnnotationsTransformerBuildItem(AnnotationTransformation.builder() > .whenAnyMatch(RequiresAuthentication.class, > RequiresAuthentication.class, > RequiresGuest.class, RequiresPermissions.class, > RequiresRoles.class, RequiresUser.class, > RolesAllowed.class, PermitAll.class, > DenyAll.class) > .transform(t -> > t.add(AnnotationInstance.builder(DotName.createSimple("org.apache.shiro.cdi.ShiroSecureAnnotation")).build())) > ); > } > > @BuildStep > void buildCdiBeans(BuildProducer<AdditionalBeanBuildItem> additionalBean) > { > > additionalBean.produce(AdditionalBeanBuildItem.unremovableOf(ShiroSecurityInterceptor.class)); > } > } > > > On 3/10/2025 2:29 PM, [email protected] <mailto:[email protected]> wrote: >> I *think* if the ShiroSecureAnnotation were public I wouldn't need any of >> that but I need to reference that annotation class to add it to >> classes/methods in the BuildStep in a similar way you guys do in the CDI >> Extension so the interceptor works. >>
