Re: Quarkus Extension?

Sat, 15 Mar 2025 09:22:48 -0700

Figured out how to avoid needing access to the annotation class using "DotName".  I guess I could do the same thing for ANY of the shiro classes I reference.  I don't know enough to know the ins/outs of when that is better vs using .class.
This is my minimal processor class in the deployment module of the extension: 

package com.example.quarkus.shiro.deployment;

import io.quarkus.arc.deployment.AdditionalBeanBuildItem;
import io.quarkus.arc.deployment.AnnotationsTransformerBuildItem;
import io.quarkus.deployment.annotations.BuildProducer;
import io.quarkus.deployment.annotations.BuildStep;
import io.quarkus.deployment.builditem.FeatureBuildItem;
import jakarta.annotation.security.DenyAll;
import jakarta.annotation.security.PermitAll;
import jakarta.annotation.security.RolesAllowed;
import org.apache.shiro.authz.annotation.RequiresAuthentication;
import org.apache.shiro.authz.annotation.RequiresGuest;
import org.apache.shiro.authz.annotation.RequiresPermissions;
import org.apache.shiro.authz.annotation.RequiresRoles;
import org.apache.shiro.authz.annotation.RequiresUser;
import org.apache.shiro.cdi.ShiroSecurityInterceptor;
import org.jboss.jandex.AnnotationInstance;
import org.jboss.jandex.AnnotationTransformation;
import org.jboss.jandex.DotName;

class QuarkusShiroProcessor {

    private static final String FEATURE = "quarkus-shiro";

    @BuildStep
    FeatureBuildItem feature() {
        return new FeatureBuildItem(FEATURE);
    }

    @BuildStep
    AnnotationsTransformerBuildItem transformAnnotations() {

        return new 
AnnotationsTransformerBuildItem(AnnotationTransformation.builder()
                .whenAnyMatch(RequiresAuthentication.class, 
RequiresAuthentication.class,

                        RequiresGuest.class, RequiresPermissions.class,
                        RequiresRoles.class, RequiresUser.class,
                        RolesAllowed.class, PermitAll.class,
                        DenyAll.class)

                .transform(t -> 
t.add(AnnotationInstance.builder(DotName.createSimple("org.apache.shiro.cdi.ShiroSecureAnnotation")).build()))

        );
    }

    @BuildStep

    void buildCdiBeans(BuildProducer<AdditionalBeanBuildItem> 
additionalBean) {

additionalBean.produce(AdditionalBeanBuildItem.unremovableOf(ShiroSecurityInterceptor.class));
    }
}

On 3/10/2025 2:29 PM, [email protected] wrote:



 I *think* if the ShiroSecureAnnotation were public I wouldn't need 
any of that but I need to reference that annotation class to add it to 
classes/methods in the BuildStep in a similar way you guys do in the 
CDI Extension so the interceptor works.






















					Reply via email to