Package dev.openfga

Class OpenFga

java.lang.Object
dev.openfga.OpenFga
@Component public class OpenFga extends Object
A bean that can be used to perform common FGA tasks, such as execute a check request. Can be used in @PreAuthorize or PostAuthorize to provide method-level FGA protection for a requested resource. For example: 

 @PreAuthorize("@openFga.check('document', #id, 'reader', 'user', 'authentication?.name')")
 public Document getDocument(String id) {
     repository.findById(id);
 }

  • Constructor Details

    • OpenFga

      public OpenFga(dev.openfga.sdk.api.client.OpenFgaClient fgaClient)

  • Method Details

    • check

      public boolean check(String objectType, String objectId, String relation, String userType)
      Perform an FGA check. Returns true if the user has the specified relationship with the object, false otherwise. The user ID will be obtained from the authentication name in the SecurityContext
      Parameters:
      objectType - The object type of the check
      objectId - The ID of the object to check
      relation - The required relation between the user and the object
      userType - The type of the user
      Returns:
      true if the user has the required relation to the object, false otherwise
      See Also:

    • check

      public boolean check(String objectType, String objectId, String relation, String userType, String userId)
      Perform an FGA check. Returns true if the user has the specified relationship with the object, false otherwise. The user ID will be obtained from the authentication name in the SecurityContext
      Parameters:
      objectType - The object type of the check
      objectId - The ID of the object to check
      relation - The required relation between the user and the object
      userType - The type of the user
      userId - The ID of the user
      Returns:
      true if the user has the required relation to the object, false otherwise
      See Also: