Class SecureEventBus

java.lang.Object
cloud.opencode.base.event.security.SecureEventBus
All Implemented Interfaces:
AutoCloseable
public class SecureEventBus extends Object implements AutoCloseable
Secure Event Bus 安全事件总线

A secure wrapper around OpenEvent that enforces security policies.

在OpenEvent周围的安全包装器,强制执行安全策略。

Features | 主要功能:

  • Listener whitelist - 监听器白名单
  • Package restrictions - 包限制
  • Event verification - 事件验证
  • Rate limiting integration - 频率限制集成

Usage Examples | 使用示例:

SecureEventBus bus = new SecureEventBus();
bus.addAllowedPackage("com.myapp.handlers");
bus.addToWhitelist(MyHandler.class);

bus.register(new MyHandler()); // OK
bus.register(new UntrustedHandler()); // throws SecurityException

Security | 安全性:

  • Thread-safe: Yes (concurrent data structures) - 线程安全: 是(并发数据结构)
Since:
JDK 25, opencode-base-event V1.0.0
Author:
Leon Soo www.LeonSoo.com
See Also:

  • Constructor Summary

    Constructors
    Constructor
    Description
    SecureEventBus()
    Create secure event bus with default settings 使用默认设置创建安全事件总线
    SecureEventBus(EventRateLimiter rateLimiter)
    Create secure event bus with rate limiter 使用频率限制器创建安全事件总线
    SecureEventBus(EventRateLimiter rateLimiter, String verificationSecret)
    Create secure event bus with rate limiter and verification secret 使用频率限制器和验证密钥创建安全事件总线

  • Method Summary

    Modifier and Type
    Method
    Description
    void
    addAllowedPackage(String packageName)
    Add an allowed package prefix 添加允许的包前缀
    void
    addToWhitelist(Class<?> listenerClass)
    Add a class to the listener whitelist 将类添加到监听器白名单
    void
    close()
    Close the secure event bus, releasing underlying resources.
    OpenEvent
    getEventBus()
    Get the underlying event bus (CAUTION: bypasses ALL security checks) 获取底层事件总线(注意:绕过所有安全检查)
    <E extends Event>
    void
    on(Class<E> eventType, EventListener<E> listener)
    Register a lambda listener with security checks 使用安全检查注册Lambda监听器
    void
    publish(Event event)
    Publish an event with security checks 使用安全检查发布事件
    void
    register(Object subscriber)
    Register a subscriber with security checks 使用安全检查注册订阅者
    void
    unregister(Object subscriber)
    Unregister a subscriber 注销订阅者

    Methods inherited from class Object

    clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

  • Constructor Details

    • SecureEventBus

      public SecureEventBus()
      Create secure event bus with default settings 使用默认设置创建安全事件总线

    • SecureEventBus

      public SecureEventBus(EventRateLimiter rateLimiter)
      Create secure event bus with rate limiter 使用频率限制器创建安全事件总线
      Parameters:
      rateLimiter - the rate limiter | 频率限制器

    • SecureEventBus

      public SecureEventBus(EventRateLimiter rateLimiter, String verificationSecret)
      Create secure event bus with rate limiter and verification secret 使用频率限制器和验证密钥创建安全事件总线
      Parameters:
      rateLimiter - the rate limiter | 频率限制器
      verificationSecret - the secret for verifying signed events | 用于验证签名事件的密钥

  • Method Details

    • addToWhitelist

      public void addToWhitelist(Class<?> listenerClass)
      Add a class to the listener whitelist 将类添加到监听器白名单
      Parameters:
      listenerClass - the listener class to allow | 要允许的监听器类

    • addAllowedPackage

      public void addAllowedPackage(String packageName)
      Add an allowed package prefix 添加允许的包前缀
      Parameters:
      packageName - the package prefix to allow | 要允许的包前缀

    • register

      public void register(Object subscriber)
      Register a subscriber with security checks 使用安全检查注册订阅者
      Parameters:
      subscriber - the subscriber to register | 要注册的订阅者
      Throws:
      EventSecurityException - if subscriber is not allowed | 如果订阅者不被允许

    • on

      public <E extends Event> void on(Class<E> eventType, EventListener<E> listener)
      Register a lambda listener with security checks 使用安全检查注册Lambda监听器
      Type Parameters:
      E - the event type parameter | 事件类型参数
      Parameters:
      eventType - the event type | 事件类型
      listener - the listener | 监听器

    • unregister

      public void unregister(Object subscriber)
      Unregister a subscriber 注销订阅者
      Parameters:
      subscriber - the subscriber to unregister | 要注销的订阅者

    • publish

      public void publish(Event event)
      Publish an event with security checks 使用安全检查发布事件
      Parameters:
      event - the event to publish | 要发布的事件
      Throws:
      EventSecurityException - if rate limit exceeded or verification failed | 如果频率限制超出或验证失败

    • close

      public void close()
      Close the secure event bus, releasing underlying resources. 关闭安全事件总线,释放底层资源。
      Specified by:
      close in interface AutoCloseable

    • getEventBus

      public OpenEvent getEventBus()
      Get the underlying event bus (CAUTION: bypasses ALL security checks) 获取底层事件总线(注意:绕过所有安全检查)

      WARNING: Direct access to the underlying event bus bypasses all security policies (whitelist, rate limiting, signature verification). Use only for advanced integration scenarios where the caller manages its own security. Consider using SecureEventBus methods instead.

      警告:直接访问底层事件总线将绕过所有安全策略(白名单、频率限制、签名验证)。 仅在调用者自行管理安全性的高级集成场景中使用。请优先使用 SecureEventBus 方法。

      Returns:
      the underlying OpenEvent instance | 底层OpenEvent实例
      API Note:
      This method exists for advanced integration scenarios only. The caller is responsible for enforcing security on the returned instance. 此方法仅用于高级集成场景。调用者需自行对返回实例强制执行安全策略。