Skip to content

The Core module

Jump to bottom
German Vekhorev edited this page May 27, 2021 · 2 revisions

Access Warden Core

me.darksidecode.accesswarden.core

This module carries high-level JAR bytecode transformation/injection facilities. It inspects the bytecode of the provided executables (.jar files), detects any Access Warden annotations (such as @RestrictedAccess), validates them, and, finally, generates new bytecode with runtime access (source resolution) checks for each such part of code. The new bytecode is then inserted right into the original input JAR.

It is used internally by the Gradle module, while it itself depends on the API module.

If you are not using Gradle, you can use Core in two ways described below.

As a standalone application

Assuming you already have built your application (let's say it's located somewhere at /target/my-app-1.0.0.jar), you can run Access Warden Core as a standalone Java executable, providing it the path to your application JAR file:

java -jar access-warden-core-x.y.z.jar /target/my-app-1.0.0.jar

(Where x.y.z is the version of the Access Warden Core executable you have.)

If everything goes right, your application JAR will be replaced with a new executable, with appropriate runtime access checks inserted into it. Otherwise an error will be displayed. If a non-critical error (such as contradictory annotation configuration) occurs during code generation in one of the classes or methods, Core will just skip that "broken" part of code and continue to transform the rest of the JAR, just leaving a warning in the console/log.

As a utility-class programmatically

You can achieve the same effect (described above) via pure Java code. In that case, make sure to check the return value (boolean) of the called utility-method:

File jar = new File("target/my-app-1.0.0.jar");

if (AccessWardenCore.transform(jar)) {
    // Success.
} else {
    // Something went wrong. Access Warden Core printed all the errors in the console/log.
}

Note that you must ensure that the File provided programmatically is non-null and is a valid, existing, readable file yourself — otherwise the transform method will throw a corresponding exception instead of just returning true/false.

Clone this wiki locally