MessageMatcherDelegatingAuthorizationManager not extracting path variables for authorization context

[mstawick]

Describe the bug
In authorizationContext of MessageMatcherDelegatingAuthorizationManager path variables are only extracted if the matcher is of type SimpDestinationMessageMatcher:

private MessageAuthorizationContext<?> authorizationContext(MessageMatcher<?> matcher, Message<?> message) {
        if (!matcher.matches((Message) message)) {
            return null;
        }
        if (matcher instanceof SimpDestinationMessageMatcher) {
            SimpDestinationMessageMatcher simp = (SimpDestinationMessageMatcher) matcher;
            return new MessageAuthorizationContext<>(message, simp.extractPathVariables(message));
        }     

        return new MessageAuthorizationContext<>(message);
    }

However, the matcher can be a SupplierMessageMatcher, with it's delegate being SimpDestinationMessageMatcher. In this case the variables are not extracted. As a quick fix, I've changed it to:

    private MessageAuthorizationContext<?> authorizationContext(MessageMatcher<?> matcher, Message<?> message) {
        if (!matcher.matches((Message) message)) {
            return null;
        }
        if (matcher instanceof SimpDestinationMessageMatcher) {
            SimpDestinationMessageMatcher simp = (SimpDestinationMessageMatcher) matcher;
            return new MessageAuthorizationContext<>(message, simp.extractPathVariables(message));
        }
        else if (matcher instanceof Builder.SupplierMessageMatcher && ((Builder.SupplierMessageMatcher) matcher).delegate instanceof SimpDestinationMessageMatcher) {
            SimpDestinationMessageMatcher simp = (SimpDestinationMessageMatcher) ((Builder.SupplierMessageMatcher) matcher).delegate;
            return new MessageAuthorizationContext<>(message, simp.extractPathVariables(message));
        }

        return new MessageAuthorizationContext<>(message);
    }

Though I'm not sure if there is another, existing way of handling this.

This popped up when I was migrating to v6, and switched to using:

    @Bean
    fun configureInbound(reg: MessageMatcherDelegatingAuthorizationManager.Builder): AuthorizationManager<Message<*>> {
        ...
    }

for configurting ws security, and migrating rules like:

            reg.simpSubscribeDestMatchers("/topic/path/{variable}/something")
                    .access("@bean.canihazcheezburger(#variable)")

to the new syntax using AuthorizationManager.

[jzheaux]

Thanks for reporting this, @mstawick. It's been scheduled for the next release.