public class ClientRestrictionTokenEnhancer extends Object implements org.springframework.security.oauth2.provider.token.TokenEnhancer
| Constructor and Description |
|---|
ClientRestrictionTokenEnhancer(AuthorizationServerService<AuthorizationServer> authorizationServerService,
AuthorizedClientService<AuthorizedClient> authorizedClientService,
PermissionRepository permissionRepository) |
| Modifier and Type | Method and Description |
|---|---|
protected void |
addTenantProperties(org.springframework.security.oauth2.common.DefaultOAuth2AccessToken enhancedToken,
Optional<AuthorizationServer> maybeAuthServer) |
org.springframework.security.oauth2.common.OAuth2AccessToken |
enhance(org.springframework.security.oauth2.common.OAuth2AccessToken accessToken,
org.springframework.security.oauth2.provider.OAuth2Authentication authentication) |
protected AuthorizationServerService<AuthorizationServer> |
getAuthorizationServerService() |
protected AuthorizedClientService<AuthorizedClient> |
getAuthorizedClientService() |
protected PermissionRepository |
getPermissionRepository() |
protected Map<String,Map<String,Set<String>>> |
getRestrictedAuthoritiesInScopes(Collection<org.springframework.security.core.GrantedAuthority> authorities,
Set<String> scopes,
Map<String,Set<String>> restrictionTargetsByType)
Gets the restricted authorities that are in scope.
|
protected Map<String,Set<String>> |
getVendorRestrictionTargetsByType(Object vendorTargetsAttribute) |
protected boolean |
shouldEnhance(org.springframework.security.oauth2.provider.OAuth2Authentication authentication) |
public ClientRestrictionTokenEnhancer(AuthorizationServerService<AuthorizationServer> authorizationServerService, AuthorizedClientService<AuthorizedClient> authorizedClientService, PermissionRepository permissionRepository)
public org.springframework.security.oauth2.common.OAuth2AccessToken enhance(org.springframework.security.oauth2.common.OAuth2AccessToken accessToken,
org.springframework.security.oauth2.provider.OAuth2Authentication authentication)
enhance in interface org.springframework.security.oauth2.provider.token.TokenEnhancerprotected boolean shouldEnhance(org.springframework.security.oauth2.provider.OAuth2Authentication authentication)
protected void addTenantProperties(org.springframework.security.oauth2.common.DefaultOAuth2AccessToken enhancedToken,
Optional<AuthorizationServer> maybeAuthServer)
protected Map<String,Set<String>> getVendorRestrictionTargetsByType(Object vendorTargetsAttribute)
protected Map<String,Map<String,Set<String>>> getRestrictedAuthoritiesInScopes(Collection<org.springframework.security.core.GrantedAuthority> authorities, Set<String> scopes, Map<String,Set<String>> restrictionTargetsByType)
AuthorizedClient does not
have any RestrictedPermission or RestrictedRole, the restricted_authorities
claim is essentially all the authorities in scope mapped with its restrictions.authorities - authorities to map the restrictions withscopes - requested scopesrestrictionTargetsByType - restrictions to map the given authorities toprotected AuthorizationServerService<AuthorizationServer> getAuthorizationServerService()
protected AuthorizedClientService<AuthorizedClient> getAuthorizedClientService()
protected PermissionRepository getPermissionRepository()
Copyright © 2021. All rights reserved.