RegisteredClaimsTokenEnhancer (Broadleaf Authentication Services 1.6.1-SNAPSHOT API)

java.lang.Object
- com.broadleafcommerce.auth.user.session.token.enhancer.RegisteredClaimsTokenEnhancer

All Implemented Interfaces:

org.springframework.security.oauth2.provider.token.TokenEnhancer
```
public class RegisteredClaimsTokenEnhancer
extends Object
implements org.springframework.security.oauth2.provider.token.TokenEnhancer
```
Token enhancer that adds several registered JWT claims, such as issuer and audience, as well as a non-standard "max" claim that determines the maximum lifetime of a token.
The max claim differs from "exp" in that it determines the maximum lifetime of a session. The default is 720 minutes (12 hours), but this may be configured via the property broadleaf.auth.session.maxDurationMinutes

Author:

Samarth Dhruva (samarthd)

Constructor Summary

Constructors
Constructor and Description
`RegisteredClaimsTokenEnhancer(String issuer, List<String> audiences)`
`RegisteredClaimsTokenEnhancer(String issuer, List<String> audiences, int maxSessionDurationMinutes)`

Method Summary

All Methods Instance Methods Concrete Methods
Modifier and Type	Method and Description
`org.springframework.security.oauth2.common.OAuth2AccessToken`	`enhance(org.springframework.security.oauth2.common.OAuth2AccessToken accessToken, org.springframework.security.oauth2.provider.OAuth2Authentication authentication)` Places various claims into the additional information of the access token, including the issuer, audience, and max lifetime.
`protected List<String>`	`getAudiences()`
`protected String`	`getIssuer()`
`protected Duration`	`getMaxSessionDurationMinutes()`

Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Constructor Detail

RegisteredClaimsTokenEnhancer

public RegisteredClaimsTokenEnhancer(String issuer,
                                     List<String> audiences,
                                     int maxSessionDurationMinutes)

RegisteredClaimsTokenEnhancer

public RegisteredClaimsTokenEnhancer(String issuer,
                                     List<String> audiences)

Method Detail
- enhance
```
public org.springframework.security.oauth2.common.OAuth2AccessToken enhance(org.springframework.security.oauth2.common.OAuth2AccessToken accessToken,
                                                                            org.springframework.security.oauth2.provider.OAuth2Authentication authentication)
```
  Places various claims into the additional information of the access token, including the issuer, audience, and max lifetime.
  Do note that "oauth2-resource" is placed into the audience claim, as OAuth2AuthenticationManager.authenticate(Authentication) explicitly checks for its presence as a resourceId when processing requests.
  
  Specified by:
  
  enhance in interface org.springframework.security.oauth2.provider.token.TokenEnhancer
- getIssuer
```
protected String getIssuer()
```
- getAudiences
```
protected List<String> getAudiences()
```
- getMaxSessionDurationMinutes
```
protected Duration getMaxSessionDurationMinutes()
```

Class RegisteredClaimsTokenEnhancer

Constructor Summary

Method Summary

Methods inherited from class java.lang.Object

Constructor Detail

RegisteredClaimsTokenEnhancer

RegisteredClaimsTokenEnhancer

Method Detail

enhance

getIssuer

getAudiences

getMaxSessionDurationMinutes