String registrationId
OAuthClientRegistrationWrapper.getRegistrationId().String issuerUri
This is used to gather the provider details which would otherwise be unknown since some providers only provide this to integrators.
String authorizationUri
ClientRegistration.ProviderDetails#getAuthorizationUri()String tokenUri
ClientRegistration.ProviderDetails#getTokenUri()OAuthClientRegistrationProviderDetails.UserInfoEndpoint userInfoEndpoint
ClientRegistration.ProviderDetails#getUserInfoEndpoint()String jwkSetUri
ClientRegistration.ProviderDetails#getJwkSetUri()Map<K,V> configurationMetadata
ClientRegistration.ProviderDetails#getConfigurationMetadata()String uri
ClientRegistration.ProviderDetails.UserInfoEndpoint#getUri()String authenticationMethod
ClientRegistration.ProviderDetails.UserInfoEndpoint#getAuthenticationMethod()String userNameAttributeName
ClientRegistration.ProviderDetails.UserInfoEndpoint#getUserNameAttributeName()String id
String tenantId
Tenant this registration belongs to. Different tenants can have
different credentials for the same client provider (e.g. Facebook, Google).String registrationId
ClientRegistration.getRegistrationId()String clientId
ClientRegistration.getClientId()String clientSecret
ClientRegistration.getClientSecret()String clientAuthenticationMethod
ClientRegistration.getClientAuthenticationMethod()String authorizationGrantType
ClientRegistration.getAuthorizationGrantType()String redirectUriTemplate
ClientRegistration.getRedirectUriTemplate()Set<E> scopes
ClientRegistration.getScopes()OAuthClientRegistrationProviderDetails providerDetails
ClientRegistration.getProviderDetails(),
OAuthClientRegistrationProviderDetailsString clientName
ClientRegistration.getClientName()String clientId
String id
String authorizationUri
String tokenUri
String jwkSetUri
String registrationId
Map<K,V> configurationMetadata
String userInfoUri
String userInfoAuthenticationMethod
String userInfoUserNameAttributeName
String id
String tenantId
String registrationId
String clientId
String clientSecret
String clientAuthenticationMethod
String authorizationGrantType
String redirectUriTemplate
Set<E> scopes
String clientName
JpaOAuthClientProviderDetails providerDetails
Restriction restriction
UserPermissionRef permission
Restriction restriction
UserRoleRef role
String id
String firstName
String middleName
String lastName
String fullName
String username
User.email, but that is not
required.
The username is case insensitive, so it will always be stored lowercase.
String email
String serviceId
If this value is set, there should also be a value set for User.type.
There is a requirement that only if both values are non-null, a combination
of this field and User.type will be unique across all records. There is no uniqueness
guarantee for records which have a null service ID or null User.type.
User.typeString type
User.serviceId is
set.UserType,
User.serviceIdString externalId
String tenantId
Set<E> applicationIds
UserType.ADMIN users.
The ids of applications this user is a member of. If this is non-empty, this user is restricted to these applications.
boolean tenantAccess
This field only applies to UserType.ADMIN users.
boolean applicationAccess
This field only applies to UserType.ADMIN users. UserType.CUSTOMER
will always have application level access regardless of this value.
String customerContextId
UserType.CUSTOMER users.
The id of the customer context this user is a member of. If this is set, this user is restricted to this customer context.
Map<K,V> attributes
boolean active
This flag should be used if a user needs to be enabled/disabled for administrative reasons.
boolean locked
LockedException will be
thrown on a login attempt.
This flag is used to limit invalid login attempt.
boolean expired
This flag can be used to declare an account as expired and unusable, but currently there is
no logic for that. It will always be false.
boolean changePasswordRequired
boolean impersonationAllowed
String serverId
Instant lastUpdated
boolean archived
true
when the entity is soft-deleted.Set<E> roles
Set<E> permissions
User.roles).Set<E> restrictions
Set<E> restrictedRoles
Set<E> restrictedPermissions
Instant lockedTime
String id
String name
Instant lastUpdated
LastModifiedDate here because we want to enable manually setting this
value (ex: for setting the lastUpdated to a value received in a persistence message).UserPermission.lastUpdatedboolean archived
UserPermission.archivedString id
String name
Set<E> permissions
String parentRoleId
UserRole.parentRoleIdInstant lastUpdated
LastModifiedDate here because we want to enable manually setting this
value (ex: for setting the lastUpdated to a value received in a persistence message).UserRole.lastUpdatedboolean archived
UserRole.archivedString id
SecurityScope scope
String permission
Note that if a permission name starts with a PermissionType prefix, it must be
declared as a permission root by setting PermissionScope.permissionRoot to true.
PermissionType,
PermissionScope.permissionRootboolean permissionRoot
false this is a direct mapping between a
permission and a scope. In other words, the usual CREATE_, READ_, UPDATE_, DELETE_, ALL_
prefixes do not apply to this scope/permission relationship.String id
String serverId
String friendlyName
String clientId
Integer tokenTimeoutSeconds
Integer refreshTokenTimeoutSeconds
Set<E> resourceIds
Set<E> grantTypes
Set<E> redirectUris
Any of these values may be relative, and if so, the DefaultClientDetailsService will
use the TenantUrlResolver to determine the base URL to resolve them against such that
ultimately they are absolute. If resolution to an absolute URL fails for whatever reason, the
relative URL will be omitted from the final ClientDetails.getRegisteredRedirectUri().
DefaultClientDetailsService,
TenantUrlResolverSet<E> scopes
Set<E> permissions
null. Note that these are NOT the permissions that are granted to the user with
an authorized access token. Instead, these permissions are inherent to the client itself.boolean isAdmin
String applicationId
Map<K,V> attributes
String defaultRedirectUri
String id
String tenantId
String name
String friendlyName
Integer inactivityTimeoutSeconds
Integer requireLoginTimeoutSeconds
String templatePath
boolean ssoEnabled
boolean crossOrigin
Set<E> defaultUserRoles
Set<E> defaultUserPermissions
Map<K,V> attributes
String defaultRedirectUri
Integer failedLoginAttemptsAllowed
Long lockoutDurationMinutes
Long loginFailDecayMinutes
boolean embeddedLoginEnabled
Boolean resetPasswordUnlocksUser
Boolean lockedUserCanResetPassword
String id
String serverId
String friendlyName
String clientId
String clientSecret
int tokenTimeoutSeconds
Integer refreshTokenTimeoutSeconds
Integer refreshTokenRotationIntervalSeconds
Set<E> resourceIds
Set<E> grantTypes
Set<E> redirectUris
Set<E> scopes
Set<E> permissions
boolean isAdmin
String applicationId
Map<K,V> attributes
String defaultRedirectUri
String id
Application.getId()String identifierType
Application.getIdentifierType()String identifierValue
Application.getIdentifierValue()boolean deactivated
Application.isDeactivated()String customerContextId
Application.getCustomerContextId()String tenantId
Application@getTenInstant lastUpdated
LastModifiedDate here because we want to enable manually setting this
value (ex: for setting the lastUpdated to a value received in a persistence message).Application.lastUpdatedboolean isMarketplace
Application.isMarketplace()String oid
String messageType
AuthenticationMessageTypeUser user
Map<K,V> attributes
com.broadleafcommerce.data.tracking.core.context.ContextInfo contextInfo
ContextInfo derived from the original request containing tenant and sandbox info.AdminPermissionRef permission
String restrictionType
Set<E> restrictionTargets
AdminRoleRef role
String restrictionType
Set<E> restrictionTargets
String id
String name
String username
String email
boolean active
boolean locked
boolean expired
boolean changePasswordRequired
Set<E> roles
Set<E> permissions
Set<E> restrictions
Set<E> restrictedRoles
Set<E> restrictedPermissions
Set<E> applicationIds
String tenantId
boolean tenantAccess
boolean applicationAccess
String businessDomainType
User user
boolean preview
Map<K,V> attributes
Client implementations may choose to populate and utilize this field for custom behavior.
UserRegistration.attributesString id
String firstName
User.firstNameString middleName
User.middleNameString lastName
User.lastNameString fullName
User.fullNameString username
User.usernameString password
User.passwordString email
User.emailboolean active
User.activeboolean changePasswordRequired
User.changePasswordRequiredboolean locked
User.lockedboolean expired
User.expiredboolean impersonationAllowed
User.impersonationAllowedString serviceId
User.serviceIdString type
User.typeString externalId
User.externalIdboolean tenantAccess
User.tenantAccessboolean applicationAccess
User.applicationAccessString tenantId
User.tenantIdSet<E> applicationIds
User.applicationIdsString customerContextId
User.customerContextIdMap<K,V> attributes
User.attributesSet<E> roles
User.rolesSet<E> permissions
User.permissionsSet<E> restrictions
User.restrictionsSet<E> restrictedRoles
User.restrictedRolesSet<E> restrictedPermissions
User.restrictedPermissionsString serverId
User.serverIdInstant lastUpdated
LastModifiedDate here because we want to enable manually setting this
value (ex: for setting the lastUpdated to a value received in a persistence message).User.lastUpdatedboolean archived
User.archivedInstant lockedTime
String redirectUrl
String clientId
String clientId
OAuth2SessionToken token
Object principal
String authServerId
AuthorizationServer that received the request.String clientId
AuthorizedClient that received the request.String authServerId
AuthorizationServer that received the request.String clientId
AuthorizedClient that received the request.String username
String id
String name
String url
String icon
Copyright © 2021. All rights reserved.