@NonNullApi

Package com.broadleafcommerce.auth.security.service

Author:

Jeff Fischer

Interface Summary

Interface	Description
PrivilegeService	A service that contains various utility functions related to Restriction, RestrictedRole, and RestrictedPermission.
SecurityService	Service used during the authorization flow to assess the privileges of the current user in order to filter the requested scopes or retrieve the permissions for an access token.
UserLoginService	Service for doing user authentication actions
UserPermissionService<P extends UserPermission>	Provides CRUD management operations on UserPermission.
UserRoleService<P extends UserRole>

Class Summary

Class	Description
DefaultAuthorizationCodeServices	Implementation of AuthorizationCodeServices that better handles our AuthCode domain compared to the Spring provided JdbcAuthorizationCodeServices.
DefaultPrivilegeService
DefaultPrivilegeService.PrivilegeHydrationResult	An intermediary data structure used internally by PrivilegeService to hold all the restrictions, flat permissions, restricted roles, and restricted permissions of a user entity and permissions from a server entity to prevent querying the data multiple times.
DefaultSecurityService	Default implementation of the security service that utilizes the security context and various repositories in order to assess the user's privileges.
DefaultUserLoginService
DefaultUserPermissionService<P extends UserPermission,D extends com.broadleafcommerce.data.tracking.core.mapping.BusinessTypeAware & com.broadleafcommerce.data.tracking.core.mapping.ModelMapperMappable>
DefaultUserRoleService<P extends UserRole,D extends com.broadleafcommerce.data.tracking.core.mapping.BusinessTypeAware & com.broadleafcommerce.data.tracking.core.mapping.ModelMapperMappable>
PrivilegeSummary	A data structure used by DefaultOAuth2UserDetailsService and PrivilegeService to hold all the authorities, restrictions, and restricted authorities of a User.
SecurityServiceOAuth2RequestFactory	A custom request factory implementation that utilizes SecurityService to check that the requested scopes are valid for the request and current user.
SimplePayloadMapper