Class ClientRestrictionTokenEnhancer
- java.lang.Object
-
- com.broadleafcommerce.auth.user.session.token.enhancer.ClientRestrictionTokenEnhancer
-
- All Implemented Interfaces:
org.springframework.security.oauth2.provider.token.TokenEnhancer
public class ClientRestrictionTokenEnhancer extends Object implements org.springframework.security.oauth2.provider.token.TokenEnhancer
-
-
Constructor Summary
Constructors Constructor Description ClientRestrictionTokenEnhancer(AuthorizationServerService<AuthorizationServer> authorizationServerService, AuthorizedClientService<AuthorizedClient> authorizedClientService, PermissionRepository permissionRepository)
-
Method Summary
All Methods Instance Methods Concrete Methods Modifier and Type Method Description protected voidaddTenantProperties(org.springframework.security.oauth2.common.DefaultOAuth2AccessToken enhancedToken, Optional<AuthorizationServer> maybeAuthServer)org.springframework.security.oauth2.common.OAuth2AccessTokenenhance(org.springframework.security.oauth2.common.OAuth2AccessToken accessToken, org.springframework.security.oauth2.provider.OAuth2Authentication authentication)protected AuthorizationServerService<AuthorizationServer>getAuthorizationServerService()protected AuthorizedClientService<AuthorizedClient>getAuthorizedClientService()protected PermissionRepositorygetPermissionRepository()protected Map<String,Map<String,Set<String>>>getRestrictedAuthoritiesInScopes(Collection<org.springframework.security.core.GrantedAuthority> authorities, Set<String> scopes, Map<String,Set<String>> restrictionTargetsByType)Gets the restricted authorities that are in scope.protected Map<String,Set<String>>getVendorRestrictionTargetsByType(Object vendorTargetsAttribute)protected booleanshouldEnhance(org.springframework.security.oauth2.provider.OAuth2Authentication authentication)
-
-
-
Constructor Detail
-
ClientRestrictionTokenEnhancer
public ClientRestrictionTokenEnhancer(AuthorizationServerService<AuthorizationServer> authorizationServerService, AuthorizedClientService<AuthorizedClient> authorizedClientService, PermissionRepository permissionRepository)
-
-
Method Detail
-
enhance
public org.springframework.security.oauth2.common.OAuth2AccessToken enhance(org.springframework.security.oauth2.common.OAuth2AccessToken accessToken, org.springframework.security.oauth2.provider.OAuth2Authentication authentication)- Specified by:
enhancein interfaceorg.springframework.security.oauth2.provider.token.TokenEnhancer
-
shouldEnhance
protected boolean shouldEnhance(org.springframework.security.oauth2.provider.OAuth2Authentication authentication)
-
addTenantProperties
protected void addTenantProperties(org.springframework.security.oauth2.common.DefaultOAuth2AccessToken enhancedToken, Optional<AuthorizationServer> maybeAuthServer)
-
getVendorRestrictionTargetsByType
protected Map<String,Set<String>> getVendorRestrictionTargetsByType(Object vendorTargetsAttribute)
-
getRestrictedAuthoritiesInScopes
protected Map<String,Map<String,Set<String>>> getRestrictedAuthoritiesInScopes(Collection<org.springframework.security.core.GrantedAuthority> authorities, Set<String> scopes, Map<String,Set<String>> restrictionTargetsByType)
Gets the restricted authorities that are in scope. SinceAuthorizedClientdoes not have anyRestrictedPermissionorRestrictedRole, the restricted_authorities claim is essentially all the authorities in scope mapped with its restrictions.- Parameters:
authorities- authorities to map the restrictions withscopes- requested scopesrestrictionTargetsByType- restrictions to map the given authorities to- Returns:
- a map of restricted authorities in the requested scopes
-
getAuthorizationServerService
protected AuthorizationServerService<AuthorizationServer> getAuthorizationServerService()
-
getAuthorizedClientService
protected AuthorizedClientService<AuthorizedClient> getAuthorizedClientService()
-
getPermissionRepository
protected PermissionRepository getPermissionRepository()
-
-