Class AbstractAuthenticationStrategyDelegate<T extends org.springframework.security.core.Authentication>
- java.lang.Object
-
- com.broadleafcommerce.auth.user.web.authentication.session.AbstractAuthenticationStrategyDelegate<T>
-
- All Implemented Interfaces:
AuthenticationStrategyDelegate
- Direct Known Subclasses:
AbstractOAuthClientAuthenticationStrategyDelegate
@Order(0) public abstract class AbstractAuthenticationStrategyDelegate<T extends org.springframework.security.core.Authentication> extends Object implements AuthenticationStrategyDelegate
AbstractAuthenticationStrategyDelegatefor convertingAuthenticationtoOAuth2UserDetails. This class handles registering new users if necessary. Child classes should implement the abstract methods to map required fields from their specific Authentication token.- Author:
- Cade Rea (cade-rea)
-
-
Constructor Summary
Constructors Constructor Description AbstractAuthenticationStrategyDelegate(OAuth2UserDetailsService oAuth2UserDetailsService, UserRegistrationService<User> registrationService, AuthRegistrationProperties registrationProperties, AuthorizedClientService<AuthorizedClient> clientService, ClientIdentityProviderProperties clientProperties, com.broadleafcommerce.common.extension.TypeFactory typeFactory, PasscodeService<PasswordToken,User> passcodeService)
-
Method Summary
All Methods Instance Methods Abstract Methods Concrete Methods Modifier and Type Method Description protected abstract StringbuildUsername(T authentication)Build a username from the authentication token.protected UserRegistrationbuildUserRegistration(T authentication, String clientId, String username)Build aUserRegistrationfrom the authentication token.protected StringgenerateRandomPassword()Create a random password for the User.protected AuthorizedClientgetAuthorizedClient(String clientId)Fetches anAuthorizedClientfor the givenclientId.protected abstract StringgetClientId(T authentication)Get the Broadleaf Client Id from the authentication tokenprotected ClientIdentityProviderPropertiesgetClientProperties()protected AuthorizedClientService<AuthorizedClient>getClientService()protected abstract StringgetEmail(T authentication)Get the user's email address from the authentication token.protected abstract StringgetName(T authentication)Get the user's name from the authentication tokenOAuth2UserDetailsgetOAuth2UserDetails(@NonNull org.springframework.security.core.Authentication authentication)Get the clientId and username from the token to load from the database.protected OAuth2UserDetailsServicegetOAuth2UserDetailsService()protected PasscodeService<PasswordToken,User>getPasscodeService()protected AuthRegistrationPropertiesgetRegistrationProperties()protected UserRegistrationService<User>getRegistrationService()protected com.broadleafcommerce.common.extension.TypeFactorygetTypeFactory()protected StringgetUsername(T authentication, boolean emailAsUsername)Get the username from the authentication token.protected StringgetUserType(String clientId)Determines the appropriate type of user for theAuthorizedClientmatching the givenclientId.protected booleanisAutoRegister(String clientId)Check the client service and properties to determine if auto registration for new users is enabledprotected voidregisterNewUser(T authentication, String clientId, String username)Register a new user if allowed.-
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
-
Methods inherited from interface com.broadleafcommerce.auth.user.web.authentication.session.AuthenticationStrategyDelegate
canHandle
-
-
-
-
Constructor Detail
-
AbstractAuthenticationStrategyDelegate
public AbstractAuthenticationStrategyDelegate(OAuth2UserDetailsService oAuth2UserDetailsService, UserRegistrationService<User> registrationService, AuthRegistrationProperties registrationProperties, AuthorizedClientService<AuthorizedClient> clientService, ClientIdentityProviderProperties clientProperties, com.broadleafcommerce.common.extension.TypeFactory typeFactory, PasscodeService<PasswordToken,User> passcodeService)
-
-
Method Detail
-
getClientId
protected abstract String getClientId(T authentication)
Get the Broadleaf Client Id from the authentication token- Parameters:
authentication-- Returns:
-
getEmail
protected abstract String getEmail(T authentication)
Get the user's email address from the authentication token.- Parameters:
authentication-- Returns:
-
getName
protected abstract String getName(T authentication)
Get the user's name from the authentication token- Parameters:
authentication-- Returns:
-
buildUsername
protected abstract String buildUsername(T authentication)
Build a username from the authentication token.- Parameters:
authentication-- Returns:
-
getOAuth2UserDetails
public OAuth2UserDetails getOAuth2UserDetails(@NonNull @NonNull org.springframework.security.core.Authentication authentication)
Get the clientId and username from the token to load from the database. Register new users if necessary and allowed.- Specified by:
getOAuth2UserDetailsin interfaceAuthenticationStrategyDelegate- Parameters:
authentication- The authentication token- Returns:
OAuth2UserDetailsfor the givenauthenticationtoken
-
registerNewUser
protected void registerNewUser(@NonNull T authentication, String clientId, String username)Register a new user if allowed.- Parameters:
authentication- The authentication token for the userclientId- The ID of the client to authenticate withusername- The username of the user
-
isAutoRegister
protected boolean isAutoRegister(String clientId)
Check the client service and properties to determine if auto registration for new users is enabled- Parameters:
clientId- ID of theAuthorizedClienta user is trying to authenticate with- Returns:
- Whether the client allows auto-registering new users when they sign in.
-
getAuthorizedClient
protected AuthorizedClient getAuthorizedClient(String clientId)
Fetches anAuthorizedClientfor the givenclientId.- Parameters:
clientId- The ID of the client to fetch- Returns:
- The client matching
clientId - Throws:
com.broadleafcommerce.data.tracking.core.exception.EntityMissingException- if no client is found
-
getUsername
protected String getUsername(@NonNull T authentication, boolean emailAsUsername)
Get the username from the authentication token. This could be a username or email address, depending on the emailAsUsername parameter- Parameters:
authentication- The user'sAuthentication.emailAsUsername- Whether the user's email is also the username- Returns:
- The user's username
-
buildUserRegistration
protected UserRegistration buildUserRegistration(@NonNull T authentication, String clientId, String username)
Build aUserRegistrationfrom the authentication token.- Parameters:
authentication- The user'sAuthentication.clientId- The ID of the client authenticated withusername- The username of the user- Returns:
- The
UserRegistrationfor the user.
-
generateRandomPassword
protected String generateRandomPassword()
Create a random password for the User.- Returns:
- a secure, random String
-
getUserType
protected String getUserType(String clientId)
Determines the appropriate type of user for theAuthorizedClientmatching the givenclientId.- Parameters:
clientId- The ID of the client to check the user's type against- Returns:
- The type of the user given the type of the
AuthorizedClientmatchingclientId.
-
getOAuth2UserDetailsService
protected OAuth2UserDetailsService getOAuth2UserDetailsService()
-
getRegistrationService
protected UserRegistrationService<User> getRegistrationService()
-
getRegistrationProperties
protected AuthRegistrationProperties getRegistrationProperties()
-
getClientService
protected AuthorizedClientService<AuthorizedClient> getClientService()
-
getClientProperties
protected ClientIdentityProviderProperties getClientProperties()
-
getTypeFactory
protected com.broadleafcommerce.common.extension.TypeFactory getTypeFactory()
-
getPasscodeService
protected PasscodeService<PasswordToken,User> getPasscodeService()
-
-