Class AuthenticationController
- java.lang.Object
-
- com.broadleafcommerce.auth.user.web.endpoint.AuthenticationController
-
@FrameworkController public class AuthenticationController extends Object
- Author:
- Nathan Moore (nathanmoore).
-
-
Nested Class Summary
Nested Classes Modifier and Type Class Description static classAuthenticationController.ModelAttributes
-
Field Summary
Fields Modifier and Type Field Description protected static StringADMIN_PROVIDERS_KEYstatic StringAUTHORIZATION_REQUEST_BASE_URIprotected static StringCHANGE_PASSWORD_SUCCESS_VIEWprotected static StringCHANGE_PASSWORD_VIEWprotected BroadleafClientRegistrationRepositoryclientRegistrationRepositoryprotected static StringCOMMERCE_PROVIDERS_KEYprotected static StringLOGIN_VIEWprotected static StringREQUEST_PASSWORD_RESET_EMAIL_VIEWprotected static StringRESET_PASSWORD_SUCCESS_VIEWprotected static StringRESET_PASSWORD_VIEWprotected static StringSENT_RESET_PASSWORD_VIEW
-
Constructor Summary
Constructors Constructor Description AuthenticationController(UserPasswordService<PasswordToken,User> userPasswordService, ClientRedirectService redirectService, UserLoginService loginService, UserLoginProperties properties, AuthorizedClientService<AuthorizedClient> clientService, ClientIdentityProviderProperties clientProperties, BroadleafClientRegistrationRepository clientRegistrationRepository, com.broadleafcommerce.common.extension.TypeFactory typeFactory)
-
Method Summary
All Methods Instance Methods Concrete Methods Modifier and Type Method Description protected StringdetermineLoggedInReturnUrl(String clientId, String redirectUrl)StringgetChangePasswordSuccessView()org.springframework.web.servlet.ModelAndViewgetChangePasswordView(org.springframework.ui.Model model, ChangePasswordForm changePasswordForm, String redirectUrl)protected ClientIdentityProviderPropertiesgetClientProperties()protected BroadleafClientRegistrationRepositorygetClientRegistrationRepository()protected AuthorizedClientService<AuthorizedClient>getClientService()StringgetLoginErrorView(org.springframework.ui.Model model, String clientId)protected UserLoginServicegetLoginService()StringgetLoginView(org.springframework.ui.Model model, String clientId)protected Map<String,List<OAuth2IdentityProvider>>getOath2AuthenticationProviders()Provides caching by the type of authorized client for the appropriateOAuth2IdentityProviderfor it.protected List<OAuth2IdentityProvider>getOath2AuthenticationProviders(@NonNull ClientIdentityProviderProperties.ClientProperties properties, boolean isAdmin)Looks at theClientRegistrationsto determine which providers are configured and then cross-checks that with theClientIdentityProviderProperties.ClientPropertiesfor the appropriate type ofAuthorizedClientthat is making a request, either admin or commerce, to filter the registered identity providers that are appropriate to show the user.protected UserLoginPropertiesgetProperties()StringgetPwResetEmailView(org.springframework.ui.Model model, String redirectUrl, boolean credentialsExpired, String clientId)protected ClientRedirectServicegetRedirectService()StringgetResetPasswordSuccessView(String clientId)org.springframework.web.servlet.ModelAndViewgetResetPasswordView(org.springframework.ui.Model model, String redirectUrl, String clientId)protected com.broadleafcommerce.common.extension.TypeFactorygetTypeFactory()protected UserPasswordService<PasswordToken,User>getUserPasswordService()org.springframework.web.servlet.ModelAndViewprocessChangePasswordRequest(javax.servlet.http.HttpServletRequest request, ChangePasswordForm changePasswordForm, String redirectUrl, org.springframework.validation.BindingResult errors, org.springframework.ui.Model model, javax.servlet.http.HttpServletResponse httpServletResponse)StringprocessPwResetEmailRequest(org.springframework.ui.Model model, String redirectUrl, String username, String clientId)org.springframework.web.servlet.ModelAndViewprocessResetPasswordRequest(javax.servlet.http.HttpServletRequest request, javax.servlet.http.HttpServletResponse response, org.springframework.ui.Model model, ResetPasswordForm resetPasswordForm, String redirectUrl, org.springframework.web.servlet.mvc.support.RedirectAttributes redirectAttributes, org.springframework.validation.BindingResult errors)
-
-
-
Field Detail
-
REQUEST_PASSWORD_RESET_EMAIL_VIEW
protected static final String REQUEST_PASSWORD_RESET_EMAIL_VIEW
- See Also:
- Constant Field Values
-
LOGIN_VIEW
protected static final String LOGIN_VIEW
- See Also:
- Constant Field Values
-
RESET_PASSWORD_VIEW
protected static final String RESET_PASSWORD_VIEW
- See Also:
- Constant Field Values
-
RESET_PASSWORD_SUCCESS_VIEW
protected static final String RESET_PASSWORD_SUCCESS_VIEW
- See Also:
- Constant Field Values
-
CHANGE_PASSWORD_VIEW
protected static final String CHANGE_PASSWORD_VIEW
- See Also:
- Constant Field Values
-
CHANGE_PASSWORD_SUCCESS_VIEW
protected static final String CHANGE_PASSWORD_SUCCESS_VIEW
- See Also:
- Constant Field Values
-
SENT_RESET_PASSWORD_VIEW
protected static final String SENT_RESET_PASSWORD_VIEW
- See Also:
- Constant Field Values
-
ADMIN_PROVIDERS_KEY
protected static final String ADMIN_PROVIDERS_KEY
- See Also:
- Constant Field Values
-
COMMERCE_PROVIDERS_KEY
protected static final String COMMERCE_PROVIDERS_KEY
- See Also:
- Constant Field Values
-
AUTHORIZATION_REQUEST_BASE_URI
public static final String AUTHORIZATION_REQUEST_BASE_URI
- See Also:
- Constant Field Values
-
clientRegistrationRepository
protected final BroadleafClientRegistrationRepository clientRegistrationRepository
-
-
Constructor Detail
-
AuthenticationController
public AuthenticationController(UserPasswordService<PasswordToken,User> userPasswordService, ClientRedirectService redirectService, UserLoginService loginService, UserLoginProperties properties, AuthorizedClientService<AuthorizedClient> clientService, ClientIdentityProviderProperties clientProperties, BroadleafClientRegistrationRepository clientRegistrationRepository, com.broadleafcommerce.common.extension.TypeFactory typeFactory)
-
-
Method Detail
-
getLoginView
@FrameworkGetMapping(path="/login") public String getLoginView(org.springframework.ui.Model model, @RequestParam("client_id") String clientId)
-
getLoginErrorView
@FrameworkGetMapping(path="/login", params="error=true") public String getLoginErrorView(org.springframework.ui.Model model, @RequestParam("client_id") String clientId)
-
getPwResetEmailView
@FrameworkGetMapping("/request-password-reset") public String getPwResetEmailView(org.springframework.ui.Model model, @RequestParam(value="returnTo",required=false) String redirectUrl, @RequestParam(defaultValue="false") boolean credentialsExpired, @RequestParam("client_id") String clientId)
-
processPwResetEmailRequest
@FrameworkPostMapping("/request-password-reset") public String processPwResetEmailRequest(org.springframework.ui.Model model, @RequestParam(value="returnTo",required=false) String redirectUrl, @RequestParam("username") String username, @RequestParam("client_id") String clientId)
-
getResetPasswordSuccessView
@FrameworkGetMapping(path="/reset-password-confirmation") public String getResetPasswordSuccessView(@RequestParam("client_id") String clientId)
-
getResetPasswordView
@FrameworkGetMapping("/reset-password") public org.springframework.web.servlet.ModelAndView getResetPasswordView(org.springframework.ui.Model model, @RequestParam(value="returnTo",required=false) String redirectUrl, @RequestParam("client_id") String clientId)
-
processResetPasswordRequest
@FrameworkPostMapping("/reset-password") public org.springframework.web.servlet.ModelAndView processResetPasswordRequest(javax.servlet.http.HttpServletRequest request, javax.servlet.http.HttpServletResponse response, org.springframework.ui.Model model, @ModelAttribute ResetPasswordForm resetPasswordForm, @RequestParam(value="returnTo",required=false) String redirectUrl, org.springframework.web.servlet.mvc.support.RedirectAttributes redirectAttributes, org.springframework.validation.BindingResult errors)
-
getOath2AuthenticationProviders
protected List<OAuth2IdentityProvider> getOath2AuthenticationProviders(@NonNull @NonNull ClientIdentityProviderProperties.ClientProperties properties, boolean isAdmin)
Looks at theClientRegistrationsto determine which providers are configured and then cross-checks that with theClientIdentityProviderProperties.ClientPropertiesfor the appropriate type ofAuthorizedClientthat is making a request, either admin or commerce, to filter the registered identity providers that are appropriate to show the user.- Parameters:
properties- TheClientIdentityProviderProperties.ClientPropertiesappropriate for the requesting client, admin or commerce.isAdmin- Whether the client was an admin (seeAuthorizedClient.isAdmin())- Returns:
- A list of
OAuth2IdentityProviderto add to the request model. - See Also:
which is used for caching the result.
-
determineLoggedInReturnUrl
protected String determineLoggedInReturnUrl(String clientId, String redirectUrl)
-
getChangePasswordView
@FrameworkGetMapping("/change-password") public org.springframework.web.servlet.ModelAndView getChangePasswordView(org.springframework.ui.Model model, @ModelAttribute ChangePasswordForm changePasswordForm, @RequestParam(value="returnTo",required=false) String redirectUrl)
-
processChangePasswordRequest
@FrameworkPostMapping("/change-password") public org.springframework.web.servlet.ModelAndView processChangePasswordRequest(javax.servlet.http.HttpServletRequest request, @ModelAttribute ChangePasswordForm changePasswordForm, @RequestParam(value="returnTo",required=false) String redirectUrl, org.springframework.validation.BindingResult errors, org.springframework.ui.Model model, javax.servlet.http.HttpServletResponse httpServletResponse)
-
getChangePasswordSuccessView
@FrameworkGetMapping(path="/change-password-confirmation") public String getChangePasswordSuccessView()
-
getUserPasswordService
protected UserPasswordService<PasswordToken,User> getUserPasswordService()
-
getRedirectService
protected ClientRedirectService getRedirectService()
-
getLoginService
protected UserLoginService getLoginService()
-
getProperties
protected UserLoginProperties getProperties()
-
getClientService
protected AuthorizedClientService<AuthorizedClient> getClientService()
-
getClientProperties
protected ClientIdentityProviderProperties getClientProperties()
-
getClientRegistrationRepository
protected BroadleafClientRegistrationRepository getClientRegistrationRepository()
-
getTypeFactory
protected com.broadleafcommerce.common.extension.TypeFactory getTypeFactory()
-
getOath2AuthenticationProviders
protected Map<String,List<OAuth2IdentityProvider>> getOath2AuthenticationProviders()
Provides caching by the type of authorized client for the appropriateOAuth2IdentityProviderfor it.
-
-