Package com.broadleafcommerce.auth.user.web.endpoint

Class EmbeddedAuthenticationController

java.lang.Object

com.broadleafcommerce.auth.user.web.endpoint.EmbeddedAuthenticationController

@FrameworkRestController
public class EmbeddedAuthenticationController
extends Object

Author:

Nathan Moore (nathandmoore)

Nested Class Summary

Nested Classes

Modifier and Type	Class	Description
static class	EmbeddedAuthenticationController.PasswordResetEmailRequest	Represents a request to get an email with a link to reset a user's password.

Constructor Summary

Constructors

Constructor	Description
EmbeddedAuthenticationController(UserPasswordService<PasswordToken,User> userPasswordService, UserLoginProperties properties, UserLoginService loginService, AuthorizationServerService<AuthorizationServer> authorizationServerService, AuthorizedClientService<AuthorizedClient> authorizedClientService)

Method Summary

Modifier and Type	Method	Description
protected AuthorizationServerService<AuthorizationServer>	getAuthorizationServerService()
protected AuthorizedClientService<AuthorizedClient>	getAuthorizedClientService()
protected UserLoginService	getLoginService()
protected UserLoginProperties	getProperties()
protected UserPasswordService<PasswordToken,User>	getUserPasswordService()
org.springframework.http.ResponseEntity<Void>	processChangePasswordRequest(javax.servlet.http.HttpServletRequest request, javax.servlet.http.HttpServletResponse response, ChangePasswordForm changePasswordForm)
org.springframework.http.ResponseEntity<Void>	processPwResetEmailRequest(String clientId, EmbeddedAuthenticationController.PasswordResetEmailRequest request)
org.springframework.http.ResponseEntity<Void>	processResetPasswordRequest(javax.servlet.http.HttpServletRequest request, javax.servlet.http.HttpServletResponse response, ResetPasswordForm resetPasswordForm)
protected void	validateClientId(String clientId)	Validates the client ID and ensure that the request is allowed for it.

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Constructor Detail

EmbeddedAuthenticationController

public EmbeddedAuthenticationController(UserPasswordService<PasswordToken,User> userPasswordService,
                                        UserLoginProperties properties,
                                        UserLoginService loginService,
                                        AuthorizationServerService<AuthorizationServer> authorizationServerService,
                                        AuthorizedClientService<AuthorizedClient> authorizedClientService)

Method Detail

processPwResetEmailRequest

@FrameworkPostMapping(path="/embedded/request-password-reset",
                      consumes="application/x-www-form-urlencoded")
public org.springframework.http.ResponseEntity<Void> processPwResetEmailRequest(@RequestParam("client_id")
                                                                                String clientId,
                                                                                EmbeddedAuthenticationController.PasswordResetEmailRequest request)

processResetPasswordRequest

@FrameworkPostMapping(path="/embedded/reset-password",
                      consumes="application/x-www-form-urlencoded")
public org.springframework.http.ResponseEntity<Void> processResetPasswordRequest(javax.servlet.http.HttpServletRequest request,
                                                                                 javax.servlet.http.HttpServletResponse response,
                                                                                 ResetPasswordForm resetPasswordForm)

processChangePasswordRequest

@FrameworkPostMapping(value="/embedded/change-password",
                      consumes="application/x-www-form-urlencoded")
public org.springframework.http.ResponseEntity<Void> processChangePasswordRequest(javax.servlet.http.HttpServletRequest request,
                                                                                  javax.servlet.http.HttpServletResponse response,
                                                                                  ChangePasswordForm changePasswordForm)

validateClientId

protected void validateClientId(@Nullable
                                String clientId)

Validates the client ID and ensure that the request is allowed for it.

Parameters:

clientId - ID of the AuthorizedClient from which the request for a user operation is being made.

Throws:

ClientValidationException - when the client ID is missing, the client doesn't exist, the parent auth server doesn't exist, or the auth server doesn't allow embedded authentication form submissions

getUserPasswordService

protected UserPasswordService<PasswordToken,User> getUserPasswordService()

getProperties

protected UserLoginProperties getProperties()

getLoginService

protected UserLoginService getLoginService()

getAuthorizationServerService

protected AuthorizationServerService<AuthorizationServer> getAuthorizationServerService()

getAuthorizedClientService

protected AuthorizedClientService<AuthorizedClient> getAuthorizedClientService()