Package com.broadleafcommerce.auth.security.service

Interface SecurityService

All Known Implementing Classes:

DefaultSecurityService

public interface SecurityService

Service used during the authorization flow to assess the privileges of the current user in order to filter the requested scopes or retrieve the permissions for an access token.

Author:

Nick Crum (ncrum)

Method Summary

Modifier and Type	Method	Description
Set<String>	checkScopes(Set<String> requestedScopes)	Returns the sub-set of requested scopes that the user is permitted to access.
Set<String>	extractPermissions(Set<String> scopes)	Returns the set of permissions the user has for the given scopes.

Method Details

checkScopes

Set<String> checkScopes(Set<String> requestedScopes)

Returns the sub-set of requested scopes that the user is permitted to access. This method is used within the SecurityServiceOAuth2RequestFactory to check that the requested scopes are accessible for the current user. If none of the requested scopes are accessible, this will return an empty set.

Parameters:

requestedScopes - the set of requested scopes

Returns:

a sub-set of the requested scopes

extractPermissions

Set<String> extractPermissions(Set<String> scopes)

Returns the set of permissions the user has for the given scopes. This method is used within the SecurityServiceAccessTokenConverter to extract the set of permissions the user has for the requested scopes.

Parameters:

scopes - the scopes

Returns:

a set of permissions