Class DefaultImpersonationService
java.lang.Object
com.broadleafcommerce.auth.user.service.DefaultImpersonationService
- All Implemented Interfaces:
ImpersonationService
- Author:
- Nick Crum (ncrum)
-
Field Summary
Fields -
Constructor Summary
ConstructorsConstructorDescriptionDefaultImpersonationService(ImpersonationClaimsEnhancer claimsEnhancer, StatelessUtil statelessUtil) -
Method Summary
Modifier and TypeMethodDescriptionbuildImpersonationClaims(ImpersonationRequest request, org.springframework.security.core.Authentication authentication) consumeImpersonationToken(String token) Validates tokens generated byImpersonationService.generateImpersonationToken(ImpersonationRequest, Authentication)and converts them into the originalImpersonationRequestsupplied before redirect.generateImpersonationRedirectUrl(String redirectUrl, com.nimbusds.jwt.SignedJWT token, String contextPath) Generates a URL String containing a serialized signed JWT that should be redirected to in order to consume an impersonation token.com.nimbusds.jwt.SignedJWTgenerateImpersonationToken(ImpersonationRequest request, org.springframework.security.core.Authentication authentication) Generates a JWT to be used during redirects when impersonating a user.protected ImpersonationClaimsEnhancerprotected ObjectgetImpersonationSessionToken(ImpersonationRequestToken token, OAuth2UserDetails impersonatedUser) Creates anOAuth2SessionTokenfor the validatedImpersonationRequest.protected StatelessUtil
-
Field Details
-
IMPERSONATION_TOKEN_EXP_TIME_SEC
protected static final long IMPERSONATION_TOKEN_EXP_TIME_SEC- See Also:
-
REDIRECT_URI
- See Also:
-
CSR_ID
- See Also:
-
CSR_CLIENT_ID
- See Also:
-
IMPERSONATED_SUB
- See Also:
-
IMPERSONATED_CLIENT_ID
- See Also:
-
-
Constructor Details
-
DefaultImpersonationService
public DefaultImpersonationService(ImpersonationClaimsEnhancer claimsEnhancer, StatelessUtil statelessUtil)
-
-
Method Details
-
getImpersonationSessionToken
public OAuth2SessionToken getImpersonationSessionToken(ImpersonationRequestToken token, OAuth2UserDetails impersonatedUser) Description copied from interface:ImpersonationServiceCreates anOAuth2SessionTokenfor the validatedImpersonationRequest.- Specified by:
getImpersonationSessionTokenin interfaceImpersonationService- Parameters:
token- The impersonation requestimpersonatedUser- The user to be impersonated- Returns:
- A valid
OAuth2SessionTokenfor the impersonated user with additional CSR claims.
-
generateImpersonationToken
public com.nimbusds.jwt.SignedJWT generateImpersonationToken(ImpersonationRequest request, org.springframework.security.core.Authentication authentication) Description copied from interface:ImpersonationServiceGenerates a JWT to be used during redirects when impersonating a user. This allows impersonation across domains.- Specified by:
generateImpersonationTokenin interfaceImpersonationService- Parameters:
request- The impersonation request.authentication- The current user's authentication- Returns:
- A signed JWT to be used during a redirect to the targeted domain.
-
generateImpersonationRedirectUrl
public String generateImpersonationRedirectUrl(String redirectUrl, com.nimbusds.jwt.SignedJWT token, String contextPath) Description copied from interface:ImpersonationServiceGenerates a URL String containing a serialized signed JWT that should be redirected to in order to consume an impersonation token.- Specified by:
generateImpersonationRedirectUrlin interfaceImpersonationService- Parameters:
redirectUrl- The redirect URL, typicallyImpersonationRequest.getRedirect_uri()token- The signed JWT, generated fromImpersonationService.generateImpersonationToken(ImpersonationRequest, Authentication)contextPath- The context path of the impersonation request- Returns:
- A URL to consume the impersonation token.
-
consumeImpersonationToken
Description copied from interface:ImpersonationServiceValidates tokens generated byImpersonationService.generateImpersonationToken(ImpersonationRequest, Authentication)and converts them into the originalImpersonationRequestsupplied before redirect.- Specified by:
consumeImpersonationTokenin interfaceImpersonationService- Parameters:
token- The serialized signed JWT.- Returns:
- An impersonation request.
-
buildImpersonationClaims
protected Map<String,Object> buildImpersonationClaims(ImpersonationRequest request, org.springframework.security.core.Authentication authentication) -
getDetail
-
getClaimsEnhancer
-
getStatelessUtil
-