Class SecurityServiceAccessTokenConverter
java.lang.Object
org.springframework.security.oauth2.provider.token.DefaultAccessTokenConverter
com.broadleafcommerce.auth.user.session.SecurityServiceAccessTokenConverter
- All Implemented Interfaces:
org.springframework.security.oauth2.provider.token.AccessTokenConverter
public class SecurityServiceAccessTokenConverter
extends org.springframework.security.oauth2.provider.token.DefaultAccessTokenConverter
Converts the access token using the defaults within
DefaultAccessTokenConverter
and then
extracts the narrowed set of permissions using SecurityService.extractPermissions(Set)
in
order to restrict the set of delegated authorities to the set of requested scopes.- Author:
- Nick Crum (ncrum), Jeff Fischer, Phillip Verheyden (phillipuniverse)
-
Field Summary
Fields inherited from interface org.springframework.security.oauth2.provider.token.AccessTokenConverter
ATI, AUD, AUTHORITIES, CLIENT_ID, EXP, GRANT_TYPE, JTI, SCOPE
-
Constructor Summary
-
Method Summary
Modifier and TypeMethodDescriptionconvertAccessToken
(org.springframework.security.oauth2.common.OAuth2AccessToken token, org.springframework.security.oauth2.provider.OAuth2Authentication authentication) org.springframework.security.oauth2.provider.OAuth2Authentication
extractAuthentication
(Map<String, ?> map) If an account claim is in the given map, add that claim as a request parameter.Methods inherited from class org.springframework.security.oauth2.provider.token.DefaultAccessTokenConverter
extractAccessToken, setClientIdAttribute, setIncludeGrantType, setScopeAttribute, setUserTokenConverter
-
Constructor Details
-
SecurityServiceAccessTokenConverter
-
-
Method Details
-
convertAccessToken
public Map<String,?> convertAccessToken(org.springframework.security.oauth2.common.OAuth2AccessToken token, org.springframework.security.oauth2.provider.OAuth2Authentication authentication) - Specified by:
convertAccessToken
in interfaceorg.springframework.security.oauth2.provider.token.AccessTokenConverter
- Overrides:
convertAccessToken
in classorg.springframework.security.oauth2.provider.token.DefaultAccessTokenConverter
-
extractAuthentication
public org.springframework.security.oauth2.provider.OAuth2Authentication extractAuthentication(Map<String, ?> map) If an account claim is in the given map, add that claim as a request parameter.- Specified by:
extractAuthentication
in interfaceorg.springframework.security.oauth2.provider.token.AccessTokenConverter
- Overrides:
extractAuthentication
in classorg.springframework.security.oauth2.provider.token.DefaultAccessTokenConverter
- Parameters:
map
- information decoded from an access token- Returns:
- an authentication representing the client and user (if there is one)
-