Package com.broadleafcommerce.auth.user.session
package com.broadleafcommerce.auth.user.session
-
ClassDescriptionThis is a customized version of
AuthorizationCodeTokenGranterthat helps support the Proof-Key-for-Code-Exchange enhancement to the Authorization Code Grant flow.Simple implementation of aSavedRequest.Alternative storage mechanism for an original destination before being redirected for login.AnOAuth2SessionTokenthat holds the claims within aHashMap.Processes an authentication form submission for an OAuth2 Authorization Server for Universal Login.AnAuthenticationProviderthat retrievesOAuth2UserDetailsfrom aOAuth2UserDetailsServicefor use with Universal Login.AnAuthenticationimplementation that is designed for simple presentation of an OAuth2 clientId, username, and password.Provides a behavior consistent with http://openid.net/specs/openid-connect-core-1_0.html#AuthRequest.Processes an OAuth2 client sessionCookieto establish an authentication user.AnAuthenticationProviderthat authenticates a user using aOAuth2SessionAuthenticationToken.AnAuthenticationimplementation that is designed for simple presentation of an OAuth2 clientId, and JWT session token.The holder of the claims associated with a user's session.Filter intended to run after theOAuth2SessionAuthenticationFilterorBasicAuthenticationFilterfor requests against theTokenEndpoint.Converts the access token using the defaults withinDefaultAccessTokenConverterand then extracts the narrowed set of permissions usingSecurityService.extractPermissions(Set)in order to restrict the set of delegated authorities to the set of requested scopes.Utility for JWT-based cookies - specifically those intended to drive stateless behavior, such as stateless sessions.This filter is for verifying that there's a saved redirect cookie on the request for certain URIs.