Package com.broadleafcommerce.auth.user.session
package com.broadleafcommerce.auth.user.session
-
ClassDescriptionThis is a customized version of
AuthorizationCodeTokenGranter
that helps support the Proof-Key-for-Code-Exchange enhancement to the Authorization Code Grant flow.Simple implementation of aSavedRequest
.Alternative storage mechanism for an original destination before being redirected for login.AnOAuth2SessionToken
that holds the claims within aHashMap
.Processes an authentication form submission for an OAuth2 Authorization Server for Universal Login.AnAuthenticationProvider
that retrievesOAuth2UserDetails
from aOAuth2UserDetailsService
for use with Universal Login.AnAuthentication
implementation that is designed for simple presentation of an OAuth2 clientId, username, and password.Provides a behavior consistent with http://openid.net/specs/openid-connect-core-1_0.html#AuthRequest.Processes an OAuth2 client sessionCookie
to establish an authentication user.AnAuthenticationProvider
that authenticates a user using aOAuth2SessionAuthenticationToken
.AnAuthentication
implementation that is designed for simple presentation of an OAuth2 clientId, and JWT session token.The holder of the claims associated with a user's session.Filter intended to run after theOAuth2SessionAuthenticationFilter
orBasicAuthenticationFilter
for requests against theTokenEndpoint
.Converts the access token using the defaults withinDefaultAccessTokenConverter
and then extracts the narrowed set of permissions usingSecurityService.extractPermissions(Set)
in order to restrict the set of delegated authorities to the set of requested scopes.Utility for JWT-based cookies - specifically those intended to drive stateless behavior, such as stateless sessions.This filter is for verifying that there's a saved redirect cookie on the request for certain URIs.