Package com.broadleafcommerce.auth.user.session.token.enhancer

Class AbstractUserTokenEnhancer

java.lang.Object
com.broadleafcommerce.auth.user.session.token.enhancer.AbstractUserTokenEnhancer
All Implemented Interfaces:
org.springframework.security.oauth2.provider.token.TokenEnhancer
Direct Known Subclasses:
AccountIdTokenEnhancer, CustomerContextTokenEnhancer, CustomerSegmentsTokenEnhancer, TenantPropertiesTokenEnhancer, UserRestrictionTokenEnhancer, UserTokenEnhancer
public abstract class AbstractUserTokenEnhancer extends Object implements org.springframework.security.oauth2.provider.token.TokenEnhancer
Implementation of TokenEnhancer that has a request scoped UserContext that contains the current user to avoid repeated database reads. TokenEnhancer implementations that require access to the User should extend this class and retrieve the user via the getUser(OAuth2Authentication) method.

  • Constructor Details

    • AbstractUserTokenEnhancer

      public AbstractUserTokenEnhancer()

  • Method Details

    • getUser

      public User getUser(org.springframework.security.oauth2.provider.OAuth2Authentication authentication)
      Retrieve the current authenticated User. This method assumes that the user is logged in and exists. In other words, OAuth2Authentication.isClientOnly() should return false if this method is to be called.

      Note that the user is cached at the request scope. Any calls after the first call to this method during the same request will return the same user, regardless of the argument passed.

      Parameters:
      authentication - The OAuth2Authentication object passed to TokenEnhancer.enhance(OAuth2AccessToken, OAuth2Authentication)
      Returns:
      The currently authenticated user.
      Throws:
      com.broadleafcommerce.data.tracking.core.exception.EntityMissingException - if User is not found.
      See Also:

    • isAnonymousCsrImpersonation

      protected boolean isAnonymousCsrImpersonation(org.springframework.security.oauth2.provider.OAuth2Authentication authentication)
      Check whether or not the current authentication is a CSR impersonation of an anonymous user.
      Parameters:
      authentication - The OAuth2Authentication object passed to TokenEnhancer.enhance(OAuth2AccessToken, OAuth2Authentication)
      Returns:
      Whether the current authentication is a CSR impersonation of an anonymous user

    • shouldEnhance

      protected boolean shouldEnhance(org.springframework.security.oauth2.common.OAuth2AccessToken accessToken, org.springframework.security.oauth2.provider.OAuth2Authentication authentication)
      Whether or not the token should be enhanced.
      Parameters:
      accessToken - the current access token with its expiration and refresh token
      authentication - The OAuth2Authentication object passed to TokenEnhancer.enhance(OAuth2AccessToken, OAuth2Authentication)
      Returns:
      Whether or not the token should be enhanced.

    • setUserService

      @Autowired public void setUserService(@NonNull UserService<User> userService)

    • setUserContext

      @Autowired(required=false) public void setUserContext(UserContext userContext)

    • getUserContext

      @Nullable public UserContext getUserContext()
      Return the request scoped user context bean. If not in a request scope, null is returned.
      Returns:
      The userContext if in scope.

    • getRequestAccountId

      public Optional<String> getRequestAccountId(org.springframework.security.oauth2.provider.OAuth2Authentication authentication)
      Looks for an account ID on the request. If it exists, it is returned. Otherwise, if the user has a default account ID, that is returned.
      Parameters:
      authentication - The OAuth authentication token. This holds the original request to get a token.
      Returns:
      The accountId requested or Optional.empty().

    • getUserService

      protected UserService<User> getUserService()