Class ClientRestrictionTokenEnhancer
java.lang.Object
com.broadleafcommerce.auth.user.session.token.enhancer.ClientRestrictionTokenEnhancer
- All Implemented Interfaces:
org.springframework.security.oauth2.provider.token.TokenEnhancer
public class ClientRestrictionTokenEnhancer
extends Object
implements org.springframework.security.oauth2.provider.token.TokenEnhancer
-
Constructor Summary
ConstructorDescriptionClientRestrictionTokenEnhancer
(AuthorizationServerService<AuthorizationServer> authorizationServerService, AuthorizedClientService<AuthorizedClient> authorizedClientService, PermissionRepository permissionRepository) -
Method Summary
Modifier and TypeMethodDescriptionprotected void
addTenantProperties
(org.springframework.security.oauth2.common.DefaultOAuth2AccessToken enhancedToken, Optional<AuthorizationServer> maybeAuthServer) org.springframework.security.oauth2.common.OAuth2AccessToken
enhance
(org.springframework.security.oauth2.common.OAuth2AccessToken accessToken, org.springframework.security.oauth2.provider.OAuth2Authentication authentication) protected AuthorizationServerService<AuthorizationServer>
protected AuthorizedClientService<AuthorizedClient>
protected PermissionRepository
getRestrictedAuthoritiesInScopes
(Collection<org.springframework.security.core.GrantedAuthority> authorities, Set<String> scopes, Map<String, Set<String>> restrictionTargetsByType) Gets the restricted authorities that are in scope.getVendorRestrictionTargetsByType
(Object vendorTargetsAttribute) protected boolean
shouldEnhance
(org.springframework.security.oauth2.provider.OAuth2Authentication authentication)
-
Constructor Details
-
ClientRestrictionTokenEnhancer
public ClientRestrictionTokenEnhancer(AuthorizationServerService<AuthorizationServer> authorizationServerService, AuthorizedClientService<AuthorizedClient> authorizedClientService, PermissionRepository permissionRepository)
-
-
Method Details
-
enhance
public org.springframework.security.oauth2.common.OAuth2AccessToken enhance(org.springframework.security.oauth2.common.OAuth2AccessToken accessToken, org.springframework.security.oauth2.provider.OAuth2Authentication authentication) - Specified by:
enhance
in interfaceorg.springframework.security.oauth2.provider.token.TokenEnhancer
-
shouldEnhance
protected boolean shouldEnhance(org.springframework.security.oauth2.provider.OAuth2Authentication authentication) -
addTenantProperties
protected void addTenantProperties(org.springframework.security.oauth2.common.DefaultOAuth2AccessToken enhancedToken, Optional<AuthorizationServer> maybeAuthServer) -
getVendorRestrictionTargetsByType
-
getRestrictedAuthoritiesInScopes
protected Map<String,Map<String, getRestrictedAuthoritiesInScopesSet<String>>> (Collection<org.springframework.security.core.GrantedAuthority> authorities, Set<String> scopes, Map<String, Set<String>> restrictionTargetsByType) Gets the restricted authorities that are in scope. SinceAuthorizedClient
does not have anyRestrictedPermission
orRestrictedRole
, the restricted_authorities claim is essentially all the authorities in scope mapped with its restrictions.- Parameters:
authorities
- authorities to map the restrictions withscopes
- requested scopesrestrictionTargetsByType
- restrictions to map the given authorities to- Returns:
- a map of restricted authorities in the requested scopes
-
getAuthorizationServerService
-
getAuthorizedClientService
-
getPermissionRepository
-