Class ClientRestrictionTokenEnhancer
java.lang.Object
com.broadleafcommerce.auth.user.session.token.enhancer.ClientRestrictionTokenEnhancer
- All Implemented Interfaces:
org.springframework.security.oauth2.provider.token.TokenEnhancer
public class ClientRestrictionTokenEnhancer
extends Object
implements org.springframework.security.oauth2.provider.token.TokenEnhancer
-
Constructor Summary
ConstructorsConstructorDescriptionClientRestrictionTokenEnhancer(AuthorizationServerService<AuthorizationServer> authorizationServerService, AuthorizedClientService<AuthorizedClient> authorizedClientService, PermissionRepository permissionRepository) -
Method Summary
Modifier and TypeMethodDescriptionprotected voidaddTenantProperties(org.springframework.security.oauth2.common.DefaultOAuth2AccessToken enhancedToken, Optional<AuthorizationServer> maybeAuthServer) org.springframework.security.oauth2.common.OAuth2AccessTokenenhance(org.springframework.security.oauth2.common.OAuth2AccessToken accessToken, org.springframework.security.oauth2.provider.OAuth2Authentication authentication) protected AuthorizationServerService<AuthorizationServer>protected AuthorizedClientService<AuthorizedClient>protected PermissionRepositorygetRestrictedAuthoritiesInScopes(Collection<org.springframework.security.core.GrantedAuthority> authorities, Set<String> scopes, Map<String, Set<String>> restrictionTargetsByType) Gets the restricted authorities that are in scope.getVendorRestrictionTargetsByType(Object vendorTargetsAttribute) protected booleanshouldEnhance(org.springframework.security.oauth2.provider.OAuth2Authentication authentication)
-
Constructor Details
-
ClientRestrictionTokenEnhancer
public ClientRestrictionTokenEnhancer(AuthorizationServerService<AuthorizationServer> authorizationServerService, AuthorizedClientService<AuthorizedClient> authorizedClientService, PermissionRepository permissionRepository)
-
-
Method Details
-
enhance
public org.springframework.security.oauth2.common.OAuth2AccessToken enhance(org.springframework.security.oauth2.common.OAuth2AccessToken accessToken, org.springframework.security.oauth2.provider.OAuth2Authentication authentication) - Specified by:
enhancein interfaceorg.springframework.security.oauth2.provider.token.TokenEnhancer
-
shouldEnhance
protected boolean shouldEnhance(org.springframework.security.oauth2.provider.OAuth2Authentication authentication) -
addTenantProperties
protected void addTenantProperties(org.springframework.security.oauth2.common.DefaultOAuth2AccessToken enhancedToken, Optional<AuthorizationServer> maybeAuthServer) -
getVendorRestrictionTargetsByType
-
getRestrictedAuthoritiesInScopes
protected Map<String,Map<String, getRestrictedAuthoritiesInScopesSet<String>>> (Collection<org.springframework.security.core.GrantedAuthority> authorities, Set<String> scopes, Map<String, Set<String>> restrictionTargetsByType) Gets the restricted authorities that are in scope. SinceAuthorizedClientdoes not have anyRestrictedPermissionorRestrictedRole, the restricted_authorities claim is essentially all the authorities in scope mapped with its restrictions.- Parameters:
authorities- authorities to map the restrictions withscopes- requested scopesrestrictionTargetsByType- restrictions to map the given authorities to- Returns:
- a map of restricted authorities in the requested scopes
-
getAuthorizationServerService
-
getAuthorizedClientService
-
getPermissionRepository
-