Package com.broadleafcommerce.auth.user.session.token.enhancer
package com.broadleafcommerce.auth.user.session.token.enhancer
-
ClassDescriptionImplementation of
TokenEnhancer
that has a request scoped UserContext that contains the current user to avoid repeated database reads.Responsible for validating and adding the "acct_id" claim to the token.Enhances tokens with the "customer_context_ids" claim.Enhances a token with the IDs of CustomerSegments that the User is a member of if they are present in the User attributes map.An implementation ofTokenEnhancer
that copies claims from the current CSR'sAuthentication.getDetails()
to the access token claims.Token enhancer that adds several registered JWT claims, such as issuer and audience, as well as a non-standard "max" claim that determines the maximum lifetime of a token.Token enhancer to add the values "tenant_access", "application_access", "tenant_id" and "application_ids" to the token, if they exist.Convenience methods for common operations when enhancing tokens.Intended for use as a request scoped bean to be utilized byTokenEnhancers
that need to read the currently authenticated user.Token enhancer that includes user restrictions and restricted authorities within the token.Token enhancer that puts various relevant user data into the token'sOAuth2AccessToken.getAdditionalInformation()
.