Class AuthenticationController
java.lang.Object
com.broadleafcommerce.auth.user.web.endpoint.AuthenticationController
- Author:
- Nathan Moore (nathanmoore).
-
Nested Class Summary
-
Field Summary
Modifier and TypeFieldDescriptionprotected static final String
static final String
protected static final String
protected static final String
protected final BroadleafClientRegistrationRepository
protected static final String
protected static final String
protected static final String
protected static final String
protected static final String
protected static final String
-
Constructor Summary
ConstructorDescriptionAuthenticationController
(UserPasswordService<PasswordToken, User> userPasswordService, ClientRedirectService redirectService, UserLoginService loginService, UserLoginProperties properties, AuthorizedClientService<AuthorizedClient> clientService, ClientIdentityProviderProperties clientProperties, BroadleafClientRegistrationRepository clientRegistrationRepository, com.broadleafcommerce.common.extension.TypeFactory typeFactory) -
Method Summary
Modifier and TypeMethodDescriptionprotected String
determineLoggedInReturnUrl
(String clientId, String redirectUrl) org.springframework.web.servlet.ModelAndView
getChangePasswordView
(org.springframework.ui.Model model, ChangePasswordForm changePasswordForm, String redirectUrl) protected ClientIdentityProviderProperties
protected BroadleafClientRegistrationRepository
protected AuthorizedClientService<AuthorizedClient>
getLoginErrorView
(org.springframework.ui.Model model, String clientId) protected UserLoginService
getLoginView
(org.springframework.ui.Model model, String clientId) protected Map<String,
List<OAuth2IdentityProvider>> Provides caching by the type of authorized client for the appropriateOAuth2IdentityProvider
for it.protected List<OAuth2IdentityProvider>
getOath2AuthenticationProviders
(@NonNull ClientIdentityProviderProperties.ClientProperties properties, boolean isAdmin) Looks at theClientRegistrations
to determine which providers are configured and then cross-checks that with theClientIdentityProviderProperties.ClientProperties
for the appropriate type ofAuthorizedClient
that is making a request, either admin or commerce, to filter the registered identity providers that are appropriate to show the user.protected UserLoginProperties
getPwResetEmailView
(org.springframework.ui.Model model, String redirectUrl, boolean credentialsExpired, String clientId) protected ClientRedirectService
getResetPasswordSuccessView
(String clientId) org.springframework.web.servlet.ModelAndView
getResetPasswordView
(org.springframework.ui.Model model, String redirectUrl, String clientId) protected com.broadleafcommerce.common.extension.TypeFactory
protected UserPasswordService<PasswordToken,
User> org.springframework.web.servlet.ModelAndView
processChangePasswordRequest
(javax.servlet.http.HttpServletRequest request, ChangePasswordForm changePasswordForm, String redirectUrl, org.springframework.validation.BindingResult errors, org.springframework.ui.Model model, javax.servlet.http.HttpServletResponse httpServletResponse) processPwResetEmailRequest
(org.springframework.ui.Model model, String redirectUrl, String username, String clientId) org.springframework.web.servlet.ModelAndView
processResetPasswordRequest
(javax.servlet.http.HttpServletRequest request, javax.servlet.http.HttpServletResponse response, org.springframework.ui.Model model, ResetPasswordForm resetPasswordForm, String redirectUrl, org.springframework.web.servlet.mvc.support.RedirectAttributes redirectAttributes, org.springframework.validation.BindingResult errors)
-
Field Details
-
REQUEST_PASSWORD_RESET_EMAIL_VIEW
- See Also:
-
LOGIN_VIEW
- See Also:
-
RESET_PASSWORD_VIEW
- See Also:
-
RESET_PASSWORD_SUCCESS_VIEW
- See Also:
-
CHANGE_PASSWORD_VIEW
- See Also:
-
CHANGE_PASSWORD_SUCCESS_VIEW
- See Also:
-
SENT_RESET_PASSWORD_VIEW
- See Also:
-
ADMIN_PROVIDERS_KEY
- See Also:
-
COMMERCE_PROVIDERS_KEY
- See Also:
-
AUTHORIZATION_REQUEST_BASE_URI
- See Also:
-
clientRegistrationRepository
-
-
Constructor Details
-
AuthenticationController
public AuthenticationController(UserPasswordService<PasswordToken, User> userPasswordService, ClientRedirectService redirectService, UserLoginService loginService, UserLoginProperties properties, AuthorizedClientService<AuthorizedClient> clientService, ClientIdentityProviderProperties clientProperties, BroadleafClientRegistrationRepository clientRegistrationRepository, com.broadleafcommerce.common.extension.TypeFactory typeFactory)
-
-
Method Details
-
getLoginView
-
getLoginErrorView
-
getPwResetEmailView
-
processPwResetEmailRequest
-
getResetPasswordSuccessView
-
getResetPasswordView
-
processResetPasswordRequest
@FrameworkPostMapping("/reset-password") public org.springframework.web.servlet.ModelAndView processResetPasswordRequest(javax.servlet.http.HttpServletRequest request, javax.servlet.http.HttpServletResponse response, org.springframework.ui.Model model, @ModelAttribute ResetPasswordForm resetPasswordForm, @RequestParam(value="returnTo",required=false) String redirectUrl, org.springframework.web.servlet.mvc.support.RedirectAttributes redirectAttributes, org.springframework.validation.BindingResult errors) -
getOath2AuthenticationProviders
protected List<OAuth2IdentityProvider> getOath2AuthenticationProviders(@NonNull @NonNull ClientIdentityProviderProperties.ClientProperties properties, boolean isAdmin) Looks at theClientRegistrations
to determine which providers are configured and then cross-checks that with theClientIdentityProviderProperties.ClientProperties
for the appropriate type ofAuthorizedClient
that is making a request, either admin or commerce, to filter the registered identity providers that are appropriate to show the user.- Parameters:
properties
- TheClientIdentityProviderProperties.ClientProperties
appropriate for the requesting client, admin or commerce.isAdmin
- Whether the client was an admin (seeAuthorizedClient.isAdmin()
)- Returns:
- A list of
OAuth2IdentityProvider
to add to the request model. - See Also:
-
which is used for caching the result.
-
determineLoggedInReturnUrl
-
getChangePasswordView
@FrameworkGetMapping("/change-password") public org.springframework.web.servlet.ModelAndView getChangePasswordView(org.springframework.ui.Model model, @ModelAttribute ChangePasswordForm changePasswordForm, @RequestParam(value="returnTo",required=false) String redirectUrl) -
processChangePasswordRequest
@FrameworkPostMapping("/change-password") public org.springframework.web.servlet.ModelAndView processChangePasswordRequest(javax.servlet.http.HttpServletRequest request, @ModelAttribute ChangePasswordForm changePasswordForm, @RequestParam(value="returnTo",required=false) String redirectUrl, org.springframework.validation.BindingResult errors, org.springframework.ui.Model model, javax.servlet.http.HttpServletResponse httpServletResponse) -
getChangePasswordSuccessView
@FrameworkGetMapping(path="/change-password-confirmation") public String getChangePasswordSuccessView() -
getUserPasswordService
-
getRedirectService
-
getLoginService
-
getProperties
-
getClientService
-
getClientProperties
-
getClientRegistrationRepository
-
getTypeFactory
protected com.broadleafcommerce.common.extension.TypeFactory getTypeFactory() -
getOath2AuthenticationProviders
Provides caching by the type of authorized client for the appropriateOAuth2IdentityProvider
for it.
-