Class EmbeddedLoginCodeAuthenticationProvider
java.lang.Object
com.broadleafcommerce.auth.authorization.security.embedded.code.EmbeddedLoginCodeAuthenticationProvider
- All Implemented Interfaces:
org.springframework.core.Ordered
,org.springframework.security.authentication.AuthenticationProvider
public final class EmbeddedLoginCodeAuthenticationProvider
extends Object
implements org.springframework.security.authentication.AuthenticationProvider, org.springframework.core.Ordered
Authenticates the user for the
OAuth2TokenEndpointFilter
based on a one-time passcode parameter.
This class is generally patterned after
PublicRefreshOAuth2AuthorizationCodeAuthenticationProvider
,
to ensure that the access and refresh tokens are created correctly. However, since Embedded Login
combines some of the standard OAuth steps, this provider has logic borrowed from various places
like the session authentication provider and auth code authentication provider.
- Author:
- Cade Rea (cade-rea)
- See Also:
-
PublicRefreshOAuth2AuthorizationCodeAuthenticationProvider
OAuth2SessionAuthenticationProvider
ScopeNarrowingOAuth2AuthorizationCodeRequestAuthenticationProvider
OAuth2AuthorizationCodeAuthenticationProvider
-
Field Summary
Fields inherited from interface org.springframework.core.Ordered
HIGHEST_PRECEDENCE, LOWEST_PRECEDENCE
-
Constructor Summary
ConstructorDescriptionEmbeddedLoginCodeAuthenticationProvider
(org.springframework.security.oauth2.server.authorization.OAuth2AuthorizationService authorizationService, org.springframework.security.oauth2.server.authorization.token.OAuth2TokenGenerator<? extends org.springframework.security.oauth2.core.OAuth2Token> tokenGenerator, TokenProperties tokenProperties, SecurityService securityService, PasscodeService<PasswordToken, User> passcodeService, OAuth2UserDetailsService userDetailsService, UserService<User> userService) -
Method Summary
Modifier and TypeMethodDescriptionorg.springframework.security.core.Authentication
authenticate
(org.springframework.security.core.Authentication authentication) int
getOrder()
void
setSessionRegistry
(org.springframework.security.core.session.SessionRegistry sessionRegistry) Sets theSessionRegistry
used to track OpenID Connect sessions.boolean
-
Constructor Details
-
EmbeddedLoginCodeAuthenticationProvider
public EmbeddedLoginCodeAuthenticationProvider(org.springframework.security.oauth2.server.authorization.OAuth2AuthorizationService authorizationService, org.springframework.security.oauth2.server.authorization.token.OAuth2TokenGenerator<? extends org.springframework.security.oauth2.core.OAuth2Token> tokenGenerator, TokenProperties tokenProperties, SecurityService securityService, PasscodeService<PasswordToken, User> passcodeService, OAuth2UserDetailsService userDetailsService, UserService<User> userService)
-
-
Method Details
-
supports
- Specified by:
supports
in interfaceorg.springframework.security.authentication.AuthenticationProvider
-
getOrder
public int getOrder()- Specified by:
getOrder
in interfaceorg.springframework.core.Ordered
-
authenticate
public org.springframework.security.core.Authentication authenticate(org.springframework.security.core.Authentication authentication) throws org.springframework.security.core.AuthenticationException - Specified by:
authenticate
in interfaceorg.springframework.security.authentication.AuthenticationProvider
- Throws:
org.springframework.security.core.AuthenticationException
-
setSessionRegistry
public void setSessionRegistry(org.springframework.security.core.session.SessionRegistry sessionRegistry) Sets theSessionRegistry
used to track OpenID Connect sessions.- Parameters:
sessionRegistry
- theSessionRegistry
used to track OpenID Connect sessions- Since:
- 1.1
-