Class EmbeddedLoginCodeAuthenticationProvider
java.lang.Object
com.broadleafcommerce.auth.authorization.security.embedded.code.EmbeddedLoginCodeAuthenticationProvider
- All Implemented Interfaces:
org.springframework.core.Ordered,org.springframework.security.authentication.AuthenticationProvider
public final class EmbeddedLoginCodeAuthenticationProvider
extends Object
implements org.springframework.security.authentication.AuthenticationProvider, org.springframework.core.Ordered
Authenticates the user for the
OAuth2TokenEndpointFilter
based on a one-time passcode parameter.
This class is generally patterned after
PublicRefreshOAuth2AuthorizationCodeAuthenticationProvider,
to ensure that the access and refresh tokens are created correctly. However, since Embedded Login
combines some of the standard OAuth steps, this provider has logic borrowed from various places
like the session authentication provider and auth code authentication provider.
- Author:
- Cade Rea (cade-rea)
- See Also:
-
PublicRefreshOAuth2AuthorizationCodeAuthenticationProviderOAuth2SessionAuthenticationProviderScopeNarrowingOAuth2AuthorizationCodeRequestAuthenticationProviderOAuth2AuthorizationCodeAuthenticationProvider
-
Field Summary
Fields inherited from interface org.springframework.core.Ordered
HIGHEST_PRECEDENCE, LOWEST_PRECEDENCE -
Constructor Summary
ConstructorsConstructorDescriptionEmbeddedLoginCodeAuthenticationProvider(org.springframework.security.oauth2.server.authorization.OAuth2AuthorizationService authorizationService, org.springframework.security.oauth2.server.authorization.token.OAuth2TokenGenerator<? extends org.springframework.security.oauth2.core.OAuth2Token> tokenGenerator, TokenProperties tokenProperties, SecurityService securityService, PasscodeService<PasswordToken, User> passcodeService, OAuth2UserDetailsService userDetailsService, UserService<User> userService) -
Method Summary
Modifier and TypeMethodDescriptionorg.springframework.security.core.Authenticationauthenticate(org.springframework.security.core.Authentication authentication) intgetOrder()voidsetSessionRegistry(org.springframework.security.core.session.SessionRegistry sessionRegistry) Sets theSessionRegistryused to track OpenID Connect sessions.boolean
-
Constructor Details
-
EmbeddedLoginCodeAuthenticationProvider
public EmbeddedLoginCodeAuthenticationProvider(org.springframework.security.oauth2.server.authorization.OAuth2AuthorizationService authorizationService, org.springframework.security.oauth2.server.authorization.token.OAuth2TokenGenerator<? extends org.springframework.security.oauth2.core.OAuth2Token> tokenGenerator, TokenProperties tokenProperties, SecurityService securityService, PasscodeService<PasswordToken, User> passcodeService, OAuth2UserDetailsService userDetailsService, UserService<User> userService)
-
-
Method Details
-
supports
- Specified by:
supportsin interfaceorg.springframework.security.authentication.AuthenticationProvider
-
getOrder
public int getOrder()- Specified by:
getOrderin interfaceorg.springframework.core.Ordered
-
authenticate
public org.springframework.security.core.Authentication authenticate(org.springframework.security.core.Authentication authentication) throws org.springframework.security.core.AuthenticationException - Specified by:
authenticatein interfaceorg.springframework.security.authentication.AuthenticationProvider- Throws:
org.springframework.security.core.AuthenticationException
-
setSessionRegistry
public void setSessionRegistry(org.springframework.security.core.session.SessionRegistry sessionRegistry) Sets theSessionRegistryused to track OpenID Connect sessions.- Parameters:
sessionRegistry- theSessionRegistryused to track OpenID Connect sessions- Since:
- 1.1
-