Class DefaultClientScopeAuthorizationCodeRequestConverter
java.lang.Object
com.broadleafcommerce.auth.authorization.security.spring.DefaultClientScopeAuthorizationCodeRequestConverter
- All Implemented Interfaces:
org.springframework.security.web.authentication.AuthenticationConverter
public class DefaultClientScopeAuthorizationCodeRequestConverter
extends Object
implements org.springframework.security.web.authentication.AuthenticationConverter
Leverages
OAuth2AuthorizationCodeRequestAuthenticationToken
to create an
OAuth2AuthorizationCodeRequestAuthenticationToken
from the request.
This implementation adds the ability to use default scopes if no scopes are requested. If there are no scopes on the request, then the scopes from the RegisteredClient will be used as requested scopes.
Scope validation and authorization is performed in
ScopeNarrowingOAuth2AuthorizationCodeRequestAuthenticationProvider.getUserAuthorizedScopes(OAuth2AuthorizationCodeRequestAuthenticationToken, RegisteredClient)
.
- Author:
- Cade Rea (cade-rea)
- See Also:
-
Constructor Summary
ConstructorDescriptionDefaultClientScopeAuthorizationCodeRequestConverter
(org.springframework.security.oauth2.server.authorization.client.RegisteredClientRepository registeredClientRepository) -
Method Summary
Modifier and TypeMethodDescriptionorg.springframework.security.core.Authentication
convert
(jakarta.servlet.http.HttpServletRequest request) protected org.springframework.security.oauth2.server.authorization.authentication.OAuth2AuthorizationCodeRequestAuthenticationException
createClientIdException
(org.springframework.security.oauth2.server.authorization.authentication.OAuth2AuthorizationCodeRequestAuthenticationToken requestToken) Prepare anOAuth2AuthorizationCodeRequestAuthenticationException
.getClientScopes
(org.springframework.security.oauth2.server.authorization.authentication.OAuth2AuthorizationCodeRequestAuthenticationToken requestToken) Read the scopes from theRegisteredClient
specified by theOAuth2ParameterNames.CLIENT_ID
parameter.protected org.springframework.security.oauth2.server.authorization.client.RegisteredClientRepository
-
Constructor Details
-
DefaultClientScopeAuthorizationCodeRequestConverter
public DefaultClientScopeAuthorizationCodeRequestConverter(org.springframework.security.oauth2.server.authorization.client.RegisteredClientRepository registeredClientRepository)
-
-
Method Details
-
convert
public org.springframework.security.core.Authentication convert(jakarta.servlet.http.HttpServletRequest request) - Specified by:
convert
in interfaceorg.springframework.security.web.authentication.AuthenticationConverter
-
getClientScopes
protected Set<String> getClientScopes(org.springframework.security.oauth2.server.authorization.authentication.OAuth2AuthorizationCodeRequestAuthenticationToken requestToken) Read the scopes from theRegisteredClient
specified by theOAuth2ParameterNames.CLIENT_ID
parameter.This logic is modeled after the logic used in
ScopeNarrowingOAuth2AuthorizationCodeRequestAuthenticationProvider.authenticate(Authentication)
to retrieve the RegisteredClient.- Parameters:
requestToken
- TheOAuth2AuthorizationCodeRequestAuthenticationToken
that represents the auth code request.- Returns:
- The set of scopes specified on the
AuthorizedClient
. - See Also:
-
createClientIdException
protected org.springframework.security.oauth2.server.authorization.authentication.OAuth2AuthorizationCodeRequestAuthenticationException createClientIdException(org.springframework.security.oauth2.server.authorization.authentication.OAuth2AuthorizationCodeRequestAuthenticationToken requestToken) Prepare anOAuth2AuthorizationCodeRequestAuthenticationException
. Adapted fromOAuth2AuthorizationCodeRequestAuthenticationProvider
.- Parameters:
requestToken
- Container for parameters of the Authorization Code request.- Returns:
- An
OAuth2AuthorizationCodeRequestAuthenticationException
that describes the authorization error. - See Also:
-
OAuth2AuthorizationCodeRequestAuthenticationProvider.throwError(String, String, OAuth2AuthorizationCodeRequestAuthenticationToken, RegisteredClient)
ScopeNarrowingOAuth2AuthorizationCodeRequestAuthenticationProvider.throwError(String, String, OAuth2AuthorizationCodeRequestAuthenticationToken, RegisteredClient)
-
getRegisteredClientRepository
protected org.springframework.security.oauth2.server.authorization.client.RegisteredClientRepository getRegisteredClientRepository()
-