Package com.broadleafcommerce.auth.authorization.security.spring

Class DefaultClientScopeAuthorizationCodeRequestConverter

java.lang.Object
com.broadleafcommerce.auth.authorization.security.spring.DefaultClientScopeAuthorizationCodeRequestConverter
All Implemented Interfaces:
org.springframework.security.web.authentication.AuthenticationConverter
public class DefaultClientScopeAuthorizationCodeRequestConverter extends Object implements org.springframework.security.web.authentication.AuthenticationConverter
Leverages OAuth2AuthorizationCodeRequestAuthenticationToken to create an OAuth2AuthorizationCodeRequestAuthenticationToken from the request.

This implementation adds the ability to use default scopes if no scopes are requested. If there are no scopes on the request, then the scopes from the RegisteredClient will be used as requested scopes.

Scope validation and authorization is performed in ScopeNarrowingOAuth2AuthorizationCodeRequestAuthenticationProvider.getUserAuthorizedScopes(OAuth2AuthorizationCodeRequestAuthenticationToken, RegisteredClient).

Author:
Cade Rea (cade-rea)
See Also:

  • Constructor Summary

    Constructors
    Constructor
    Description
    DefaultClientScopeAuthorizationCodeRequestConverter(org.springframework.security.oauth2.server.authorization.client.RegisteredClientRepository registeredClientRepository)
     

  • Method Summary

    Modifier and Type
    Method
    Description
    org.springframework.security.core.Authentication
    convert(jakarta.servlet.http.HttpServletRequest request)
     
    protected org.springframework.security.oauth2.server.authorization.authentication.OAuth2AuthorizationCodeRequestAuthenticationException
    createClientIdException(org.springframework.security.oauth2.server.authorization.authentication.OAuth2AuthorizationCodeRequestAuthenticationToken requestToken)
    Prepare an OAuth2AuthorizationCodeRequestAuthenticationException.
    protected Set<String>
    getClientScopes(org.springframework.security.oauth2.server.authorization.authentication.OAuth2AuthorizationCodeRequestAuthenticationToken requestToken)
    Read the scopes from the RegisteredClient specified by the OAuth2ParameterNames.CLIENT_ID parameter.
    protected org.springframework.security.oauth2.server.authorization.client.RegisteredClientRepository
    getRegisteredClientRepository()
     

    Methods inherited from class java.lang.Object

    clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

  • Constructor Details

    • DefaultClientScopeAuthorizationCodeRequestConverter

      public DefaultClientScopeAuthorizationCodeRequestConverter(org.springframework.security.oauth2.server.authorization.client.RegisteredClientRepository registeredClientRepository)

  • Method Details

    • convert

      public org.springframework.security.core.Authentication convert(jakarta.servlet.http.HttpServletRequest request)
      Specified by:
      convert in interface org.springframework.security.web.authentication.AuthenticationConverter

    • getClientScopes

      protected Set<String> getClientScopes(org.springframework.security.oauth2.server.authorization.authentication.OAuth2AuthorizationCodeRequestAuthenticationToken requestToken)
      Read the scopes from the RegisteredClient specified by the OAuth2ParameterNames.CLIENT_ID parameter.

      This logic is modeled after the logic used in ScopeNarrowingOAuth2AuthorizationCodeRequestAuthenticationProvider.authenticate(Authentication) to retrieve the RegisteredClient.

      Parameters:
      requestToken - The OAuth2AuthorizationCodeRequestAuthenticationToken that represents the auth code request.
      Returns:
      The set of scopes specified on the AuthorizedClient.
      See Also:

    • createClientIdException

      protected org.springframework.security.oauth2.server.authorization.authentication.OAuth2AuthorizationCodeRequestAuthenticationException createClientIdException(org.springframework.security.oauth2.server.authorization.authentication.OAuth2AuthorizationCodeRequestAuthenticationToken requestToken)
      Prepare an OAuth2AuthorizationCodeRequestAuthenticationException. Adapted from OAuth2AuthorizationCodeRequestAuthenticationProvider.
      Parameters:
      requestToken - Container for parameters of the Authorization Code request.
      Returns:
      An OAuth2AuthorizationCodeRequestAuthenticationException that describes the authorization error.
      See Also:
      • OAuth2AuthorizationCodeRequestAuthenticationProvider.throwError(String, String, OAuth2AuthorizationCodeRequestAuthenticationToken, RegisteredClient)
      • ScopeNarrowingOAuth2AuthorizationCodeRequestAuthenticationProvider.throwError(String, String, OAuth2AuthorizationCodeRequestAuthenticationToken, RegisteredClient)

    • getRegisteredClientRepository

      protected org.springframework.security.oauth2.server.authorization.client.RegisteredClientRepository getRegisteredClientRepository()