Class DefaultClientScopeClientCredentialsRequestConverter
java.lang.Object
com.broadleafcommerce.auth.authorization.security.spring.DefaultClientScopeClientCredentialsRequestConverter
- All Implemented Interfaces:
org.springframework.security.web.authentication.AuthenticationConverter
public class DefaultClientScopeClientCredentialsRequestConverter
extends Object
implements org.springframework.security.web.authentication.AuthenticationConverter
Leverages the
OAuth2ClientCredentialsAuthenticationConverter
to create an
OAuth2ClientCredentialsAuthenticationToken
from the request.
This implementation adds the ability to use default scopes if no scopes are requested. If there are no scopes on the request, then the scopes from the RegisteredClient will be used as requested scopes.
Scope validation and authorization is performed in
ScopeNarrowingOAuth2ClientCredentialsAuthenticationProvider.getClientAccessibleScopes(OAuth2ClientCredentialsAuthenticationToken, RegisteredClient)
.
- Author:
- Cade Rea (cade-rea)
- See Also:
-
Constructor Summary
-
Method Summary
Modifier and TypeMethodDescriptionprotected org.springframework.security.oauth2.core.OAuth2AuthenticationException
Prepare anOAuth2AuthenticationException
to report an invalid client.org.springframework.security.core.Authentication
convert
(jakarta.servlet.http.HttpServletRequest request) getClientScopes
(org.springframework.security.oauth2.server.authorization.authentication.OAuth2ClientCredentialsAuthenticationToken clientCredentialsToken) Read the scopes from theRegisteredClient
specified by theOAuth2ParameterNames.CLIENT_ID
parameter.
-
Constructor Details
-
DefaultClientScopeClientCredentialsRequestConverter
public DefaultClientScopeClientCredentialsRequestConverter()
-
-
Method Details
-
convert
public org.springframework.security.core.Authentication convert(jakarta.servlet.http.HttpServletRequest request) - Specified by:
convert
in interfaceorg.springframework.security.web.authentication.AuthenticationConverter
-
getClientScopes
protected Set<String> getClientScopes(org.springframework.security.oauth2.server.authorization.authentication.OAuth2ClientCredentialsAuthenticationToken clientCredentialsToken) Read the scopes from theRegisteredClient
specified by theOAuth2ParameterNames.CLIENT_ID
parameter.- Parameters:
clientCredentialsToken
- TheOAuth2ClientCredentialsAuthenticationToken
that represents the client credentials request.- Returns:
- The set of scopes specified on the
AuthorizedClient
. - See Also:
-
clientIdException
protected org.springframework.security.oauth2.core.OAuth2AuthenticationException clientIdException()Prepare anOAuth2AuthenticationException
to report an invalid client.- Returns:
- An
OAuth2AuthenticationException
describing the error.
-