Class DefaultOAuth2AuthorizationService
java.lang.Object
com.broadleafcommerce.auth.authorization.service.DefaultOAuth2AuthorizationService
- All Implemented Interfaces:
OidAwareOAuth2AuthorizationService
,org.springframework.security.oauth2.server.authorization.OAuth2AuthorizationService
public class DefaultOAuth2AuthorizationService
extends Object
implements org.springframework.security.oauth2.server.authorization.OAuth2AuthorizationService, OidAwareOAuth2AuthorizationService
Implementation of Spring's
OAuth2AuthorizationService
for datastore persistence of
OAuth2Authorization
instances. Notably, also handles application of the OID value, as
well as retrieval by OID. OID is an original ID value that relates all rotated refresh tokens to
the original refresh token issue.- See Also:
-
Nested Class Summary
Modifier and TypeClassDescriptionstatic interface
static interface
-
Constructor Summary
ConstructorDescriptionDefaultOAuth2AuthorizationService
(OAuth2AuthorizationRepository<JpaOAuth2Authorization> repository, org.springframework.security.oauth2.server.authorization.client.RegisteredClientRepository registeredClientRepository) -
Method Summary
Modifier and TypeMethodDescriptionorg.springframework.security.oauth2.server.authorization.OAuth2Authorization
org.springframework.security.oauth2.server.authorization.OAuth2Authorization
org.springframework.security.oauth2.server.authorization.OAuth2Authorization
findByToken
(String token, org.springframework.security.oauth2.server.authorization.OAuth2TokenType tokenType) protected org.springframework.security.oauth2.server.authorization.client.RegisteredClientRepository
protected Optional<org.springframework.security.oauth2.server.authorization.client.RegisteredClient>
loadAssociatedRegisteredClient
(org.springframework.security.oauth2.server.authorization.OAuth2Authorization authorization) void
remove
(org.springframework.security.oauth2.server.authorization.OAuth2Authorization authorization) void
save
(org.springframework.security.oauth2.server.authorization.OAuth2Authorization authorization) protected org.springframework.security.oauth2.server.authorization.client.RegisteredClient
validateRegisteredClientExists
(org.springframework.security.oauth2.server.authorization.OAuth2Authorization toValidate) This throws an error similar toJdbcOAuth2AuthorizationService.OAuth2AuthorizationRowMapper.mapRow(ResultSet, int)
and ensures we fail to load authorizations for which the associatedRegisteredClient
is no longer present.
-
Constructor Details
-
DefaultOAuth2AuthorizationService
public DefaultOAuth2AuthorizationService(OAuth2AuthorizationRepository<JpaOAuth2Authorization> repository, org.springframework.security.oauth2.server.authorization.client.RegisteredClientRepository registeredClientRepository)
-
-
Method Details
-
save
public void save(org.springframework.security.oauth2.server.authorization.OAuth2Authorization authorization) - Specified by:
save
in interfaceorg.springframework.security.oauth2.server.authorization.OAuth2AuthorizationService
-
remove
@Transactional public void remove(org.springframework.security.oauth2.server.authorization.OAuth2Authorization authorization) - Specified by:
remove
in interfaceorg.springframework.security.oauth2.server.authorization.OAuth2AuthorizationService
-
findById
@Transactional(readOnly=true) public org.springframework.security.oauth2.server.authorization.OAuth2Authorization findById(String id) - Specified by:
findById
in interfaceorg.springframework.security.oauth2.server.authorization.OAuth2AuthorizationService
-
findByOid
@Transactional(readOnly=true) public org.springframework.security.oauth2.server.authorization.OAuth2Authorization findByOid(String oid) - Specified by:
findByOid
in interfaceOidAwareOAuth2AuthorizationService
-
findByToken
@Transactional(readOnly=true) public org.springframework.security.oauth2.server.authorization.OAuth2Authorization findByToken(String token, org.springframework.security.oauth2.server.authorization.OAuth2TokenType tokenType) - Specified by:
findByToken
in interfaceorg.springframework.security.oauth2.server.authorization.OAuth2AuthorizationService
-
validateRegisteredClientExists
protected org.springframework.security.oauth2.server.authorization.client.RegisteredClient validateRegisteredClientExists(org.springframework.security.oauth2.server.authorization.OAuth2Authorization toValidate) This throws an error similar toJdbcOAuth2AuthorizationService.OAuth2AuthorizationRowMapper.mapRow(ResultSet, int)
and ensures we fail to load authorizations for which the associatedRegisteredClient
is no longer present.- Parameters:
toValidate
- the authorization whose registered client ID needs to be validated- Returns:
- the
RegisteredClient
found in the datastore - Throws:
org.springframework.dao.DataRetrievalFailureException
- thrown by default if no matchingRegisteredClient
was found
-
loadAssociatedRegisteredClient
protected Optional<org.springframework.security.oauth2.server.authorization.client.RegisteredClient> loadAssociatedRegisteredClient(org.springframework.security.oauth2.server.authorization.OAuth2Authorization authorization) -
getRepository
-
getRegisteredClientRepository
protected org.springframework.security.oauth2.server.authorization.client.RegisteredClientRepository getRegisteredClientRepository()
-