Class SessionTokenClaimKeys.ImpersonationClaims

java.lang.Object
com.broadleafcommerce.auth.resource.domain.SessionTokenClaimKeys.ImpersonationClaims
Enclosing class:
SessionTokenClaimKeys

public static final class SessionTokenClaimKeys.ImpersonationClaims extends Object
Though these are used in OAuth2SessionToken, some of these claims are also used in access tokens.
See Also:
  • Field Details

    • CSR_CLIENT_ID

      public static final String CSR_CLIENT_ID
      The claim storing the CSR's client ID. Only populated if impersonated.
      See Also:
    • CSR_SUBJECT

      public static final String CSR_SUBJECT
      The claim storing the CSR's subject. Only populated if impersonated.
      See Also:
    • CSR_USER_ID

      public static final String CSR_USER_ID
      The claim storing the CSR's user ID. Only populated if impersonated.
      See Also:
    • CSR_ANONYMOUS

      public static final String CSR_ANONYMOUS
      The claim indicating that the CSR is impersonating an anonymous user. Only populated if impersonated as an anonymous user.
      See Also:
    • CSR_ANONYMOUS_SUB_VALUE

      public static final String CSR_ANONYMOUS_SUB_VALUE
      The value of the SessionTokenClaimKeys.SUBJECT when anonymously impersonated as a CSR.
      See Also:
    • CSR_INHERITED_AUTHORITIES

      public static final String CSR_INHERITED_AUTHORITIES
      The claim storing the authorities inherited from the CSR. Only populated if impersonated.
      See Also:
    • IMPERSONATING_SELF

      public static final String IMPERSONATING_SELF
      The claim indicating whether the CSR is impersonated themselves rather than a customer user. Usually done in order to perform functions such as managing quotes rather than shopping on behalf of.
      See Also: