Class DefaultSessionAuthenticationStrategy
java.lang.Object
com.broadleafcommerce.auth.user.service.DefaultSessionAuthenticationStrategy
- All Implemented Interfaces:
org.springframework.security.web.authentication.session.SessionAuthenticationStrategy
public class DefaultSessionAuthenticationStrategy
extends Object
implements org.springframework.security.web.authentication.session.SessionAuthenticationStrategy
This is used to set the session cookie after successful authentication. It is intended to be used
for all authentication types. Each authentication flow should register its own
AuthenticationStrategyDelegate
to facilitate loading an OAuth2UserDetails
from an
Authentication
.-
Constructor Summary
ConstructorDescriptionDefaultSessionAuthenticationStrategy
(StatelessUtil statelessUtil, List<AuthenticationStrategyDelegate> authenticationStrategyDelegates) -
Method Summary
Modifier and TypeMethodDescriptionprotected List<AuthenticationStrategyDelegate>
protected OAuth2UserDetails
getOAuth2UserDetails
(@NonNull org.springframework.security.core.Authentication authentication) protected StatelessUtil
void
onAuthentication
(@NonNull org.springframework.security.core.Authentication authentication, @NonNull jakarta.servlet.http.HttpServletRequest request, @NonNull jakarta.servlet.http.HttpServletResponse response) protected void
setSessionCookie
(@NonNull jakarta.servlet.http.HttpServletResponse response, @NonNull OAuth2UserDetails oAuth2UserDetails) protected boolean
shouldSetCookie
(@NonNull org.springframework.security.core.Authentication authentication, @NonNull jakarta.servlet.http.HttpServletRequest request, @NonNull jakarta.servlet.http.HttpServletResponse response) Determine if the session cookie should be set on the response.
-
Constructor Details
-
DefaultSessionAuthenticationStrategy
public DefaultSessionAuthenticationStrategy(StatelessUtil statelessUtil, List<AuthenticationStrategyDelegate> authenticationStrategyDelegates)
-
-
Method Details
-
onAuthentication
public void onAuthentication(@NonNull @NonNull org.springframework.security.core.Authentication authentication, @NonNull @NonNull jakarta.servlet.http.HttpServletRequest request, @NonNull @NonNull jakarta.servlet.http.HttpServletResponse response) throws org.springframework.security.web.authentication.session.SessionAuthenticationException - Specified by:
onAuthentication
in interfaceorg.springframework.security.web.authentication.session.SessionAuthenticationStrategy
- Throws:
org.springframework.security.web.authentication.session.SessionAuthenticationException
-
shouldSetCookie
protected boolean shouldSetCookie(@NonNull @NonNull org.springframework.security.core.Authentication authentication, @NonNull @NonNull jakarta.servlet.http.HttpServletRequest request, @NonNull @NonNull jakarta.servlet.http.HttpServletResponse response) Determine if the session cookie should be set on the response.- Parameters:
authentication
- The successful session authentication.request
- The web requestresponse
- The web response- Returns:
- True if the session cookie should be added to the response, false otherwise.
-
getOAuth2UserDetails
protected OAuth2UserDetails getOAuth2UserDetails(@NonNull @NonNull org.springframework.security.core.Authentication authentication) -
setSessionCookie
protected void setSessionCookie(@NonNull @NonNull jakarta.servlet.http.HttpServletResponse response, @NonNull @NonNull OAuth2UserDetails oAuth2UserDetails) -
getStatelessUtil
-
getAuthenticationStrategyDelegates
-