Package com.broadleafcommerce.auth.user.session.token.enhancer

Class AbstractUserAccessTokenEnhancer

java.lang.Object

com.broadleafcommerce.auth.user.session.token.enhancer.AbstractUserAccessTokenEnhancer

All Implemented Interfaces:

JwtAccessTokenEnhancer, org.springframework.core.Ordered

Direct Known Subclasses:

AccountIdAccessTokenEnhancer, CustomerContextAccessTokenEnhancer, CustomerSegmentsAccessTokenEnhancer, TenantPropertiesAccessTokenEnhancer, UserAccessTokenEnhancer, UserRestrictionAccessTokenEnhancer

public abstract class AbstractUserAccessTokenEnhancer
extends Object
implements JwtAccessTokenEnhancer

Implementation of JwtAccessTokenEnhancer that has a request scoped UserContext that contains the current user to avoid repeated database reads. TokenEnhancer implementations that require access to the User should extend this class and retrieve the user via the getUser(org.springframework.security.core.Authentication) method.

Field Summary

Fields inherited from interface org.springframework.core.Ordered

HIGHEST_PRECEDENCE, LOWEST_PRECEDENCE

Constructor Summary

Constructors

Constructor	Description
AbstractUserAccessTokenEnhancer(UserService<User> userService, TokenEnhancerUtility tokenEnhancerUtility)

Method Summary

Modifier and Type	Method	Description
protected Optional<OAuth2SessionToken>	getSessionToken(org.springframework.security.core.Authentication userPrincipal)	Get the session token from the authentication token.
protected TokenEnhancerUtility	getTokenEnhancerUtility()
User	getUser(org.springframework.security.core.Authentication userPrincipal)	Retrieve the current authenticated User.
UserContext	getUserContext()	Return the request scoped user context bean.
protected String	getUserIdFromSession(org.springframework.security.core.Authentication userPrincipal)	Read the User ID from the session token.
protected UserService<User>	getUserService()
protected boolean	isAnonymousCsrImpersonation(JwtTokenEnhancerContext context)	Check whether the current authentication is a CSR impersonation of an anonymous user.
protected boolean	isClientOnly(JwtTokenEnhancerContext context)	Whether the authorization in the context represents a client-only authorization.
void	setUserContext(UserContext userContext)
protected boolean	shouldEnhance(JwtTokenEnhancerContext context)	Whether the token should be enhanced.

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Methods inherited from interface com.broadleafcommerce.auth.user.session.token.enhancer.JwtAccessTokenEnhancer

enhance, getOrder

Constructor Details

AbstractUserAccessTokenEnhancer

public AbstractUserAccessTokenEnhancer(UserService<User> userService,
 TokenEnhancerUtility tokenEnhancerUtility)

Method Details

getUser

public User getUser(org.springframework.security.core.Authentication userPrincipal)

Retrieve the current authenticated User. This method assumes that the user is logged in and exists. In other words, isClientOnly(JwtTokenEnhancerContext) should return false if this method is to be called.

Note that the user is cached at the request scope. Any calls after the first call to this method during the same request will return the same user, regardless of the argument passed.

Parameters:

userPrincipal - The Authentication object that represents a User principal.

Returns:

The currently authenticated user.

Throws:

com.broadleafcommerce.data.tracking.core.exception.EntityMissingException - if User is not found.

isAnonymousCsrImpersonation

protected boolean isAnonymousCsrImpersonation(JwtTokenEnhancerContext context)

Check whether the current authentication is a CSR impersonation of an anonymous user.

Parameters:

context - The JwtTokenEnhancerContext object passed to JwtAccessTokenEnhancer.enhance(JwtTokenEnhancerContext).

Returns:

True if the current authentication is a CSR impersonation of an anonymous user.

shouldEnhance

protected boolean shouldEnhance(JwtTokenEnhancerContext context)

Whether the token should be enhanced.

Parameters:

context - The JwtTokenEnhancerContext object passed to JwtAccessTokenEnhancer.enhance(JwtTokenEnhancerContext).

Returns:

True if this JwtAccessTokenEnhancer should execute for the given JwtTokenEnhancerContext.

isClientOnly

protected boolean isClientOnly(JwtTokenEnhancerContext context)

Whether the authorization in the context represents a client-only authorization. That is, an authorization without a User.

Parameters:

context - The JwtTokenEnhancerContext object passed to JwtAccessTokenEnhancer.enhance(JwtTokenEnhancerContext).

Returns:

True if this context holds a client-only authorization.

setUserContext

@Autowired(required=false)
public void setUserContext(UserContext userContext)

getUserContext

@Nullable
public UserContext getUserContext()

Return the request scoped user context bean. If not in a request scope, null is returned.

Returns:

The userContext if in scope.

getUserIdFromSession

@Nullable
protected String getUserIdFromSession(org.springframework.security.core.Authentication userPrincipal)

Read the User ID from the session token.

Parameters:

userPrincipal - The Authentication representing the User.

Returns:

The User ID from the session token, or null if it is not available.

getSessionToken

protected Optional<OAuth2SessionToken> getSessionToken(org.springframework.security.core.Authentication userPrincipal)

Get the session token from the authentication token.

Parameters:

userPrincipal - The OAuth2SessionAuthenticationToken of the User.

Returns:

An Optional with the OAuth2SessionToken if available, or empty.

getUserService

protected UserService<User> getUserService()

getTokenEnhancerUtility

protected TokenEnhancerUtility getTokenEnhancerUtility()