Class AbstractUserAccessTokenEnhancer

java.lang.Object
com.broadleafcommerce.auth.user.session.token.enhancer.AbstractUserAccessTokenEnhancer
All Implemented Interfaces:
JwtAccessTokenEnhancer, org.springframework.core.Ordered
Direct Known Subclasses:
AccountIdAccessTokenEnhancer, CustomerContextAccessTokenEnhancer, CustomerSegmentsAccessTokenEnhancer, TenantPropertiesAccessTokenEnhancer, UserAccessTokenEnhancer, UserRestrictionAccessTokenEnhancer

public abstract class AbstractUserAccessTokenEnhancer extends Object implements JwtAccessTokenEnhancer
Implementation of JwtAccessTokenEnhancer that has a request scoped UserContext that contains the current user to avoid repeated database reads. TokenEnhancer implementations that require access to the User should extend this class and retrieve the user via the getUser(org.springframework.security.core.Authentication) method.
  • Constructor Details

  • Method Details

    • getUser

      public User getUser(org.springframework.security.core.Authentication userPrincipal)
      Retrieve the current authenticated User. This method assumes that the user is logged in and exists. In other words, isClientOnly(JwtTokenEnhancerContext) should return false if this method is to be called.

      Note that the user is cached at the request scope. Any calls after the first call to this method during the same request will return the same user, regardless of the argument passed.

      Parameters:
      userPrincipal - The Authentication object that represents a User principal.
      Returns:
      The currently authenticated user.
      Throws:
      com.broadleafcommerce.data.tracking.core.exception.EntityMissingException - if User is not found.
    • isAnonymousCsrImpersonation

      protected boolean isAnonymousCsrImpersonation(JwtTokenEnhancerContext context)
      Check whether the current authentication is a CSR impersonation of an anonymous user.
      Parameters:
      context - The JwtTokenEnhancerContext object passed to JwtAccessTokenEnhancer.enhance(JwtTokenEnhancerContext).
      Returns:
      True if the current authentication is a CSR impersonation of an anonymous user.
    • shouldEnhance

      protected boolean shouldEnhance(JwtTokenEnhancerContext context)
      Whether the token should be enhanced.
      Parameters:
      context - The JwtTokenEnhancerContext object passed to JwtAccessTokenEnhancer.enhance(JwtTokenEnhancerContext).
      Returns:
      True if this JwtAccessTokenEnhancer should execute for the given JwtTokenEnhancerContext.
    • isClientOnly

      protected boolean isClientOnly(JwtTokenEnhancerContext context)
      Whether the authorization in the context represents a client-only authorization. That is, an authorization without a User.
      Parameters:
      context - The JwtTokenEnhancerContext object passed to JwtAccessTokenEnhancer.enhance(JwtTokenEnhancerContext).
      Returns:
      True if this context holds a client-only authorization.
    • setUserContext

      @Autowired(required=false) public void setUserContext(UserContext userContext)
    • getUserContext

      @Nullable public UserContext getUserContext()
      Return the request scoped user context bean. If not in a request scope, null is returned.
      Returns:
      The userContext if in scope.
    • getUserIdFromSession

      @Nullable protected String getUserIdFromSession(org.springframework.security.core.Authentication userPrincipal)
      Read the User ID from the session token.
      Parameters:
      userPrincipal - The Authentication representing the User.
      Returns:
      The User ID from the session token, or null if it is not available.
    • getSessionToken

      protected Optional<OAuth2SessionToken> getSessionToken(org.springframework.security.core.Authentication userPrincipal)
      Parameters:
      userPrincipal - The OAuth2SessionAuthenticationToken of the User.
      Returns:
      An Optional with the OAuth2SessionToken if available, or empty.
    • getUserService

      protected UserService<User> getUserService()
    • getTokenEnhancerUtility

      protected TokenEnhancerUtility getTokenEnhancerUtility()