Class AbstractUserAccessTokenEnhancer
java.lang.Object
com.broadleafcommerce.auth.user.session.token.enhancer.AbstractUserAccessTokenEnhancer
- All Implemented Interfaces:
JwtAccessTokenEnhancer
,org.springframework.core.Ordered
- Direct Known Subclasses:
AccountIdAccessTokenEnhancer
,CustomerContextAccessTokenEnhancer
,CustomerSegmentsAccessTokenEnhancer
,TenantPropertiesAccessTokenEnhancer
,UserAccessTokenEnhancer
,UserRestrictionAccessTokenEnhancer
public abstract class AbstractUserAccessTokenEnhancer
extends Object
implements JwtAccessTokenEnhancer
Implementation of
JwtAccessTokenEnhancer
that has a request scoped UserContext that
contains the current user to avoid repeated database reads. TokenEnhancer implementations that
require access to the User
should extend this class and retrieve the user via the
getUser(org.springframework.security.core.Authentication)
method.-
Field Summary
Fields inherited from interface org.springframework.core.Ordered
HIGHEST_PRECEDENCE, LOWEST_PRECEDENCE
-
Constructor Summary
ConstructorDescriptionAbstractUserAccessTokenEnhancer
(UserService<User> userService, TokenEnhancerUtility tokenEnhancerUtility) -
Method Summary
Modifier and TypeMethodDescriptionprotected Optional<OAuth2SessionToken>
getSessionToken
(org.springframework.security.core.Authentication userPrincipal) Get thesession token
from theauthentication token
.protected TokenEnhancerUtility
getUser
(org.springframework.security.core.Authentication userPrincipal) Retrieve the current authenticatedUser
.Return the request scoped user context bean.protected String
getUserIdFromSession
(org.springframework.security.core.Authentication userPrincipal) Read theUser
ID from the session token.protected UserService<User>
protected boolean
Check whether the current authentication is a CSR impersonation of an anonymous user.protected boolean
isClientOnly
(JwtTokenEnhancerContext context) Whether the authorization in the context represents a client-only authorization.void
setUserContext
(UserContext userContext) protected boolean
shouldEnhance
(JwtTokenEnhancerContext context) Whether the token should be enhanced.Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
Methods inherited from interface com.broadleafcommerce.auth.user.session.token.enhancer.JwtAccessTokenEnhancer
enhance, getOrder
-
Constructor Details
-
AbstractUserAccessTokenEnhancer
public AbstractUserAccessTokenEnhancer(UserService<User> userService, TokenEnhancerUtility tokenEnhancerUtility)
-
-
Method Details
-
getUser
Retrieve the current authenticatedUser
. This method assumes that the user is logged in and exists. In other words,isClientOnly(JwtTokenEnhancerContext)
should return false if this method is to be called.Note that the user is cached at the request scope. Any calls after the first call to this method during the same request will return the same user, regardless of the argument passed.
- Parameters:
userPrincipal
- TheAuthentication
object that represents a User principal.- Returns:
- The currently authenticated user.
- Throws:
com.broadleafcommerce.data.tracking.core.exception.EntityMissingException
- ifUser
is not found.
-
isAnonymousCsrImpersonation
Check whether the current authentication is a CSR impersonation of an anonymous user.- Parameters:
context
- TheJwtTokenEnhancerContext
object passed toJwtAccessTokenEnhancer.enhance(JwtTokenEnhancerContext)
.- Returns:
- True if the current authentication is a CSR impersonation of an anonymous user.
-
shouldEnhance
Whether the token should be enhanced.- Parameters:
context
- TheJwtTokenEnhancerContext
object passed toJwtAccessTokenEnhancer.enhance(JwtTokenEnhancerContext)
.- Returns:
- True if this
JwtAccessTokenEnhancer
should execute for the givenJwtTokenEnhancerContext
.
-
isClientOnly
Whether the authorization in the context represents a client-only authorization. That is, an authorization without a User.- Parameters:
context
- TheJwtTokenEnhancerContext
object passed toJwtAccessTokenEnhancer.enhance(JwtTokenEnhancerContext)
.- Returns:
- True if this context holds a client-only authorization.
-
setUserContext
-
getUserContext
Return the request scoped user context bean. If not in a request scope, null is returned.- Returns:
- The
userContext
if in scope.
-
getUserIdFromSession
@Nullable protected String getUserIdFromSession(org.springframework.security.core.Authentication userPrincipal) Read theUser
ID from the session token.- Parameters:
userPrincipal
- The Authentication representing the User.- Returns:
- The User ID from the session token, or null if it is not available.
-
getSessionToken
protected Optional<OAuth2SessionToken> getSessionToken(org.springframework.security.core.Authentication userPrincipal) Get thesession token
from theauthentication token
.- Parameters:
userPrincipal
- TheOAuth2SessionAuthenticationToken
of the User.- Returns:
- An Optional with the
OAuth2SessionToken
if available, or empty.
-
getUserService
-
getTokenEnhancerUtility
-