Class CustomerContextAccessTokenEnhancer

java.lang.Object
com.broadleafcommerce.auth.user.session.token.enhancer.AbstractUserAccessTokenEnhancer
com.broadleafcommerce.auth.user.session.token.enhancer.CustomerContextAccessTokenEnhancer
All Implemented Interfaces:
JwtAccessTokenEnhancer, org.springframework.core.Ordered

public class CustomerContextAccessTokenEnhancer extends AbstractUserAccessTokenEnhancer
Enhances tokens with the "customer_context_ids" claim. These are the customer context IDs that the user is eligible to read from.

This mainly comes into play for UserType.ADMIN and UserType.CUSTOMER users. This allows us to validate that an Admin is able to read a particular customer or customers, and that a customer can only read data within their specific customer context.

See Also: