com.broadleafcommerce.auth.user.session.token.enhancer.AbstractUserAccessTokenEnhancer

com.broadleafcommerce.auth.user.session.token.enhancer.CustomerContextAccessTokenEnhancer

All Implemented Interfaces:: JwtAccessTokenEnhancer, org.springframework.core.Ordered

public class CustomerContextAccessTokenEnhancer extends AbstractUserAccessTokenEnhancer

Enhances tokens with the "customer_context_ids" claim. These are the customer context IDs that the user is eligible to read from.

This mainly comes into play for UserType.ADMIN and UserType.CUSTOMER users. This allows us to validate that an Admin is able to read a particular customer or customers, and that a customer can only read data within their specific customer context.

See Also:

Application.getCustomerContextId()

Field Summary

Fields inherited from interface org.springframework.core.Ordered
HIGHEST_PRECEDENCE, LOWEST_PRECEDENCE
Constructor Summary

Constructors

Constructor

Description

CustomerContextAccessTokenEnhancer(UserService<User> userService, TokenEnhancerUtility tokenEnhancerUtility, ApplicationService<Application> applicationService)
Method Summary

Modifier and Type

Method

Description

protected void

addCustomerContextIds(JwtTokenEnhancerContext context, Collection<String> customerContextIds)

void

enhance(JwtTokenEnhancerContext context)

Evaluate the authentication and add claims as necessary.

protected ApplicationService<Application>

getApplicationService()

protected boolean

isAssignedToApplication(User user)

protected void

setCustomerContextIds(Collection<String> customerContextIds, JwtTokenEnhancerContext context)

Methods inherited from class com.broadleafcommerce.auth.user.session.token.enhancer.AbstractUserAccessTokenEnhancer
getSessionToken, getTokenEnhancerUtility, getUser, getUserContext, getUserIdFromSession, getUserService, isAnonymousCsrImpersonation, isClientOnly, setUserContext, shouldEnhance

Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Methods inherited from interface com.broadleafcommerce.auth.user.session.token.enhancer.JwtAccessTokenEnhancer
getOrder

Constructor Details
- CustomerContextAccessTokenEnhancer
  
  public CustomerContextAccessTokenEnhancer(UserService<User> userService, TokenEnhancerUtility tokenEnhancerUtility, ApplicationService<Application> applicationService)
Method Details
- enhance
  
  public void enhance(JwtTokenEnhancerContext context)
  
  Description copied from interface: JwtAccessTokenEnhancer
  
  Evaluate the authentication and add claims as necessary. A JwtTokenEnhancerContext contains User and client authentication tokens, authorization tokens, and access token claims.
  
  Parameters:
  
  context - The JwtTokenEnhancerContext to evaluate.
- isAssignedToApplication
  
  protected boolean isAssignedToApplication(User user)
- setCustomerContextIds
  
  protected void setCustomerContextIds(Collection<String> customerContextIds, JwtTokenEnhancerContext context)
- addCustomerContextIds
  
  protected void addCustomerContextIds(JwtTokenEnhancerContext context, Collection<String> customerContextIds)
- getApplicationService
  
  protected ApplicationService<Application> getApplicationService()

Class CustomerContextAccessTokenEnhancer

Field Summary

Fields inherited from interface org.springframework.core.Ordered

Constructor Summary

Method Summary

Methods inherited from class com.broadleafcommerce.auth.user.session.token.enhancer.AbstractUserAccessTokenEnhancer

Methods inherited from class java.lang.Object

Methods inherited from interface com.broadleafcommerce.auth.user.session.token.enhancer.JwtAccessTokenEnhancer

Constructor Details

CustomerContextAccessTokenEnhancer

Method Details

enhance

isAssignedToApplication

setCustomerContextIds

addCustomerContextIds

getApplicationService