Package com.broadleafcommerce.auth.user.session.token.enhancer

Class DefaultJwtTokenCustomizer

java.lang.Object

com.broadleafcommerce.auth.user.session.token.enhancer.DefaultJwtTokenCustomizer

All Implemented Interfaces:

org.springframework.security.oauth2.server.authorization.token.OAuth2TokenCustomizer<org.springframework.security.oauth2.server.authorization.token.JwtEncodingContext>

public class DefaultJwtTokenCustomizer
extends Object
implements org.springframework.security.oauth2.server.authorization.token.OAuth2TokenCustomizer<org.springframework.security.oauth2.server.authorization.token.JwtEncodingContext>

An OAuth2TokenCustomizer for JwtEncodingContext that delegates to a list of JwtAccessTokenEnhancers.

This is used by JwtGenerator.

Author:

Cade Rea (cade-rea)

Constructor Summary

Constructors

Constructor	Description
DefaultJwtTokenCustomizer(List<JwtAccessTokenEnhancer> accessTokenEnhancers)

Method Summary

Modifier and Type	Method	Description
protected void	applyAccessTokenEnhancers(org.springframework.security.oauth2.server.authorization.token.JwtEncodingContext context)
void	customize(org.springframework.security.oauth2.server.authorization.token.JwtEncodingContext context)
protected List<JwtAccessTokenEnhancer>	getAccessTokenEnhancers()
protected boolean	shouldApplyAccessTokenEnhancers(org.springframework.security.oauth2.server.authorization.token.JwtEncodingContext context)	JwtGenerator indiscriminately invokes this customizer component for all the token types it supports, which includes OidcParameterNames.ID_TOKEN.

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Constructor Details

DefaultJwtTokenCustomizer

public DefaultJwtTokenCustomizer(List<JwtAccessTokenEnhancer> accessTokenEnhancers)

Method Details

customize

public void customize(org.springframework.security.oauth2.server.authorization.token.JwtEncodingContext context)

Specified by:

customize in interface org.springframework.security.oauth2.server.authorization.token.OAuth2TokenCustomizer<org.springframework.security.oauth2.server.authorization.token.JwtEncodingContext>

shouldApplyAccessTokenEnhancers

protected boolean shouldApplyAccessTokenEnhancers(org.springframework.security.oauth2.server.authorization.token.JwtEncodingContext context)

JwtGenerator indiscriminately invokes this customizer component for all the token types it supports, which includes OidcParameterNames.ID_TOKEN.

Thus, to ensure the JwtAccessTokenEnhancers are only invoked for access tokens, we perform this check.

Parameters:

context - the JwtEncodingContext provided by JwtGenerator

Returns:

true if the access token enhancers should be applied, false otherwise

applyAccessTokenEnhancers

protected void applyAccessTokenEnhancers(org.springframework.security.oauth2.server.authorization.token.JwtEncodingContext context)

getAccessTokenEnhancers

protected List<JwtAccessTokenEnhancer> getAccessTokenEnhancers()