Class DefaultJwtTokenCustomizer

java.lang.Object
com.broadleafcommerce.auth.user.session.token.enhancer.DefaultJwtTokenCustomizer
All Implemented Interfaces:
org.springframework.security.oauth2.server.authorization.token.OAuth2TokenCustomizer<org.springframework.security.oauth2.server.authorization.token.JwtEncodingContext>

public class DefaultJwtTokenCustomizer extends Object implements org.springframework.security.oauth2.server.authorization.token.OAuth2TokenCustomizer<org.springframework.security.oauth2.server.authorization.token.JwtEncodingContext>
An OAuth2TokenCustomizer for JwtEncodingContext that delegates to a list of JwtAccessTokenEnhancers.

This is used by JwtGenerator.

Author:
Cade Rea (cade-rea)
  • Constructor Details

  • Method Details

    • customize

      public void customize(org.springframework.security.oauth2.server.authorization.token.JwtEncodingContext context)
      Specified by:
      customize in interface org.springframework.security.oauth2.server.authorization.token.OAuth2TokenCustomizer<org.springframework.security.oauth2.server.authorization.token.JwtEncodingContext>
    • shouldApplyAccessTokenEnhancers

      protected boolean shouldApplyAccessTokenEnhancers(org.springframework.security.oauth2.server.authorization.token.JwtEncodingContext context)
      JwtGenerator indiscriminately invokes this customizer component for all the token types it supports, which includes OidcParameterNames.ID_TOKEN.

      Thus, to ensure the JwtAccessTokenEnhancers are only invoked for access tokens, we perform this check.

      Parameters:
      context - the JwtEncodingContext provided by JwtGenerator
      Returns:
      true if the access token enhancers should be applied, false otherwise
    • applyAccessTokenEnhancers

      protected void applyAccessTokenEnhancers(org.springframework.security.oauth2.server.authorization.token.JwtEncodingContext context)
    • getAccessTokenEnhancers

      protected List<JwtAccessTokenEnhancer> getAccessTokenEnhancers()