Package com.broadleafcommerce.auth.user.session.token.enhancer

Class UserRestrictionAccessTokenEnhancer

java.lang.Object

com.broadleafcommerce.auth.user.session.token.enhancer.AbstractUserAccessTokenEnhancer

com.broadleafcommerce.auth.user.session.token.enhancer.UserRestrictionAccessTokenEnhancer

All Implemented Interfaces:

JwtAccessTokenEnhancer, org.springframework.core.Ordered

public class UserRestrictionAccessTokenEnhancer
extends AbstractUserAccessTokenEnhancer

Token enhancer that includes user restrictions and restricted authorities within the token.

Author:

Nick Crum (ncrum)

Field Summary

Fields inherited from interface org.springframework.core.Ordered

HIGHEST_PRECEDENCE, LOWEST_PRECEDENCE

Constructor Summary

Constructors

Constructor	Description
UserRestrictionAccessTokenEnhancer(UserService<User> userService, TokenEnhancerUtility tokenEnhancerUtility, PermissionRepository permissionRepository, SecurityService securityService)

Method Summary

Modifier and Type	Method	Description
void	enhance(JwtTokenEnhancerContext context)	Evaluate the authentication and add claims as necessary.
protected PermissionRepository	getPermissionRepository()
protected SecurityService	getSecurityService()
protected OAuth2UserDetails	getUserDetails(org.springframework.security.core.Authentication sessionToken)

Methods inherited from class com.broadleafcommerce.auth.user.session.token.enhancer.AbstractUserAccessTokenEnhancer

getSessionToken, getTokenEnhancerUtility, getUser, getUserContext, getUserIdFromSession, getUserService, isAnonymousCsrImpersonation, isClientOnly, setUserContext, shouldEnhance

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Methods inherited from interface com.broadleafcommerce.auth.user.session.token.enhancer.JwtAccessTokenEnhancer

getOrder

Constructor Details

UserRestrictionAccessTokenEnhancer

public UserRestrictionAccessTokenEnhancer(UserService<User> userService,
 TokenEnhancerUtility tokenEnhancerUtility,
 PermissionRepository permissionRepository,
 SecurityService securityService)

Method Details

enhance

public void enhance(JwtTokenEnhancerContext context)

Description copied from interface: JwtAccessTokenEnhancer

Evaluate the authentication and add claims as necessary. A JwtTokenEnhancerContext contains User and client authentication tokens, authorization tokens, and access token claims.

Parameters:

context - The JwtTokenEnhancerContext to evaluate.

getUserDetails

@Nullable
protected OAuth2UserDetails getUserDetails(org.springframework.security.core.Authentication sessionToken)

getPermissionRepository

protected PermissionRepository getPermissionRepository()

getSecurityService

protected SecurityService getSecurityService()