Class AbstractAuthenticationStrategyDelegate<T extends org.springframework.security.core.Authentication>
java.lang.Object
com.broadleafcommerce.auth.user.web.authentication.session.AbstractAuthenticationStrategyDelegate<T>
- All Implemented Interfaces:
AuthenticationStrategyDelegate
- Direct Known Subclasses:
AbstractOAuthClientAuthenticationStrategyDelegate
@Order(0)
public abstract class AbstractAuthenticationStrategyDelegate<T extends org.springframework.security.core.Authentication>
extends Object
implements AuthenticationStrategyDelegate
Abstract
AuthenticationStrategyDelegate
for converting Authentication
to
OAuth2UserDetails
. This class handles registering new users if necessary. Child classes
should implement the abstract methods to map required fields from their specific Authentication
token.- Author:
- Cade Rea (cade-rea)
-
Constructor Summary
ConstructorDescriptionAbstractAuthenticationStrategyDelegate
(OAuth2UserDetailsService oAuth2UserDetailsService, UserRegistrationService<User> registrationService, AuthRegistrationProperties registrationProperties, AuthorizedClientService<AuthorizedClient> clientService, ClientIdentityProviderProperties clientProperties, com.broadleafcommerce.common.extension.TypeFactory typeFactory, PasswordGenerator passwordGenerator) -
Method Summary
Modifier and TypeMethodDescriptionprotected abstract String
buildUsername
(T authentication) Build a username from the authentication token.protected UserRegistration
buildUserRegistration
(T authentication, String clientId, String username) Build aUserRegistration
from the authentication token.protected String
Create a random password for the User.protected AuthorizedClient
getAuthorizedClient
(String clientId) Fetches anAuthorizedClient
for the givenclientId
.protected abstract String
getClientId
(T authentication) Get the Broadleaf Client Id from the authentication tokenprotected ClientIdentityProviderProperties
protected AuthorizedClientService<AuthorizedClient>
protected abstract String
Get the user's email address from the authentication token.protected abstract String
Get the user's name from the authentication tokengetOAuth2UserDetails
(@NonNull org.springframework.security.core.Authentication authentication) Get the clientId and username from the token to load from the database.protected OAuth2UserDetailsService
protected PasswordGenerator
protected AuthRegistrationProperties
protected UserRegistrationService<User>
protected com.broadleafcommerce.common.extension.TypeFactory
protected String
getUsername
(T authentication, boolean emailAsUsername) Get the username from the authentication token.protected String
getUserType
(String clientId) Determines the appropriate type of user for theAuthorizedClient
matching the givenclientId
.protected boolean
isAutoRegister
(String clientId) Check the client service and properties to determine if auto registration for new users is enabledprotected void
registerNewUser
(T authentication, String clientId, String username) Register a new user if allowed.Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
Methods inherited from interface com.broadleafcommerce.auth.user.web.authentication.session.AuthenticationStrategyDelegate
canHandle
-
Constructor Details
-
AbstractAuthenticationStrategyDelegate
public AbstractAuthenticationStrategyDelegate(OAuth2UserDetailsService oAuth2UserDetailsService, UserRegistrationService<User> registrationService, AuthRegistrationProperties registrationProperties, AuthorizedClientService<AuthorizedClient> clientService, ClientIdentityProviderProperties clientProperties, com.broadleafcommerce.common.extension.TypeFactory typeFactory, PasswordGenerator passwordGenerator)
-
-
Method Details
-
getClientId
Get the Broadleaf Client Id from the authentication token- Parameters:
authentication
-- Returns:
-
getEmail
Get the user's email address from the authentication token.- Parameters:
authentication
-- Returns:
-
getName
Get the user's name from the authentication token- Parameters:
authentication
-- Returns:
-
buildUsername
Build a username from the authentication token.- Parameters:
authentication
-- Returns:
-
getOAuth2UserDetails
public OAuth2UserDetails getOAuth2UserDetails(@NonNull @NonNull org.springframework.security.core.Authentication authentication) Get the clientId and username from the token to load from the database. Register new users if necessary and allowed.- Specified by:
getOAuth2UserDetails
in interfaceAuthenticationStrategyDelegate
- Parameters:
authentication
- The authentication token- Returns:
OAuth2UserDetails
for the givenauthentication
token
-
registerNewUser
Register a new user if allowed.- Parameters:
authentication
- The authentication token for the userclientId
- The ID of the client to authenticate withusername
- The username of the user
-
isAutoRegister
Check the client service and properties to determine if auto registration for new users is enabled- Parameters:
clientId
- ID of theAuthorizedClient
a user is trying to authenticate with- Returns:
- Whether the client allows auto-registering new users when they sign in.
-
getAuthorizedClient
Fetches anAuthorizedClient
for the givenclientId
.- Parameters:
clientId
- The ID of the client to fetch- Returns:
- The client matching
clientId
- Throws:
com.broadleafcommerce.data.tracking.core.exception.EntityMissingException
- if no client is found
-
getUsername
Get the username from the authentication token. This could be a username or email address, depending on the emailAsUsername parameter- Parameters:
authentication
- The user'sAuthentication
.emailAsUsername
- Whether the user's email is also the username- Returns:
- The user's username
-
buildUserRegistration
protected UserRegistration buildUserRegistration(@NonNull T authentication, String clientId, String username) Build aUserRegistration
from the authentication token.- Parameters:
authentication
- The user'sAuthentication
.clientId
- The ID of the client authenticated withusername
- The username of the user- Returns:
- The
UserRegistration
for the user.
-
generateRandomPassword
Create a random password for the User.- Returns:
- a secure, random String
-
getUserType
Determines the appropriate type of user for theAuthorizedClient
matching the givenclientId
.- Parameters:
clientId
- The ID of the client to check the user's type against- Returns:
- The type of the user given the type of the
AuthorizedClient
matchingclientId
.
-
getOAuth2UserDetailsService
-
getRegistrationService
-
getRegistrationProperties
-
getClientService
-
getClientProperties
-
getTypeFactory
protected com.broadleafcommerce.common.extension.TypeFactory getTypeFactory() -
getPasswordGenerator
-