Class AuthenticationController

java.lang.Object
com.broadleafcommerce.auth.user.web.endpoint.AuthenticationController

@FrameworkController public class AuthenticationController extends Object
Author:
Nathan Moore (nathanmoore).
  • Field Details

  • Constructor Details

  • Method Details

    • getOath2AuthenticationProviders

      @Deprecated(forRemoval=true, since="1.8.7") protected Map<String,List<OAuth2IdentityProvider>> getOath2AuthenticationProviders()
      Deprecated, for removal: This API element is subject to removal in a future version.
      in favor of oauth2AuthenticationProviders. (This method is misspelled.)
    • getLoginView

      @FrameworkGetMapping(path="/login") public String getLoginView(org.springframework.ui.Model model, @RequestParam("client_id") String clientId)
    • getLoginErrorView

      @FrameworkGetMapping(path="/login", params="error=true") public String getLoginErrorView(org.springframework.ui.Model model, @RequestParam("client_id") String clientId)
    • getPwResetEmailView

      @FrameworkGetMapping("/request-password-reset") public String getPwResetEmailView(org.springframework.ui.Model model, @RequestParam(value="returnTo",required=false) String redirectUrl, @RequestParam(defaultValue="false") boolean credentialsExpired, @RequestParam("client_id") String clientId)
    • processPwResetEmailRequest

      @FrameworkPostMapping("/request-password-reset") public String processPwResetEmailRequest(org.springframework.ui.Model model, @RequestParam(value="returnTo",required=false) String redirectUrl, @RequestParam("username") String username, @RequestParam("client_id") String clientId)
    • getResetPasswordSuccessView

      @FrameworkGetMapping(path="/reset-password-confirmation") public String getResetPasswordSuccessView(@RequestParam("client_id") String clientId)
    • getResetPasswordView

      @FrameworkGetMapping("/reset-password") public org.springframework.web.servlet.ModelAndView getResetPasswordView(org.springframework.ui.Model model, @RequestParam(value="returnTo",required=false) String redirectUrl, @RequestParam("client_id") String clientId)
    • processResetPasswordRequest

      @FrameworkPostMapping("/reset-password") public org.springframework.web.servlet.ModelAndView processResetPasswordRequest(jakarta.servlet.http.HttpServletRequest request, jakarta.servlet.http.HttpServletResponse response, org.springframework.ui.Model model, @ModelAttribute ResetPasswordForm resetPasswordForm, @RequestParam(value="returnTo",required=false) String redirectUrl, org.springframework.web.servlet.mvc.support.RedirectAttributes redirectAttributes, org.springframework.validation.BindingResult errors)
    • getOauth2AuthenticationProviders

      protected List<OAuth2IdentityProvider> getOauth2AuthenticationProviders(@NonNull @NonNull AuthorizedClient client)
      Looks at the ClientRegistrations to determine which providers are configured and then cross-checks that with the ClientIdentityProviderProperties.ClientProperties for the appropriate type of AuthorizedClient that is making a request, either admin or commerce, to filter the registered identity providers that are appropriate to show the user.
      Parameters:
      client - The requesting AuthorizedClient.
      Returns:
      A list of OAuth2IdentityProvider to add to the request model.
      See Also:
      • which is used for caching the result.
    • getClientProps

      protected ClientIdentityProviderProperties.ClientProperties getClientProps(@NonNull @NonNull AuthorizedClient client)
      See Also:
    • getAuthenticationProviderCacheKey

      protected String getAuthenticationProviderCacheKey(@NonNull @NonNull AuthorizedClient client)
      See Also:
    • getOath2AuthenticationProviders

      @Deprecated(forRemoval=true, since="1.8.7") protected List<OAuth2IdentityProvider> getOath2AuthenticationProviders(@NonNull @NonNull ClientIdentityProviderProperties.ClientProperties properties, boolean isAdmin)
      Deprecated, for removal: This API element is subject to removal in a future version.
      in favor of getOauth2AuthenticationProviders(AuthorizedClient). The new method takes the client id into account to ensure correct caching. Before, all commerce clients were using the same cache entry.
    • determineLoggedInReturnUrl

      protected String determineLoggedInReturnUrl(String clientId, String redirectUrl)
    • canRedirectToRequestedUrl

      protected boolean canRedirectToRequestedUrl(String clientId, String requestedRedirectUrl)
    • isRequestedRedirectUrlValid

      protected boolean isRequestedRedirectUrlValid(@Nullable String clientId, @NonNull @NonNull String requestedRedirectUrl)
    • getDefaultRedirectUrlForClient

      @Nullable protected String getDefaultRedirectUrlForClient(String clientId)
    • getChangePasswordView

      @FrameworkGetMapping("/change-password") public org.springframework.web.servlet.ModelAndView getChangePasswordView(org.springframework.ui.Model model, @ModelAttribute ChangePasswordForm changePasswordForm, @RequestParam(value="returnTo",required=false) String redirectUrl)
    • processChangePasswordRequest

      @FrameworkPostMapping("/change-password") public org.springframework.web.servlet.ModelAndView processChangePasswordRequest(jakarta.servlet.http.HttpServletRequest request, @ModelAttribute ChangePasswordForm changePasswordForm, @RequestParam(value="returnTo",required=false) String redirectUrl, org.springframework.validation.BindingResult errors, org.springframework.ui.Model model, jakarta.servlet.http.HttpServletResponse httpServletResponse)
    • determineChangePasswordSuccessfulRedirectUrl

      protected String determineChangePasswordSuccessfulRedirectUrl(ChangePasswordForm changePasswordForm, String requestedRedirectUrl)
    • getChangePasswordSuccessView

      @FrameworkGetMapping(path="/change-password-confirmation") public String getChangePasswordSuccessView()
    • getUserPasswordService

      protected UserPasswordService<PasswordToken,User> getUserPasswordService()
    • getRedirectService

      protected ClientRedirectService getRedirectService()
    • getLoginService

      protected UserLoginService getLoginService()
    • getProperties

      protected UserLoginProperties getProperties()
    • getClientService

      protected AuthorizedClientService<AuthorizedClient> getClientService()
    • getClientProperties

      protected ClientIdentityProviderProperties getClientProperties()
    • getClientRegistrationRepository

      protected BroadleafClientRegistrationRepository getClientRegistrationRepository()
    • getTypeFactory

      protected com.broadleafcommerce.common.extension.TypeFactory getTypeFactory()
    • getOauth2AuthenticationProviders

      protected Map<String,List<OAuth2IdentityProvider>> getOauth2AuthenticationProviders()
      Provides caching by the type of authorized client for the appropriate OAuth2IdentityProvider for it.
      See Also: