Class EmbeddedAuthenticationController
java.lang.Object
com.broadleafcommerce.auth.user.web.endpoint.EmbeddedAuthenticationController
@FrameworkRestController
@ConditionalOnProperty("broadleaf.auth.login.embedded.enabled")
public class EmbeddedAuthenticationController
extends Object
- Author:
- Nathan Moore (nathandmoore)
-
Nested Class Summary
Nested ClassesModifier and TypeClassDescriptionstatic final classRepresents a request to get an email with a link to reset a user's password. -
Constructor Summary
ConstructorsConstructorDescriptionEmbeddedAuthenticationController(UserPasswordService<PasswordToken, User> userPasswordService, UserLoginProperties properties, UserLoginService loginService, AuthorizationServerService<AuthorizationServer> authorizationServerService, AuthorizedClientService<AuthorizedClient> authorizedClientService) -
Method Summary
Modifier and TypeMethodDescriptionprotected AuthorizationServerService<AuthorizationServer>protected AuthorizedClientService<AuthorizedClient>protected UserLoginServiceprotected UserLoginPropertiesprotected UserPasswordService<PasswordToken,User> org.springframework.http.ResponseEntity<Void>processChangePasswordRequest(jakarta.servlet.http.HttpServletRequest request, jakarta.servlet.http.HttpServletResponse response, ChangePasswordForm changePasswordForm) org.springframework.http.ResponseEntity<Void>processPwResetEmailRequest(String clientId, EmbeddedAuthenticationController.PasswordResetEmailRequest request) org.springframework.http.ResponseEntity<Void>processResetPasswordRequest(jakarta.servlet.http.HttpServletRequest request, jakarta.servlet.http.HttpServletResponse response, ResetPasswordForm resetPasswordForm) protected voidvalidateClientId(String clientId) Validates the client ID and ensure that the request is allowed for it.
-
Constructor Details
-
EmbeddedAuthenticationController
public EmbeddedAuthenticationController(UserPasswordService<PasswordToken, User> userPasswordService, UserLoginProperties properties, UserLoginService loginService, AuthorizationServerService<AuthorizationServer> authorizationServerService, AuthorizedClientService<AuthorizedClient> authorizedClientService)
-
-
Method Details
-
processPwResetEmailRequest
@FrameworkPostMapping(path="/embedded/request-password-reset", consumes="application/x-www-form-urlencoded") public org.springframework.http.ResponseEntity<Void> processPwResetEmailRequest(@RequestParam("client_id") String clientId, EmbeddedAuthenticationController.PasswordResetEmailRequest request) -
processResetPasswordRequest
@FrameworkPostMapping(path="/embedded/reset-password", consumes="application/x-www-form-urlencoded") public org.springframework.http.ResponseEntity<Void> processResetPasswordRequest(jakarta.servlet.http.HttpServletRequest request, jakarta.servlet.http.HttpServletResponse response, ResetPasswordForm resetPasswordForm) -
processChangePasswordRequest
@FrameworkPostMapping(value="/embedded/change-password", consumes="application/x-www-form-urlencoded") public org.springframework.http.ResponseEntity<Void> processChangePasswordRequest(jakarta.servlet.http.HttpServletRequest request, jakarta.servlet.http.HttpServletResponse response, ChangePasswordForm changePasswordForm) -
validateClientId
Validates the client ID and ensure that the request is allowed for it.- Parameters:
clientId- ID of theAuthorizedClientfrom which the request for a user operation is being made.- Throws:
ClientValidationException- when the client ID is missing, the client doesn't exist, the parent auth server doesn't exist, or the auth server doesn't allow embedded authentication form submissions
-
getUserPasswordService
-
getProperties
-
getLoginService
-
getAuthorizationServerService
-
getAuthorizedClientService
-