Class EmbeddedAuthenticationController
java.lang.Object
com.broadleafcommerce.auth.user.web.endpoint.EmbeddedAuthenticationController
@FrameworkRestController
@ConditionalOnProperty("broadleaf.auth.login.embedded.enabled")
public class EmbeddedAuthenticationController
extends Object
- Author:
- Nathan Moore (nathandmoore)
-
Nested Class Summary
Modifier and TypeClassDescriptionstatic final class
Represents a request to get an email with a link to reset a user's password. -
Constructor Summary
ConstructorDescriptionEmbeddedAuthenticationController
(UserPasswordService<PasswordToken, User> userPasswordService, UserLoginProperties properties, UserLoginService loginService, AuthorizationServerService<AuthorizationServer> authorizationServerService, AuthorizedClientService<AuthorizedClient> authorizedClientService) -
Method Summary
Modifier and TypeMethodDescriptionprotected AuthorizationServerService<AuthorizationServer>
protected AuthorizedClientService<AuthorizedClient>
protected UserLoginService
protected UserLoginProperties
protected UserPasswordService<PasswordToken,
User> org.springframework.http.ResponseEntity<Void>
processChangePasswordRequest
(jakarta.servlet.http.HttpServletRequest request, jakarta.servlet.http.HttpServletResponse response, ChangePasswordForm changePasswordForm) org.springframework.http.ResponseEntity<Void>
processPwResetEmailRequest
(String clientId, EmbeddedAuthenticationController.PasswordResetEmailRequest request) org.springframework.http.ResponseEntity<Void>
processResetPasswordRequest
(jakarta.servlet.http.HttpServletRequest request, jakarta.servlet.http.HttpServletResponse response, ResetPasswordForm resetPasswordForm) protected void
validateClientId
(String clientId) Validates the client ID and ensure that the request is allowed for it.
-
Constructor Details
-
EmbeddedAuthenticationController
public EmbeddedAuthenticationController(UserPasswordService<PasswordToken, User> userPasswordService, UserLoginProperties properties, UserLoginService loginService, AuthorizationServerService<AuthorizationServer> authorizationServerService, AuthorizedClientService<AuthorizedClient> authorizedClientService)
-
-
Method Details
-
processPwResetEmailRequest
@FrameworkPostMapping(path="/embedded/request-password-reset", consumes="application/x-www-form-urlencoded") public org.springframework.http.ResponseEntity<Void> processPwResetEmailRequest(@RequestParam("client_id") String clientId, EmbeddedAuthenticationController.PasswordResetEmailRequest request) -
processResetPasswordRequest
@FrameworkPostMapping(path="/embedded/reset-password", consumes="application/x-www-form-urlencoded") public org.springframework.http.ResponseEntity<Void> processResetPasswordRequest(jakarta.servlet.http.HttpServletRequest request, jakarta.servlet.http.HttpServletResponse response, ResetPasswordForm resetPasswordForm) -
processChangePasswordRequest
@FrameworkPostMapping(value="/embedded/change-password", consumes="application/x-www-form-urlencoded") public org.springframework.http.ResponseEntity<Void> processChangePasswordRequest(jakarta.servlet.http.HttpServletRequest request, jakarta.servlet.http.HttpServletResponse response, ChangePasswordForm changePasswordForm) -
validateClientId
Validates the client ID and ensure that the request is allowed for it.- Parameters:
clientId
- ID of theAuthorizedClient
from which the request for a user operation is being made.- Throws:
ClientValidationException
- when the client ID is missing, the client doesn't exist, the parent auth server doesn't exist, or the auth server doesn't allow embedded authentication form submissions
-
getUserPasswordService
-
getProperties
-
getLoginService
-
getAuthorizationServerService
-
getAuthorizedClientService
-