Package com.broadleafcommerce.auth.user.web.endpoint

Class ImpersonationEndpoint

java.lang.Object

com.broadleafcommerce.auth.user.web.endpoint.ImpersonationEndpoint

@FrameworkController
public class ImpersonationEndpoint
extends Object

Author:

Nick Crum (ncrum)

Field Summary

Fields

Modifier and Type	Field	Description
static final String	CONSUME_TOKEN_PATH
static final String	IMPERSONATE_PATH

Constructor Summary

Constructors

Constructor	Description
ImpersonationEndpoint(ImpersonationService impersonationService, ImpersonationRequestValidator requestValidator, OAuth2UserDetailsService userDetailsService, StatelessUtil statelessUtil)

Method Summary

Modifier and Type	Method	Description
protected void	addSessionCookie(jakarta.servlet.http.HttpServletResponse response, ImpersonationRequestToken impersonationRequest, OAuth2UserDetails impersonatedUser)
org.springframework.web.servlet.ModelAndView	consumeToken(jakarta.servlet.http.HttpServletResponse response, String token)
protected OAuth2UserDetails	getCsrUser(String clientId, String csrId)
protected String	getCsrUserId(org.springframework.security.core.Authentication authentication)
protected OAuth2UserDetails	getUserToImpersonate(String clientId, String username)
String	impersonate(jakarta.servlet.http.HttpServletRequest request, jakarta.servlet.http.HttpServletResponse response, ImpersonationRequest impersonationRequest, org.springframework.security.core.Authentication authentication)
String	impersonateSelf(jakarta.servlet.http.HttpServletRequest request, jakarta.servlet.http.HttpServletResponse response, ImpersonationRequest impersonationRequest, org.springframework.security.core.Authentication authentication)
protected OAuth2UserDetails	loadAnonymousCsrUser(String clientId)

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Field Details

CONSUME_TOKEN_PATH

public static final String CONSUME_TOKEN_PATH

See Also:

• Constant Field Values

IMPERSONATE_PATH

public static final String IMPERSONATE_PATH

See Also:

• Constant Field Values

Constructor Details

ImpersonationEndpoint

public ImpersonationEndpoint(ImpersonationService impersonationService,
 ImpersonationRequestValidator requestValidator,
 OAuth2UserDetailsService userDetailsService,
 StatelessUtil statelessUtil)

Method Details

impersonate

@FrameworkGetMapping("/impersonate")
@PreAuthorize("isAuthenticated() and hasAuthority(\'ALL_IMPERSONATE\')")
public String impersonate(jakarta.servlet.http.HttpServletRequest request,
 jakarta.servlet.http.HttpServletResponse response,
 ImpersonationRequest impersonationRequest,
 org.springframework.security.core.Authentication authentication)

impersonateSelf

@FrameworkGetMapping(value="/impersonate",
                     params="impersonate_self=true")
@PreAuthorize("isAuthenticated() and hasAuthority(\'ALL_IMPERSONATE\')")
public String impersonateSelf(jakarta.servlet.http.HttpServletRequest request,
 jakarta.servlet.http.HttpServletResponse response,
 ImpersonationRequest impersonationRequest,
 org.springframework.security.core.Authentication authentication)

consumeToken

@FrameworkGetMapping("/consume-token")
public org.springframework.web.servlet.ModelAndView consumeToken(jakarta.servlet.http.HttpServletResponse response,
 @RequestParam("signedJwt")
 String token)

getUserToImpersonate

protected OAuth2UserDetails getUserToImpersonate(String clientId,
 String username)

getCsrUser

protected OAuth2UserDetails getCsrUser(String clientId,
 String csrId)

loadAnonymousCsrUser

protected OAuth2UserDetails loadAnonymousCsrUser(String clientId)

addSessionCookie

protected void addSessionCookie(jakarta.servlet.http.HttpServletResponse response,
 ImpersonationRequestToken impersonationRequest,
 OAuth2UserDetails impersonatedUser)

getCsrUserId

protected String getCsrUserId(org.springframework.security.core.Authentication authentication)