Class AbstractUserAccessTokenEnhancer
java.lang.Object
com.broadleafcommerce.auth.user.session.token.enhancer.AbstractUserAccessTokenEnhancer
- All Implemented Interfaces:
JwtAccessTokenEnhancer,org.springframework.core.Ordered
- Direct Known Subclasses:
AccountIdAccessTokenEnhancer,CustomerContextAccessTokenEnhancer,CustomerSegmentsAccessTokenEnhancer,TenantPropertiesAccessTokenEnhancer,UserAccessTokenEnhancer,UserRestrictionAccessTokenEnhancer
public abstract class AbstractUserAccessTokenEnhancer
extends Object
implements JwtAccessTokenEnhancer
Implementation of
JwtAccessTokenEnhancer with commonly useful functionality for accessing
User data. TokenEnhancer implementations that require access to the User should
extend this class and retrieve the user via the getUser(com.broadleafcommerce.auth.user.session.token.enhancer.JwtTokenEnhancerContext)
method.-
Field Summary
Fields inherited from interface org.springframework.core.Ordered
HIGHEST_PRECEDENCE, LOWEST_PRECEDENCE -
Constructor Summary
ConstructorsConstructorDescriptionAbstractUserAccessTokenEnhancer(UserService<User> userService, TokenEnhancerUtility tokenEnhancerUtility) -
Method Summary
Modifier and TypeMethodDescriptionprotected Optional<OAuth2SessionToken>getSessionToken(org.springframework.security.core.Authentication userPrincipal) Get thesession tokenfrom theauthentication token.protected TokenEnhancerUtilityprotected UsergetUser(JwtTokenEnhancerContext context) Retrieve the current authenticatedUser.protected UserService<User>protected booleanCheck whether the current authentication is a CSR impersonation of an anonymous user.protected booleanisClientOnly(JwtTokenEnhancerContext context) Whether the authorization in the context represents a client-only authorization.protected booleanshouldEnhance(JwtTokenEnhancerContext context) Whether the token should be enhanced.Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, waitMethods inherited from interface com.broadleafcommerce.auth.user.session.token.enhancer.JwtAccessTokenEnhancer
enhance, getOrder
-
Constructor Details
-
AbstractUserAccessTokenEnhancer
public AbstractUserAccessTokenEnhancer(UserService<User> userService, TokenEnhancerUtility tokenEnhancerUtility)
-
-
Method Details
-
getUser
Retrieve the current authenticatedUser. This method assumes that the user is logged in and exists.- Parameters:
context- TheJwtTokenEnhancerContextcontaining relevant information- Returns:
- The currently authenticated user.
- See Also:
-
isAnonymousCsrImpersonation
Check whether the current authentication is a CSR impersonation of an anonymous user.- Parameters:
context- TheJwtTokenEnhancerContextobject passed toJwtAccessTokenEnhancer.enhance(JwtTokenEnhancerContext).- Returns:
- True if the current authentication is a CSR impersonation of an anonymous user.
-
shouldEnhance
Whether the token should be enhanced.- Parameters:
context- TheJwtTokenEnhancerContextobject passed toJwtAccessTokenEnhancer.enhance(JwtTokenEnhancerContext).- Returns:
- True if this
JwtAccessTokenEnhancershould execute for the givenJwtTokenEnhancerContext.
-
isClientOnly
Whether the authorization in the context represents a client-only authorization. That is, an authorization without a User.- Parameters:
context- TheJwtTokenEnhancerContextobject passed toJwtAccessTokenEnhancer.enhance(JwtTokenEnhancerContext).- Returns:
- True if this context holds a client-only authorization.
-
getSessionToken
protected Optional<OAuth2SessionToken> getSessionToken(org.springframework.security.core.Authentication userPrincipal) Get thesession tokenfrom theauthentication token.- Parameters:
userPrincipal- TheOAuth2SessionAuthenticationTokenof the User.- Returns:
- An Optional with the
OAuth2SessionTokenif available, or empty.
-
getUserService
-
getTokenEnhancerUtility
-