Package com.broadleafcommerce.auth.user.session.token.enhancer

Class AccountIdAccessTokenEnhancer

java.lang.Object

com.broadleafcommerce.auth.user.session.token.enhancer.AbstractUserAccessTokenEnhancer

com.broadleafcommerce.auth.user.session.token.enhancer.AccountIdAccessTokenEnhancer

All Implemented Interfaces:

JwtAccessTokenEnhancer, org.springframework.core.Ordered

public class AccountIdAccessTokenEnhancer
extends AbstractUserAccessTokenEnhancer

Responsible for validating and adding the "acct_id" claim to the token. A user is defined as a member of an account if they have at least one role for that account.

Field Summary

Fields

Modifier and Type	Field	Description
static final String	ACCOUNT_ID_CLAIM
static final String	PARENT_ACCOUNTS_CLAIM
static final String	PERSONAL

Fields inherited from interface org.springframework.core.Ordered

HIGHEST_PRECEDENCE, LOWEST_PRECEDENCE

Constructor Summary

Constructors

Constructor	Description
AccountIdAccessTokenEnhancer(UserService<User> userService, TokenEnhancerUtility tokenEnhancerUtility, AccountAncestorService accountAncestorService)

Method Summary

Modifier and Type	Method	Description
void	enhance(JwtTokenEnhancerContext context)	Evaluate the authentication and add claims as necessary.
protected AccountAncestorService	getAccountAncestorService()
protected Optional<String>	getRequestAccountId(JwtTokenEnhancerContext context)	Looks for an account ID on the request.

Methods inherited from class com.broadleafcommerce.auth.user.session.token.enhancer.AbstractUserAccessTokenEnhancer

getSessionToken, getTokenEnhancerUtility, getUser, getUserService, isAnonymousCsrImpersonation, isClientOnly, shouldEnhance

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Methods inherited from interface com.broadleafcommerce.auth.user.session.token.enhancer.JwtAccessTokenEnhancer

getOrder

Field Details

ACCOUNT_ID_CLAIM

public static final String ACCOUNT_ID_CLAIM

See Also:

• Constant Field Values

PARENT_ACCOUNTS_CLAIM

public static final String PARENT_ACCOUNTS_CLAIM

See Also:

• Constant Field Values

PERSONAL

public static final String PERSONAL

See Also:

• Constant Field Values

Constructor Details

AccountIdAccessTokenEnhancer

public AccountIdAccessTokenEnhancer(UserService<User> userService,
 TokenEnhancerUtility tokenEnhancerUtility,
 AccountAncestorService accountAncestorService)

Method Details

enhance

public void enhance(JwtTokenEnhancerContext context)

Description copied from interface: JwtAccessTokenEnhancer

Evaluate the authentication and add claims as necessary. A JwtTokenEnhancerContext contains User and client authentication tokens, authorization tokens, and access token claims.

Parameters:

context - The JwtTokenEnhancerContext to evaluate.

getRequestAccountId

protected Optional<String> getRequestAccountId(JwtTokenEnhancerContext context)

Looks for an account ID on the request. If it exists, it is returned. Otherwise, if the user has a default account ID, that is returned.

Parameters:

context - The JwtTokenEnhancerContext object passed to JwtAccessTokenEnhancer.enhance(JwtTokenEnhancerContext).

Returns:

The accountId requested or Optional.empty().

getAccountAncestorService

protected AccountAncestorService getAccountAncestorService()