Class CurrentUserCacheAccessTokenEnhancer
java.lang.Object
com.broadleafcommerce.auth.user.session.token.enhancer.CurrentUserCacheAccessTokenEnhancer
- All Implemented Interfaces:
JwtAccessTokenEnhancer,org.springframework.core.Ordered
Many access token enhancers need to obtain information from the
currently authenticated User.
To avoid having each of those enhancers read from the database multiple times, this early-ordered
component pre-fetches the User once and caches it in
JwtTokenEnhancerContext.getAdditionalContext(). Subsequent enhancers (typically
extensions of AbstractUserAccessTokenEnhancer) can then obtain the pre-fetched user from
there to get any information they need.
This component does not actually add any claims to the access token.
-
Field Summary
FieldsModifier and TypeFieldDescriptionstatic final StringThe key used by this component to store a value inJwtTokenEnhancerContext.getAdditionalContext()Fields inherited from interface org.springframework.core.Ordered
HIGHEST_PRECEDENCE, LOWEST_PRECEDENCE -
Constructor Summary
ConstructorsConstructorDescriptionCurrentUserCacheAccessTokenEnhancer(TokenEnhancerUtility tokenEnhancerUtility, UserService<User> userService) -
Method Summary
Modifier and TypeMethodDescriptionvoidenhance(JwtTokenEnhancerContext context) Evaluate the authentication and add claims as necessary.intgetOrder()protected Optional<OAuth2SessionToken>getSessionToken(org.springframework.security.core.Authentication userPrincipal) Get thesession tokenfrom theauthentication token.protected TokenEnhancerUtilityprotected StringgetUserIdFromSession(org.springframework.security.core.Authentication userPrincipal) Read theUserID from the session token.protected UserService<User>protected UserreadUser(org.springframework.security.core.Authentication userPrincipal)
-
Field Details
-
CURRENT_USER
The key used by this component to store a value inJwtTokenEnhancerContext.getAdditionalContext()- See Also:
-
-
Constructor Details
-
CurrentUserCacheAccessTokenEnhancer
public CurrentUserCacheAccessTokenEnhancer(TokenEnhancerUtility tokenEnhancerUtility, UserService<User> userService)
-
-
Method Details
-
enhance
Description copied from interface:JwtAccessTokenEnhancerEvaluate the authentication and add claims as necessary. AJwtTokenEnhancerContextcontains User and client authentication tokens, authorization tokens, and access token claims.- Specified by:
enhancein interfaceJwtAccessTokenEnhancer- Parameters:
context- TheJwtTokenEnhancerContextto evaluate.
-
readUser
-
getUserIdFromSession
@Nullable protected String getUserIdFromSession(org.springframework.security.core.Authentication userPrincipal) Read theUserID from the session token.- Parameters:
userPrincipal- The Authentication representing the User.- Returns:
- The User ID from the session token, or null if it is not available.
-
getSessionToken
protected Optional<OAuth2SessionToken> getSessionToken(org.springframework.security.core.Authentication userPrincipal) Get thesession tokenfrom theauthentication token.- Parameters:
userPrincipal- TheOAuth2SessionAuthenticationTokenof the User.- Returns:
- An Optional with the
OAuth2SessionTokenif available, or empty.
-
getOrder
public int getOrder()- Specified by:
getOrderin interfaceJwtAccessTokenEnhancer- Specified by:
getOrderin interfaceorg.springframework.core.Ordered
-
getTokenEnhancerUtility
-
getUserService
-