Package com.broadleafcommerce.auth.user.session.token.enhancer

Class TokenEnhancerUtility

java.lang.Object

com.broadleafcommerce.auth.user.session.token.enhancer.TokenEnhancerUtility

public class TokenEnhancerUtility
extends Object

Utility to consolidate common operations performed in JwtAccessTokenEnhancer.

Constructor Summary

Constructors

Constructor	Description
TokenEnhancerUtility()

Method Summary

Modifier and Type	Method	Description
Optional<OAuth2SessionToken>	getSessionToken(org.springframework.security.core.Authentication userPrincipal)	Get the session token from the authentication token.
boolean	isAnonymousCsrImpersonation(JwtTokenEnhancerContext context)	Check whether the current authentication is a CSR impersonation of an anonymous user.
boolean	isClientOnly(JwtTokenEnhancerContext context)	Determine if the given JwtTokenEnhancerContext represents a "client-only" authorization.
boolean	isCsrImpersonatingSelf(org.springframework.security.core.Authentication userAuthentication)	In some flows, CSR will need access to log into the storefront without impersonating a specific customer or be anonymous.
boolean	isImpersonationSession(org.springframework.security.core.Authentication userPrincipal)	Checks the session to see if the user is a CSR in an impersonation flow.

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Constructor Details

TokenEnhancerUtility

public TokenEnhancerUtility()

Method Details

isClientOnly

public boolean isClientOnly(JwtTokenEnhancerContext context)

Determine if the given JwtTokenEnhancerContext represents a "client-only" authorization. A client-only authorization does not have a User. For example, the Client Credentials grant type would be client-only.

Parameters:

context - The JwtTokenEnhancerContext to evaluate.

Returns:

True if the given JwtTokenEnhancerContext is a client-only authorization, false otherwise.

isAnonymousCsrImpersonation

public boolean isAnonymousCsrImpersonation(JwtTokenEnhancerContext context)

Check whether the current authentication is a CSR impersonation of an anonymous user.

Parameters:

context - The JwtTokenEnhancerContext object passed to JwtAccessTokenEnhancer.enhance(JwtTokenEnhancerContext).

Returns:

True if the current authentication is a CSR impersonation of an anonymous user.

getSessionToken

public Optional<OAuth2SessionToken> getSessionToken(org.springframework.security.core.Authentication userPrincipal)

Get the session token from the authentication token.

Parameters:

userPrincipal - The OAuth2SessionAuthenticationToken of the User.

Returns:

An Optional with the OAuth2SessionToken if available, or empty.

isCsrImpersonatingSelf

public boolean isCsrImpersonatingSelf(org.springframework.security.core.Authentication userAuthentication)

In some flows, CSR will need access to log into the storefront without impersonating a specific customer or be anonymous. Instead, they need to be able to act as themselves, a service rep, to manage some data like Quotes. This method is used to detect these cases.

Returns:

Whether the currently authenticated user is a CSR acting on their own behalf.

isImpersonationSession

public boolean isImpersonationSession(org.springframework.security.core.Authentication userPrincipal)

Checks the session to see if the user is a CSR in an impersonation flow.

Parameters:

userPrincipal - The Authentication representing the User.

Returns:

Whether the current session is marked as for impersonation.