Package com.broadleafcommerce.auth.user.session.token.enhancer

Class UserRestrictionAccessTokenEnhancer

java.lang.Object

com.broadleafcommerce.auth.user.session.token.enhancer.AbstractUserAccessTokenEnhancer

com.broadleafcommerce.auth.user.session.token.enhancer.UserRestrictionAccessTokenEnhancer

All Implemented Interfaces:

JwtAccessTokenEnhancer, org.springframework.core.Ordered

public class UserRestrictionAccessTokenEnhancer
extends AbstractUserAccessTokenEnhancer

Token enhancer that includes user restrictions and restricted authorities within the token.

Author:

Nick Crum (ncrum)

Field Summary

Fields inherited from interface org.springframework.core.Ordered

HIGHEST_PRECEDENCE, LOWEST_PRECEDENCE

Constructor Summary

Constructors

Constructor	Description
UserRestrictionAccessTokenEnhancer(UserService<User> userService, TokenEnhancerUtility tokenEnhancerUtility, PermissionRepository permissionRepository, SecurityService securityService)

Method Summary

Modifier and Type	Method	Description
void	enhance(JwtTokenEnhancerContext context)	Evaluate the authentication and add claims as necessary.
protected PermissionRepository	getPermissionRepository()
protected Map<String,Map<String,Set<String>>>	getRestrictedAuthoritiesInScopes(Map<String,Map<String,Set<String>>> restrictionTypeAndTargetsByPermissionName, Set<String> scopes)	Gets the restricted authorities that are in scope.
protected SecurityService	getSecurityService()
protected OAuth2UserDetails	getUserDetails(org.springframework.security.core.Authentication sessionToken)
protected boolean	isSupportedUserDetails(Object principal)

Methods inherited from class com.broadleafcommerce.auth.user.session.token.enhancer.AbstractUserAccessTokenEnhancer

getSessionToken, getTokenEnhancerUtility, getUser, getUserService, isAnonymousCsrImpersonation, isClientOnly, shouldEnhance

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Methods inherited from interface com.broadleafcommerce.auth.user.session.token.enhancer.JwtAccessTokenEnhancer

getOrder

Constructor Details

UserRestrictionAccessTokenEnhancer

public UserRestrictionAccessTokenEnhancer(UserService<User> userService,
 TokenEnhancerUtility tokenEnhancerUtility,
 PermissionRepository permissionRepository,
 SecurityService securityService)

Method Details

enhance

public void enhance(JwtTokenEnhancerContext context)

Description copied from interface: JwtAccessTokenEnhancer

Evaluate the authentication and add claims as necessary. A JwtTokenEnhancerContext contains User and client authentication tokens, authorization tokens, and access token claims.

Parameters:

context - The JwtTokenEnhancerContext to evaluate.

getRestrictedAuthoritiesInScopes

protected Map<String,Map<String,Set<String>>> getRestrictedAuthoritiesInScopes(Map<String,Map<String,Set<String>>> restrictionTypeAndTargetsByPermissionName,
 Set<String> scopes)

Gets the restricted authorities that are in scope.

Parameters:

restrictionTypeAndTargetsByPermissionName - a map of restricted authorities

scopes - Scopes to filter the restricted authorities by

Returns:

a map of restricted authorities that are in the given scopes

getUserDetails

@Nullable
protected OAuth2UserDetails getUserDetails(org.springframework.security.core.Authentication sessionToken)

isSupportedUserDetails

protected boolean isSupportedUserDetails(Object principal)

getPermissionRepository

protected PermissionRepository getPermissionRepository()

getSecurityService

protected SecurityService getSecurityService()