Package com.broadleafcommerce.data.tracking.core.policy.trackable.marketplace.vendor.support

Class AuthenticationVendorPrivilegesUtility

  • public class AuthenticationVendorPrivilegesUtility
extends Object
    Responsible for extracting information from an Authentication to determine its vendor privileges.

    • Field Detail

      • AUTH_DETAILS_RESTRICTIONS_KEY

        public static final String AUTH_DETAILS_RESTRICTIONS_KEY
        The name of the claim within the authentication that will hold its "restrictions". This is expected to be a map from "restriction type" (ex: 'VENDOR') to a list of "restriction targets" within that type (ex: 'vendorRefA', 'vendorRefB').

        If the authentication has no restrictions, it is considered unrestricted. If the authentication has restrictions, then it is considered to be restricted exclusively to the targets within the defined types.

        See Also:
        Constant Field Values

      • AUTH_DETAILS_RESTRICTED_AUTHORITIES_KEY

        public static final String AUTH_DETAILS_RESTRICTED_AUTHORITIES_KEY
        The name of the claim within the authentication that will hold its "restricted authorities". This is expected to be a map from an authority (ex: 'READ_PRODUCT') to another map where the keys are "restriction types" (ex: 'VENDOR') and values are "restriction targets" within that type that should get the authority.
        See Also:
        Constant Field Values

      • AUTH_DETAILS_VENDOR_RESTRICTION_TYPE

        public static final String AUTH_DETAILS_VENDOR_RESTRICTION_TYPE
        "restrictions" and "restricted authorities" both rely on a concept of "restriction type". This is the value of the restriction type used for vendors. It is used to obtain vendor-specific restriction and restricted authority data from the authentication.
        See Also:
        Constant Field Values

    • Constructor Detail

      • AuthenticationVendorPrivilegesUtility

        public AuthenticationVendorPrivilegesUtility​(com.broadleafcommerce.common.extension.TypeFactory typeFactory)

    • Method Detail

      • getVendorPrivileges

        public AuthenticationVendorPrivilegesSummary getVendorPrivileges​(@NonNull
                                                                 @NonNull org.springframework.security.core.Authentication authentication,
                                                                 @Nullable
                                                                 org.springframework.core.convert.converter.Converter<org.springframework.security.core.Authentication,​Map<String,​Object>> authenticationAttributesConverter)
        Extracts the summary of vendor privileges from the given authentication.
        Parameters:
        authentication - the Authentication from which to extract vendor privilege information
        authenticationAttributesConverter - a converter that can convert the authentication to a map of details
        Returns:
        details about the given authentication's vendor restrictions and authorities
        Throws:
        IllegalArgumentException - if the authentication details didn't match the expected structure
        See Also:
        AuthenticationVendorPrivilegesSummary

      • getTypeFactory

        protected com.broadleafcommerce.common.extension.TypeFactory getTypeFactory()