Class AuthenticationVendorPrivilegesUtility
- java.lang.Object
-
- com.broadleafcommerce.data.tracking.core.policy.trackable.marketplace.vendor.support.AuthenticationVendorPrivilegesUtility
-
public class AuthenticationVendorPrivilegesUtility extends Object
Responsible for extracting information from anAuthentication
to determine its vendor privileges.
-
-
Field Summary
Fields Modifier and Type Field Description static String
AUTH_DETAILS_RESTRICTED_AUTHORITIES_KEY
The name of the claim within the authentication that will hold its "restricted authorities".static String
AUTH_DETAILS_RESTRICTIONS_KEY
The name of the claim within the authentication that will hold its "restrictions".static String
AUTH_DETAILS_VENDOR_RESTRICTION_TYPE
"restrictions"
and"restricted authorities"
both rely on a concept of "restriction type".
-
Constructor Summary
Constructors Constructor Description AuthenticationVendorPrivilegesUtility(com.broadleafcommerce.common.extension.TypeFactory typeFactory)
-
Method Summary
All Methods Instance Methods Concrete Methods Modifier and Type Method Description protected AuthenticationVendorPrivilegesSummary
buildVendorRestrictionsSummary(boolean unrestricted, Set<String> allAuthorities, Set<String> restrictedVendorRefs, Map<String,Set<String>> vendorRefsByRestrictedAuthority)
protected com.broadleafcommerce.common.extension.TypeFactory
getTypeFactory()
AuthenticationVendorPrivilegesSummary
getVendorPrivileges(@NonNull org.springframework.security.core.Authentication authentication, org.springframework.core.convert.converter.Converter<org.springframework.security.core.Authentication,Map<String,Object>> authenticationAttributesConverter)
Extracts the summary of vendor privileges from the given authentication.
-
-
-
Field Detail
-
AUTH_DETAILS_RESTRICTIONS_KEY
public static final String AUTH_DETAILS_RESTRICTIONS_KEY
The name of the claim within the authentication that will hold its "restrictions". This is expected to be a map from "restriction type" (ex: 'VENDOR') to a list of "restriction targets" within that type (ex: 'vendorRefA', 'vendorRefB').If the authentication has no restrictions, it is considered unrestricted. If the authentication has restrictions, then it is considered to be restricted exclusively to the targets within the defined types.
- See Also:
- Constant Field Values
-
AUTH_DETAILS_RESTRICTED_AUTHORITIES_KEY
public static final String AUTH_DETAILS_RESTRICTED_AUTHORITIES_KEY
The name of the claim within the authentication that will hold its "restricted authorities". This is expected to be a map from an authority (ex: 'READ_PRODUCT') to another map where the keys are "restriction types" (ex: 'VENDOR') and values are "restriction targets" within that type that should get the authority.- See Also:
- Constant Field Values
-
AUTH_DETAILS_VENDOR_RESTRICTION_TYPE
public static final String AUTH_DETAILS_VENDOR_RESTRICTION_TYPE
"restrictions"
and"restricted authorities"
both rely on a concept of "restriction type". This is the value of the restriction type used for vendors. It is used to obtain vendor-specific restriction and restricted authority data from the authentication.- See Also:
- Constant Field Values
-
-
Method Detail
-
getVendorPrivileges
public AuthenticationVendorPrivilegesSummary getVendorPrivileges(@NonNull @NonNull org.springframework.security.core.Authentication authentication, @Nullable org.springframework.core.convert.converter.Converter<org.springframework.security.core.Authentication,Map<String,Object>> authenticationAttributesConverter)
Extracts the summary of vendor privileges from the given authentication.- Parameters:
authentication
- theAuthentication
from which to extract vendor privilege informationauthenticationAttributesConverter
- a converter that can convert the authentication to a map of details- Returns:
- details about the given authentication's vendor restrictions and authorities
- Throws:
IllegalArgumentException
- if the authentication details didn't match the expected structure- See Also:
AuthenticationVendorPrivilegesSummary
-
buildVendorRestrictionsSummary
protected AuthenticationVendorPrivilegesSummary buildVendorRestrictionsSummary(boolean unrestricted, Set<String> allAuthorities, Set<String> restrictedVendorRefs, Map<String,Set<String>> vendorRefsByRestrictedAuthority)
-
getTypeFactory
protected com.broadleafcommerce.common.extension.TypeFactory getTypeFactory()
-
-