Class AuthenticationVendorPrivilegesUtility
java.lang.Object
com.broadleafcommerce.data.tracking.core.policy.trackable.marketplace.vendor.support.AuthenticationVendorPrivilegesUtility
Responsible for extracting information from an
Authentication
to determine its vendor
privileges.-
Field Summary
Modifier and TypeFieldDescriptionstatic final String
The name of the claim within the authentication that will hold its "restricted authorities".static final String
The name of the claim within the authentication that will hold its "restrictions".static final String
"restrictions"
and"restricted authorities"
both rely on a concept of "restriction type". -
Constructor Summary
ConstructorDescriptionAuthenticationVendorPrivilegesUtility
(com.broadleafcommerce.common.extension.TypeFactory typeFactory) -
Method Summary
Modifier and TypeMethodDescriptionprotected AuthenticationVendorPrivilegesSummary
buildVendorRestrictionsSummary
(boolean unrestricted, Set<String> allAuthorities, Set<String> restrictedVendorRefs, Map<String, Set<String>> vendorRefsByRestrictedAuthority) protected com.broadleafcommerce.common.extension.TypeFactory
protected VendorAuthenticationPrivilegeProperties
getVendorPrivileges
(@NonNull org.springframework.security.core.Authentication authentication, org.springframework.core.convert.converter.Converter<org.springframework.security.core.Authentication, Map<String, Object>> authenticationAttributesConverter) getVendorPrivileges
(@NonNull org.springframework.security.core.Authentication authentication, org.springframework.core.convert.converter.Converter<org.springframework.security.core.Authentication, Map<String, Object>> authenticationAttributesConverter, ContextInfo contextInfo) Extracts the summary of vendor privileges from the given authentication and configurations invendorAuthenticationPrivilegeProperties
.void
setVendorAuthenticationPrivilegeProperties
(VendorAuthenticationPrivilegeProperties vendorAuthenticationPrivilegeProperties)
-
Field Details
-
AUTH_DETAILS_RESTRICTIONS_KEY
The name of the claim within the authentication that will hold its "restrictions". This is expected to be a map from "restriction type" (ex: 'VENDOR') to a list of "restriction targets" within that type (ex: 'vendorRefA', 'vendorRefB').If the authentication has no restrictions, it is considered unrestricted. If the authentication has restrictions, then it is considered to be restricted exclusively to the targets within the defined types.
- See Also:
-
AUTH_DETAILS_RESTRICTED_AUTHORITIES_KEY
The name of the claim within the authentication that will hold its "restricted authorities". This is expected to be a map from an authority (ex: 'READ_PRODUCT') to another map where the keys are "restriction types" (ex: 'VENDOR') and values are "restriction targets" within that type that should get the authority.- See Also:
-
AUTH_DETAILS_VENDOR_RESTRICTION_TYPE
"restrictions"
and"restricted authorities"
both rely on a concept of "restriction type". This is the value of the restriction type used for vendors. It is used to obtain vendor-specific restriction and restricted authority data from the authentication.- See Also:
-
-
Constructor Details
-
AuthenticationVendorPrivilegesUtility
public AuthenticationVendorPrivilegesUtility(com.broadleafcommerce.common.extension.TypeFactory typeFactory)
-
-
Method Details
-
getVendorPrivileges
public AuthenticationVendorPrivilegesSummary getVendorPrivileges(@NonNull @NonNull org.springframework.security.core.Authentication authentication, @Nullable org.springframework.core.convert.converter.Converter<org.springframework.security.core.Authentication, Map<String, Object>> authenticationAttributesConverter) - Parameters:
authentication
- theAuthentication
from which to extract vendor privilege informationauthenticationAttributesConverter
- a converter that can convert the authentication to a map of details- Returns:
- details about the given authentication's vendor restrictions and authorities
- Throws:
IllegalArgumentException
- if the authentication details didn't match the expected structure- See Also:
-
getVendorPrivileges
public AuthenticationVendorPrivilegesSummary getVendorPrivileges(@NonNull @NonNull org.springframework.security.core.Authentication authentication, @Nullable org.springframework.core.convert.converter.Converter<org.springframework.security.core.Authentication, Map<String, Object>> authenticationAttributesConverter, @Nullable ContextInfo contextInfo) Extracts the summary of vendor privileges from the given authentication and configurations invendorAuthenticationPrivilegeProperties
.In an application context, if
VendorAuthenticationPrivilegeProperties.isIgnoreVendorRestrictionInApplicationContext()
is true, then the vendor restrictions are ignored and the authentication is considered unrestricted. Note that this is an experimental feature.- Parameters:
authentication
- theAuthentication
from which to extract vendor privilege informationauthenticationAttributesConverter
- a converter that can convert the authentication to a map of detailscontextInfo
- context information surrounding sandboxing and multitenant state- Returns:
- details about the given authentication's vendor restrictions and authorities
- Throws:
IllegalArgumentException
- if the authentication details didn't match the expected structure- See Also:
-
buildVendorRestrictionsSummary
-
getTypeFactory
protected com.broadleafcommerce.common.extension.TypeFactory getTypeFactory() -
getVendorAuthenticationPrivilegeProperties
-
setVendorAuthenticationPrivilegeProperties
@Autowired public void setVendorAuthenticationPrivilegeProperties(VendorAuthenticationPrivilegeProperties vendorAuthenticationPrivilegeProperties)
-