Package com.broadleafcommerce.oauth2.resource.security.environment

Class OAuth2ResourceSecurityProperties

java.lang.Object
com.broadleafcommerce.oauth2.resource.security.environment.OAuth2ResourceSecurityProperties
@ConfigurationProperties(prefix="broadleaf.resource.security.oauth2") public class OAuth2ResourceSecurityProperties extends Object
Author:
Nick Crum (ncrum)

  • Constructor Details

    • OAuth2ResourceSecurityProperties

      public OAuth2ResourceSecurityProperties()

  • Method Details

    • getRsaPublicKey

      public RSAPublicKey getRsaPublicKey() throws NoSuchAlgorithmException, InvalidKeySpecException
      Getter for the RSA public key. Decodes the encoded public key and creates an RSAPublicKey.
      Returns:
      the rsa public key
      Throws:
      NoSuchAlgorithmException - when no algorithm exists
      InvalidKeySpecException - when invalid key specification

    • getValidIssuers

      public List<String> getValidIssuers()
      Validation for the iss claim from the received JWT token

    • getValidAudiences

      public List<String> getValidAudiences()
      Validation for the aud claim from the received JWT token. Usually this also contains all of the valid issuers from the iss claim

    • getEncodedPublicKey

      public String getEncodedPublicKey()
      The encoded RSA public key used for verifying the signature of access tokens.

    • getJwkSetUri

      public String getJwkSetUri()
      The URI to JwkSetEndpoint

    • getMatchers

      public String[] getMatchers()
      The set of ant path matchers on which resource security should apply. Defaults to "/**", which applies resource security on all paths.

    • isDefaultAllowAllAnonymous

      public boolean isDefaultAllowAllAnonymous()
      Whether or not to allow anonymous access. Useful in certain tests and development environments.

    • isConfigureDispatcherTypeAuthorization

      public boolean isConfigureDispatcherTypeAuthorization()
      Whether dispatcher authorization should be configured. Modifying this may also cause you to adjust 'spring.security.filter.dispatcher-types'.

    • getDispatcherTypeMatchersPermittedWithoutAuthorization

      public jakarta.servlet.DispatcherType[] getDispatcherTypeMatchersPermittedWithoutAuthorization()
      The dispatcher type matchers to permit without authorization. FORWARD is necessary to allow MVC forwarding to views.

    • setValidIssuers

      public void setValidIssuers(List<String> validIssuers)
      Validation for the iss claim from the received JWT token

    • setValidAudiences

      public void setValidAudiences(List<String> validAudiences)
      Validation for the aud claim from the received JWT token. Usually this also contains all of the valid issuers from the iss claim

    • setEncodedPublicKey

      public void setEncodedPublicKey(String encodedPublicKey)
      The encoded RSA public key used for verifying the signature of access tokens.

    • setJwkSetUri

      public void setJwkSetUri(String jwkSetUri)
      The URI to JwkSetEndpoint

    • setMatchers

      public void setMatchers(String[] matchers)
      The set of ant path matchers on which resource security should apply. Defaults to "/**", which applies resource security on all paths.

    • setDefaultAllowAllAnonymous

      public void setDefaultAllowAllAnonymous(boolean defaultAllowAllAnonymous)
      Whether or not to allow anonymous access. Useful in certain tests and development environments.

    • setConfigureDispatcherTypeAuthorization

      public void setConfigureDispatcherTypeAuthorization(boolean configureDispatcherTypeAuthorization)
      Whether dispatcher authorization should be configured. Modifying this may also cause you to adjust 'spring.security.filter.dispatcher-types'.

    • setDispatcherTypeMatchersPermittedWithoutAuthorization

      public void setDispatcherTypeMatchersPermittedWithoutAuthorization(jakarta.servlet.DispatcherType[] dispatcherTypeMatchersPermittedWithoutAuthorization)
      The dispatcher type matchers to permit without authorization. FORWARD is necessary to allow MVC forwarding to views.

    • equals

      public boolean equals(Object o)
      Overrides:
      equals in class Object

    • canEqual

      protected boolean canEqual(Object other)

    • hashCode

      public int hashCode()
      Overrides:
      hashCode in class Object

    • toString

      public String toString()
      Overrides:
      toString in class Object