Package com.broadleafcommerce.oauth2.resource.security.token.converter

Class DefaultJwtBearerTokenAuthenticationConverter

java.lang.Object

com.broadleafcommerce.oauth2.resource.security.token.converter.DefaultJwtBearerTokenAuthenticationConverter

All Implemented Interfaces:

org.springframework.core.convert.converter.Converter<org.springframework.security.oauth2.jwt.Jwt,org.springframework.security.oauth2.server.resource.authentication.BearerTokenAuthentication>

public class DefaultJwtBearerTokenAuthenticationConverter
extends Object
implements org.springframework.core.convert.converter.Converter<org.springframework.security.oauth2.jwt.Jwt,org.springframework.security.oauth2.server.resource.authentication.BearerTokenAuthentication>

A Converter that takes a Jwt and converts it into a BearerTokenAuthentication.

Author:

Nick Crum (ncrum)

See Also:

• for reference implementation

Field Summary

Fields

Modifier and Type	Field	Description
static final String	AUTHORITIES_CLAIM
static final String	USER_NAME

Constructor Summary

Constructors

Constructor	Description
DefaultJwtBearerTokenAuthenticationConverter()

Method Summary

Modifier and Type	Method	Description
org.springframework.security.oauth2.server.resource.authentication.BearerTokenAuthentication	convert(org.springframework.security.oauth2.jwt.Jwt jwt)
protected Collection<org.springframework.security.core.GrantedAuthority>	extractAuthorities(org.springframework.security.oauth2.jwt.Jwt jwt)
protected String	extractName(org.springframework.security.oauth2.jwt.Jwt jwt)	Extracts the principal name from the JWT.

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Methods inherited from interface org.springframework.core.convert.converter.Converter

andThen

Field Details

USER_NAME

public static final String USER_NAME

See Also:

• Constant Field Values

AUTHORITIES_CLAIM

public static final String AUTHORITIES_CLAIM

See Also:

• Constant Field Values

Constructor Details

DefaultJwtBearerTokenAuthenticationConverter

public DefaultJwtBearerTokenAuthenticationConverter()

Method Details

convert

public org.springframework.security.oauth2.server.resource.authentication.BearerTokenAuthentication convert(org.springframework.security.oauth2.jwt.Jwt jwt)

Specified by:

convert in interface org.springframework.core.convert.converter.Converter<org.springframework.security.oauth2.jwt.Jwt,org.springframework.security.oauth2.server.resource.authentication.BearerTokenAuthentication>

extractName

protected String extractName(org.springframework.security.oauth2.jwt.Jwt jwt)

Extracts the principal name from the JWT. This first looks for a subject, which is the standard way of providing the principal name. Secondly, it will look up a "user_name" claim, which is a non-standard way Spring Security OAuth provides the principal name. Lastly, we fall back on the "client_id", in the event no user principal is tied to the access token.

Parameters:

jwt - the jwt

Returns:

the principal name

extractAuthorities

protected Collection<org.springframework.security.core.GrantedAuthority> extractAuthorities(org.springframework.security.oauth2.jwt.Jwt jwt)