All Classes and Interfaces (Broadleaf Security Resource OAuth2 Common 2.0.4-GA API)

Classes

Class

Description

There is an open issue in Spring where methods annotated with @PreAuthorize correctly throw an AccessDeniedException, but it is not passed through ExceptionTranslationFilter and thus results in a 500 response rather than a 403.

DefaultAuthenticationAttributesConverter

Default implementation of Converter that is used for extracting the a map of attributes from an Authentication.

DefaultJwtBearerTokenAuthenticationConverter

A Converter that takes a Jwt and converts it into a BearerTokenAuthentication.

DefaultJwtClaimsValidator

A OAuth2TokenValidator implementation that validates the JWT access token includes a valid issuer, audiences, and timestamp.

KeyUtil

Utilities related to token signing keys

MultiKeyJWSKeySelector<C extends com.nimbusds.jose.proc.SecurityContext>

Selector that keeps a list of all registered public keys and will return all as candidates.

OAuth2ResourceSecurityConfiguration

OAuth2ResourceSecurityProperties

OAuth2ResourceWebSecurityConfiguration

OAuth2ResourceWebSecurityConfiguration.EnableGlobalMethodSecurityConfiguration

OAuth2SecurityEnvironmentPostProcessor

ResourceSecurityDsl

Custom DSL used to initialize the Spring Security configuration with resource server security compatible with Broadleaf's Authorization Service.