org.broadleafcommerce.authapi.provider

Class JWTRefreshAuthenticationProvider

java.lang.Object

org.springframework.security.authentication.dao.AbstractUserDetailsAuthenticationProvider

org.broadleafcommerce.authapi.provider.JWTRefreshAuthenticationProvider

All Implemented Interfaces:

org.springframework.beans.factory.Aware, org.springframework.beans.factory.InitializingBean, org.springframework.context.MessageSourceAware, org.springframework.security.authentication.AuthenticationProvider

@Service(value="blJWTRefreshAuthenticationProvider")
 @ConditionalOnProperty(value="blc.auth.jwt.enabled")
public class JWTRefreshAuthenticationProvider
extends org.springframework.security.authentication.dao.AbstractUserDetailsAuthenticationProvider

This provider is responsible for handling authentication for a JWTAuthenticationToken authentication. This is generally only run when using the JWTRefreshTokenFilter to verify the validity of the refresh token before generating a new access token for the user.

Author:

Nick Crum ncrum

Field Summary

Fields

Modifier and Type	Field and Description
protected JWTTokenService	jwtTokenService
protected org.springframework.security.core.userdetails.UserDetailsService	userDetailsService

Fields inherited from class org.springframework.security.authentication.dao.AbstractUserDetailsAuthenticationProvider

hideUserNotFoundExceptions, logger, messages

Constructor Summary

Constructors

Constructor and Description
JWTRefreshAuthenticationProvider(JWTTokenService jwtTokenService, org.springframework.security.core.userdetails.UserDetailsService userDetailsService)

Method Summary

Modifier and Type	Method and Description
protected void	additionalAuthenticationChecks(org.springframework.security.core.userdetails.UserDetails userDetails, org.springframework.security.authentication.UsernamePasswordAuthenticationToken authentication)
protected org.springframework.security.core.Authentication	createSuccessAuthentication(Object principal, org.springframework.security.core.Authentication authentication, org.springframework.security.core.userdetails.UserDetails user)
protected org.springframework.security.core.userdetails.UserDetails	retrieveUser(String username, org.springframework.security.authentication.UsernamePasswordAuthenticationToken authentication)
boolean	supports(Class<?> authentication)

Methods inherited from class org.springframework.security.authentication.dao.AbstractUserDetailsAuthenticationProvider

afterPropertiesSet, authenticate, doAfterPropertiesSet, getPostAuthenticationChecks, getPreAuthenticationChecks, getUserCache, isForcePrincipalAsString, isHideUserNotFoundExceptions, setAuthoritiesMapper, setForcePrincipalAsString, setHideUserNotFoundExceptions, setMessageSource, setPostAuthenticationChecks, setPreAuthenticationChecks, setUserCache

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Field Detail

jwtTokenService

protected final JWTTokenService jwtTokenService

userDetailsService

protected final org.springframework.security.core.userdetails.UserDetailsService userDetailsService

Constructor Detail

JWTRefreshAuthenticationProvider

@Autowired
public JWTRefreshAuthenticationProvider(JWTTokenService jwtTokenService,
                                                   org.springframework.security.core.userdetails.UserDetailsService userDetailsService)

Method Detail

supports

public boolean supports(Class<?> authentication)

Specified by:

supports in interface org.springframework.security.authentication.AuthenticationProvider

Overrides:

supports in class org.springframework.security.authentication.dao.AbstractUserDetailsAuthenticationProvider

additionalAuthenticationChecks

protected void additionalAuthenticationChecks(org.springframework.security.core.userdetails.UserDetails userDetails,
                                              org.springframework.security.authentication.UsernamePasswordAuthenticationToken authentication)
                                       throws org.springframework.security.core.AuthenticationException

Specified by:

additionalAuthenticationChecks in class org.springframework.security.authentication.dao.AbstractUserDetailsAuthenticationProvider

Throws:

org.springframework.security.core.AuthenticationException

createSuccessAuthentication

protected org.springframework.security.core.Authentication createSuccessAuthentication(Object principal,
                                                                                       org.springframework.security.core.Authentication authentication,
                                                                                       org.springframework.security.core.userdetails.UserDetails user)

Overrides:

createSuccessAuthentication in class org.springframework.security.authentication.dao.AbstractUserDetailsAuthenticationProvider

retrieveUser

protected org.springframework.security.core.userdetails.UserDetails retrieveUser(String username,
                                                                                 org.springframework.security.authentication.UsernamePasswordAuthenticationToken authentication)
                                                                          throws org.springframework.security.core.AuthenticationException

Specified by:

retrieveUser in class org.springframework.security.authentication.dao.AbstractUserDetailsAuthenticationProvider

Throws:

org.springframework.security.core.AuthenticationException