Package de.hybris.platform.ycommercewebservices.oauth2

Class OAuthClientVoter

  • All Implemented Interfaces:
    org.springframework.security.access.AccessDecisionVoter<java.lang.Object>
    public class OAuthClientVoter
extends java.lang.Object
implements org.springframework.security.access.AccessDecisionVoter<java.lang.Object>
    Votes to grant access if current OAuth Client ID matches with any config attribute

    Only config attributes starting with 'prefix' will be took into consideration. Default prefix is 'CLIENT_'. Prefix can be customized, in particular when null all config attributes will be analyzed.

    If none of the configuration attributes starts with 'prefix', the voter abstains from voting.

    If there are some configuration attributes starting with prefix but none matches, the voter denies access.

    Comparisions are case insensitive.

    Example: if config attribute = 'CLIENT_MOBILE_ANDROID' and client id is 'mobile_android' access by this voter is granted

    • Field Summary

      • Fields inherited from interface org.springframework.security.access.AccessDecisionVoter

        ACCESS_ABSTAIN, ACCESS_DENIED, ACCESS_GRANTED

    • Method Summary

      All Methods Instance Methods Concrete Methods 
      Modifier and Type Method Description
      java.lang.String getClientPrefix()  
      void setClientPrefix​(java.lang.String clientPrefix)  
      boolean supports​(java.lang.Class<?> clazz)
      This implementation supports any type of class, because it does not query the presented secure object.
      boolean supports​(org.springframework.security.access.ConfigAttribute attribute)  
      int vote​(org.springframework.security.core.Authentication authentication, java.lang.Object object, java.util.Collection<org.springframework.security.access.ConfigAttribute> attributes)  

      • Methods inherited from class java.lang.Object

        clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

    • Constructor Detail

      • OAuthClientVoter

        public OAuthClientVoter()

    • Method Detail

      • getClientPrefix

        public java.lang.String getClientPrefix()

      • setClientPrefix

        public void setClientPrefix​(java.lang.String clientPrefix)

      • supports

        public boolean supports​(org.springframework.security.access.ConfigAttribute attribute)
        Specified by:
        supports in interface org.springframework.security.access.AccessDecisionVoter<java.lang.Object>

      • supports

        public boolean supports​(java.lang.Class<?> clazz)
        This implementation supports any type of class, because it does not query the presented secure object.
        Specified by:
        supports in interface org.springframework.security.access.AccessDecisionVoter<java.lang.Object>
        Parameters:
        clazz - the secure object
        Returns:
        always true

      • vote

        public int vote​(org.springframework.security.core.Authentication authentication,
                java.lang.Object object,
                java.util.Collection<org.springframework.security.access.ConfigAttribute> attributes)
        Specified by:
        vote in interface org.springframework.security.access.AccessDecisionVoter<java.lang.Object>