View Javadoc
1   /*
2    * Copyright 2013-2014 the original author or authors.
3    *
4    * Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with
5    * the License. You may obtain a copy of the License at
6    *
7    * https://www.apache.org/licenses/LICENSE-2.0
8    *
9    * Unless required by applicable law or agreed to in writing, software distributed under the License is distributed on
10   * an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the License for the
11   * specific language governing permissions and limitations under the License.
12   */
13  
14  package org.springframework.security.oauth2.config.annotation.web.configuration;
15  
16  import java.lang.annotation.Documented;
17  import java.lang.annotation.ElementType;
18  import java.lang.annotation.Retention;
19  import java.lang.annotation.RetentionPolicy;
20  import java.lang.annotation.Target;
21  
22  import org.springframework.context.annotation.Import;
23  import org.springframework.security.oauth2.client.OAuth2RestTemplate;
24  import org.springframework.security.oauth2.client.token.AccessTokenRequest;
25  import org.springframework.web.filter.DelegatingFilterProxy;
26  
27  /**
28   * Enable configuration for an OAuth2 client in a web application that uses Spring Security and wants to use the
29   * Authorization Code Grant from one or more OAuth2 Authorization servers. To take advantage of this feature you need a
30   * global servlet filter in your application of the {@link DelegatingFilterProxy} that delegates to a bean named
31   * "oauth2ClientContextFilter". Once that filter is in place your client app can use another bean provided by this
32   * annotation (an {@link AccessTokenRequest}) to create an {@link OAuth2RestTemplate}, e.g.
33   * 
34   * <pre>
35   * &#064;Configuration
36   * &#064;EnableOAuth2Client
37   * public class RemoteResourceConfiguration {
38   * 
39   * 	&#064;Bean
40   *  public OAuth2RestOperations restTemplate(OAuth2ClientContext oauth2ClientContext) {
41   * 		return new OAuth2RestTemplate(remote(), oauth2ClientContext);
42   * 	}
43   * 
44   * }
45   * </pre>
46   * 
47   * Client apps that use client credentials grants do not need the AccessTokenRequest or the scoped RestOperations (the
48   * state is global for the app), but they should still use the filter to trigger the OAuth2RestOperations to obtain a
49   * token when necessary. Apps that use password grants need to set the authentication properties in the
50   * OAuth2ProtectedResourceDetails before using the RestOperations, and this means the resource details themselves also
51   * have to be per session (assuming there are multiple users in the system).
52   * 
53   * @author Dave Syer
54   * 
55   */
56  @Target(ElementType.TYPE)
57  @Retention(RetentionPolicy.RUNTIME)
58  @Documented
59  @Import(OAuth2ClientConfiguration.class)
60  public @interface EnableOAuth2Client {
61  
62  }