Package org.springframework.security.oauth2.server.authorization.oidc.web

Class OidcUserInfoEndpointFilter

java.lang.Object

org.springframework.web.filter.GenericFilterBean

org.springframework.web.filter.OncePerRequestFilter

org.springframework.security.oauth2.server.authorization.oidc.web.OidcUserInfoEndpointFilter

All Implemented Interfaces:

jakarta.servlet.Filter, org.springframework.beans.factory.Aware, org.springframework.beans.factory.BeanNameAware, org.springframework.beans.factory.DisposableBean, org.springframework.beans.factory.InitializingBean, org.springframework.context.EnvironmentAware, org.springframework.core.env.EnvironmentCapable, org.springframework.web.context.ServletContextAware

public final class OidcUserInfoEndpointFilter
extends org.springframework.web.filter.OncePerRequestFilter

A Filter that processes OpenID Connect 1.0 UserInfo Requests.

Since:

0.2.1

See Also:

• OidcUserInfo
• OidcUserInfoAuthenticationProvider
• 5.3. UserInfo Endpoint

Field Summary

Fields inherited from class org.springframework.web.filter.OncePerRequestFilter

ALREADY_FILTERED_SUFFIX

Fields inherited from class org.springframework.web.filter.GenericFilterBean

logger

Constructor Summary

Constructors

Constructor	Description
OidcUserInfoEndpointFilter(org.springframework.security.authentication.AuthenticationManager authenticationManager)	Constructs an OidcUserInfoEndpointFilter using the provided parameters.
OidcUserInfoEndpointFilter(org.springframework.security.authentication.AuthenticationManager authenticationManager, String userInfoEndpointUri)	Constructs an OidcUserInfoEndpointFilter using the provided parameters.

Method Summary

Modifier and Type	Method	Description
protected void	doFilterInternal(jakarta.servlet.http.HttpServletRequest request, jakarta.servlet.http.HttpServletResponse response, jakarta.servlet.FilterChain filterChain)
void	setAuthenticationConverter(org.springframework.security.web.authentication.AuthenticationConverter authenticationConverter)	Sets the AuthenticationConverter used when attempting to extract an UserInfo Request from HttpServletRequest to an instance of OidcUserInfoAuthenticationToken used for authenticating the request.
void	setAuthenticationFailureHandler(org.springframework.security.web.authentication.AuthenticationFailureHandler authenticationFailureHandler)	Sets the AuthenticationFailureHandler used for handling an OAuth2AuthenticationException and returning the Error Response.
void	setAuthenticationSuccessHandler(org.springframework.security.web.authentication.AuthenticationSuccessHandler authenticationSuccessHandler)	Sets the AuthenticationSuccessHandler used for handling an OidcUserInfoAuthenticationToken and returning the UserInfo Response.

Methods inherited from class org.springframework.web.filter.OncePerRequestFilter

doFilter, doFilterNestedErrorDispatch, getAlreadyFilteredAttributeName, isAsyncDispatch, isAsyncStarted, shouldNotFilter, shouldNotFilterAsyncDispatch, shouldNotFilterErrorDispatch

Methods inherited from class org.springframework.web.filter.GenericFilterBean

addRequiredProperty, afterPropertiesSet, createEnvironment, destroy, getEnvironment, getFilterConfig, getFilterName, getServletContext, init, initBeanWrapper, initFilterBean, setBeanName, setEnvironment, setServletContext

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Constructor Details

OidcUserInfoEndpointFilter

public OidcUserInfoEndpointFilter(org.springframework.security.authentication.AuthenticationManager authenticationManager)

Constructs an OidcUserInfoEndpointFilter using the provided parameters.

Parameters:

authenticationManager - the authentication manager

OidcUserInfoEndpointFilter

public OidcUserInfoEndpointFilter(org.springframework.security.authentication.AuthenticationManager authenticationManager,
 String userInfoEndpointUri)

Constructs an OidcUserInfoEndpointFilter using the provided parameters.

Parameters:

authenticationManager - the authentication manager

userInfoEndpointUri - the endpoint URI for OpenID Connect 1.0 UserInfo Requests

Method Details

doFilterInternal

protected void doFilterInternal(jakarta.servlet.http.HttpServletRequest request,
 jakarta.servlet.http.HttpServletResponse response,
 jakarta.servlet.FilterChain filterChain)
                         throws jakarta.servlet.ServletException,
IOException

Specified by:

doFilterInternal in class org.springframework.web.filter.OncePerRequestFilter

Throws:

jakarta.servlet.ServletException

IOException

setAuthenticationConverter

public void setAuthenticationConverter(org.springframework.security.web.authentication.AuthenticationConverter authenticationConverter)

Sets the AuthenticationConverter used when attempting to extract an UserInfo Request from HttpServletRequest to an instance of OidcUserInfoAuthenticationToken used for authenticating the request.

Parameters:

authenticationConverter - the AuthenticationConverter used when attempting to extract an UserInfo Request from HttpServletRequest

Since:

0.4.0

setAuthenticationSuccessHandler

public void setAuthenticationSuccessHandler(org.springframework.security.web.authentication.AuthenticationSuccessHandler authenticationSuccessHandler)

Sets the AuthenticationSuccessHandler used for handling an OidcUserInfoAuthenticationToken and returning the UserInfo Response.

Parameters:

authenticationSuccessHandler - the AuthenticationSuccessHandler used for handling an OidcUserInfoAuthenticationToken

Since:

0.4.0

setAuthenticationFailureHandler

public void setAuthenticationFailureHandler(org.springframework.security.web.authentication.AuthenticationFailureHandler authenticationFailureHandler)

Sets the AuthenticationFailureHandler used for handling an OAuth2AuthenticationException and returning the Error Response.

Parameters:

authenticationFailureHandler - the AuthenticationFailureHandler used for handling an OAuth2AuthenticationException

Since:

0.4.0