Class OAuth2AuthorizationEndpointConfigurer
java.lang.Object
org.springframework.security.oauth2.server.authorization.config.annotation.web.configurers.OAuth2AuthorizationEndpointConfigurer
Configurer for the OAuth 2.0 Authorization Endpoint.
-
Method Summary
Modifier and TypeMethodDescriptionauthenticationProvider
(org.springframework.security.authentication.AuthenticationProvider authenticationProvider) Adds anAuthenticationProvider
used for authenticating anOAuth2AuthorizationCodeRequestAuthenticationToken
.authenticationProviders
(Consumer<List<org.springframework.security.authentication.AuthenticationProvider>> authenticationProvidersConsumer) Sets theConsumer
providing access to theList
of default and (optionally) addedAuthenticationProvider
's allowing the ability to add, remove, or customize a specificAuthenticationProvider
.authorizationRequestConverter
(org.springframework.security.web.authentication.AuthenticationConverter authorizationRequestConverter) Adds anAuthenticationConverter
used when attempting to extract an Authorization Request (or Consent) fromHttpServletRequest
to an instance ofOAuth2AuthorizationCodeRequestAuthenticationToken
orOAuth2AuthorizationConsentAuthenticationToken
used for authenticating the request.authorizationRequestConverters
(Consumer<List<org.springframework.security.web.authentication.AuthenticationConverter>> authorizationRequestConvertersConsumer) Sets theConsumer
providing access to theList
of default and (optionally) addedAuthenticationConverter
's allowing the ability to add, remove, or customize a specificAuthenticationConverter
.authorizationResponseHandler
(org.springframework.security.web.authentication.AuthenticationSuccessHandler authorizationResponseHandler) Sets theAuthenticationSuccessHandler
used for handling anOAuth2AuthorizationCodeRequestAuthenticationToken
and returning theAuthorization Response
.consentPage
(String consentPage) Specify the URI to redirect Resource Owners to if consent is required during theauthorization_code
flow.errorResponseHandler
(org.springframework.security.web.authentication.AuthenticationFailureHandler errorResponseHandler) Sets theAuthenticationFailureHandler
used for handling anOAuth2AuthorizationCodeRequestAuthenticationException
and returning theError Response
.protected final org.springframework.security.config.annotation.ObjectPostProcessor<Object>
protected final <T> T
postProcess
(T object)
-
Method Details
-
authorizationRequestConverter
public OAuth2AuthorizationEndpointConfigurer authorizationRequestConverter(org.springframework.security.web.authentication.AuthenticationConverter authorizationRequestConverter) Adds anAuthenticationConverter
used when attempting to extract an Authorization Request (or Consent) fromHttpServletRequest
to an instance ofOAuth2AuthorizationCodeRequestAuthenticationToken
orOAuth2AuthorizationConsentAuthenticationToken
used for authenticating the request.- Parameters:
authorizationRequestConverter
- anAuthenticationConverter
used when attempting to extract an Authorization Request (or Consent) fromHttpServletRequest
- Returns:
- the
OAuth2AuthorizationEndpointConfigurer
for further configuration
-
authorizationRequestConverters
public OAuth2AuthorizationEndpointConfigurer authorizationRequestConverters(Consumer<List<org.springframework.security.web.authentication.AuthenticationConverter>> authorizationRequestConvertersConsumer) Sets theConsumer
providing access to theList
of default and (optionally) addedAuthenticationConverter
's allowing the ability to add, remove, or customize a specificAuthenticationConverter
.- Parameters:
authorizationRequestConvertersConsumer
- theConsumer
providing access to theList
of default and (optionally) addedAuthenticationConverter
's- Returns:
- the
OAuth2AuthorizationEndpointConfigurer
for further configuration - Since:
- 0.4.0
-
authenticationProvider
public OAuth2AuthorizationEndpointConfigurer authenticationProvider(org.springframework.security.authentication.AuthenticationProvider authenticationProvider) Adds anAuthenticationProvider
used for authenticating anOAuth2AuthorizationCodeRequestAuthenticationToken
.- Parameters:
authenticationProvider
- anAuthenticationProvider
used for authenticating anOAuth2AuthorizationCodeRequestAuthenticationToken
- Returns:
- the
OAuth2AuthorizationEndpointConfigurer
for further configuration
-
authenticationProviders
public OAuth2AuthorizationEndpointConfigurer authenticationProviders(Consumer<List<org.springframework.security.authentication.AuthenticationProvider>> authenticationProvidersConsumer) Sets theConsumer
providing access to theList
of default and (optionally) addedAuthenticationProvider
's allowing the ability to add, remove, or customize a specificAuthenticationProvider
.- Parameters:
authenticationProvidersConsumer
- theConsumer
providing access to theList
of default and (optionally) addedAuthenticationProvider
's- Returns:
- the
OAuth2AuthorizationEndpointConfigurer
for further configuration - Since:
- 0.4.0
-
authorizationResponseHandler
public OAuth2AuthorizationEndpointConfigurer authorizationResponseHandler(org.springframework.security.web.authentication.AuthenticationSuccessHandler authorizationResponseHandler) Sets theAuthenticationSuccessHandler
used for handling anOAuth2AuthorizationCodeRequestAuthenticationToken
and returning theAuthorization Response
.- Parameters:
authorizationResponseHandler
- theAuthenticationSuccessHandler
used for handling anOAuth2AuthorizationCodeRequestAuthenticationToken
- Returns:
- the
OAuth2AuthorizationEndpointConfigurer
for further configuration
-
errorResponseHandler
public OAuth2AuthorizationEndpointConfigurer errorResponseHandler(org.springframework.security.web.authentication.AuthenticationFailureHandler errorResponseHandler) Sets theAuthenticationFailureHandler
used for handling anOAuth2AuthorizationCodeRequestAuthenticationException
and returning theError Response
.- Parameters:
errorResponseHandler
- theAuthenticationFailureHandler
used for handling anOAuth2AuthorizationCodeRequestAuthenticationException
- Returns:
- the
OAuth2AuthorizationEndpointConfigurer
for further configuration
-
consentPage
Specify the URI to redirect Resource Owners to if consent is required during theauthorization_code
flow. A default consent page will be generated when this attribute is not specified. If a URI is specified, applications are required to process the specified URI to generate a consent page. The query string will contain the following parameters:client_id
- the client identifierscope
- a space-delimited list of scopes present in the authorization requeststate
- a CSRF protection token
- It must be an HTTP POST
- It must be submitted to
AuthorizationServerSettings.getAuthorizationEndpoint()
- It must include the received
client_id
as an HTTP parameter - It must include the received
state
as an HTTP parameter - It must include the list of
scope
s theResource Owner
consented to as an HTTP parameter
- Parameters:
consentPage
- the URI of the custom consent page to redirect to if consent is required (e.g. "/oauth2/consent")- Returns:
- the
OAuth2AuthorizationEndpointConfigurer
for further configuration
-
postProcess
protected final <T> T postProcess(T object) -
getObjectPostProcessor
protected final org.springframework.security.config.annotation.ObjectPostProcessor<Object> getObjectPostProcessor()
-