All Classes and Interfaces

Class
Description
A base representation of OAuth 2.0 Authorization Server metadata, returned by an endpoint defined in OAuth 2.0 Authorization Server Metadata and OpenID Connect Discovery 1.0.
A builder for subclasses of AbstractOAuth2AuthorizationServerMetadata.
Base implementation for configuration settings.
A builder for subclasses of AbstractSettings.
A context that holds information of the Authorization Server runtime environment.
A holder of the AuthorizationServerContext that associates it with the current thread using a ThreadLocal.
A facility for authorization server configuration settings.
An AuthenticationProvider implementation used for OAuth 2.0 Client Authentication, which authenticates the client_secret parameter.
Attempts to extract HTTP Basic credentials from HttpServletRequest and then converts to an OAuth2ClientAuthenticationToken used for authenticating the client.
Attempts to extract client credentials from POST parameters of HttpServletRequest and then converts to an OAuth2ClientAuthenticationToken used for authenticating the client.
A facility for client configuration settings.
A builder for ClientSettings.
The names for all the configuration settings.
The names for authorization server configuration settings.
The names for client configuration settings.
The names for token configuration settings.
A facility for holding information associated to a specific context.
Default implementation of OAuth2TokenContext.
An AuthenticationConverter that simply delegates to it's internal List of AuthenticationConverter(s).
An OAuth2TokenGenerator that simply delegates to it's internal List of OAuth2TokenGenerator(s).
A RegisteredClientRepository that stores RegisteredClient(s) in-memory.
A JDBC implementation of an OAuth2AuthorizationConsentService that uses a JdbcOperations for OAuth2AuthorizationConsent persistence.
The default Function that maps OAuth2AuthorizationConsent to a List of SqlParameterValue.
The default RowMapper that maps the current row in ResultSet to OAuth2AuthorizationConsent.
A JDBC implementation of an OAuth2AuthorizationService that uses a JdbcOperations for OAuth2Authorization persistence.
The default Function that maps OAuth2Authorization to a List of SqlParameterValue.
The default RowMapper that maps the current row in java.sql.ResultSet to OAuth2Authorization.
A JDBC implementation of a RegisteredClientRepository that uses a JdbcOperations for RegisteredClient persistence.
The default Function that maps RegisteredClient to a List of SqlParameterValue.
The default RowMapper that maps the current row in java.sql.ResultSet to RegisteredClient.
Attempts to extract a JWT client assertion credential from HttpServletRequest and then converts to an OAuth2ClientAuthenticationToken used for authenticating the client.
An AuthenticationProvider implementation used for OAuth 2.0 Client Authentication, which authenticates the Jwt client_assertion parameter.
A factory that provides a JwtDecoder for the specified RegisteredClient and is used for authenticating a Jwt Bearer Token during OAuth 2.0 Client Authentication.
An OAuth2TokenContext implementation used when encoding a Jwt.
A builder for JwtEncodingContext.
An OAuth2TokenGenerator that generates a Jwt used for an OAuth2AccessToken or OidcIdToken.
A Filter that processes JWK Set requests.
An OAuth2AuthenticationContext that holds an OAuth2AccessTokenAuthenticationToken and additional information and is used when customizing the OAuth2AccessTokenResponse.
An Authentication implementation used when issuing an OAuth 2.0 Access Token and (optional) Refresh Token.
An OAuth2TokenGenerator that generates a "reference" (opaque) OAuth2AccessToken.
An implementation of an AuthenticationSuccessHandler used for handling an OAuth2AccessTokenAuthenticationToken and returning the Access Token Response.
A context that holds an Authentication and (optionally) additional information and is used in an AuthenticationProvider.
A builder for subclasses of OAuth2AuthenticationContext.
A representation of an OAuth 2.0 Authorization, which holds state related to the authorization granted to a client, by the resource owner or itself in the case of the client_credentials grant type.
A builder for OAuth2Authorization.
OAuth2Authorization.Token<T extends org.springframework.security.oauth2.core.OAuth2Token>
A holder of an OAuth 2.0 Token and it's associated metadata.
An implementation of an AbstractOAuth2Token representing an OAuth 2.0 Authorization Code Grant.
Attempts to extract an Access Token Request from HttpServletRequest for the OAuth 2.0 Authorization Code Grant and then converts it to an OAuth2AuthorizationCodeAuthenticationToken used for authenticating the authorization grant.
An AuthenticationProvider implementation for the OAuth 2.0 Authorization Code Grant.
An Authentication implementation used for the OAuth 2.0 Authorization Code Grant.
An OAuth2AuthenticationContext that holds an OAuth2AuthorizationCodeRequestAuthenticationToken and additional information and is used when validating the OAuth 2.0 Authorization Request parameters, as well as, determining if authorization consent is required.
Attempts to extract an Authorization Request from HttpServletRequest for the OAuth 2.0 Authorization Code Grant and then converts it to an OAuth2AuthorizationCodeRequestAuthenticationToken used for authenticating the request.
This exception is thrown by OAuth2AuthorizationCodeRequestAuthenticationProvider when an attempt to authenticate the OAuth 2.0 Authorization Request (or Consent) fails.
An AuthenticationProvider implementation for the OAuth 2.0 Authorization Request used in the Authorization Code Grant.
An Authentication implementation for the OAuth 2.0 Authorization Request used in the Authorization Code Grant.
A Consumer providing access to the OAuth2AuthorizationCodeRequestAuthenticationContext containing an OAuth2AuthorizationCodeRequestAuthenticationToken and is the default authentication validator used for validating specific OAuth 2.0 Authorization Request parameters used in the Authorization Code Grant.
A representation of an OAuth 2.0 "consent" to an Authorization request, which holds state related to the set of authorities granted to a client by the resource owner.
An OAuth2AuthenticationContext that holds an OAuth2AuthorizationConsent.Builder and additional information and is used when customizing the building of the OAuth2AuthorizationConsent.
Attempts to extract an Authorization Consent from HttpServletRequest for the OAuth 2.0 Authorization Code Grant and then converts it to an OAuth2AuthorizationConsentAuthenticationToken used for authenticating the request.
An AuthenticationProvider implementation for the OAuth 2.0 Authorization Consent used in the Authorization Code Grant.
An Authentication implementation for the OAuth 2.0 Authorization Consent used in the Authorization Code Grant.
Implementations of this interface are responsible for the management of OAuth 2.0 Authorization Consent(s).
Configurer for the OAuth 2.0 Authorization Endpoint.
A Filter for the OAuth 2.0 Authorization Code Grant, which handles the processing of the OAuth 2.0 Authorization Request and Consent.
Base implementation of an Authentication representing an OAuth 2.0 Authorization Grant.
Configuration for OAuth 2.0 Authorization Server support.
An AbstractHttpConfigurer for OAuth 2.0 Authorization Server support.
Jackson Module for spring-authorization-server, that registers the following mix-in annotations: UnmodifiableMapMixin HashSetMixin OAuth2AuthorizationRequestMixin OAuth2TokenExchangeCompositeAuthenticationTokenMixin DurationMixin JwsAlgorithmMixin OAuth2TokenFormatMixin StringArrayMixin If not already enabled, default typing will be automatically enabled as type info is required to properly serialize/deserialize objects.
A representation of an OAuth 2.0 Authorization Server Metadata response, which is returned from an OAuth 2.0 Authorization Server's Metadata Endpoint, and contains a set of claims about the Authorization Server's configuration.
A ClaimAccessor for the "claims" an Authorization Server describes about its configuration, used in OAuth 2.0 Authorization Server Metadata and OpenID Connect Discovery 1.0.
The names of the "claims" an Authorization Server describes about its configuration, used in OAuth 2.0 Authorization Server Metadata and OpenID Connect Discovery 1.0.
Configurer for the OAuth 2.0 Authorization Server Metadata Endpoint.
A Filter that processes OAuth 2.0 Authorization Server Metadata Requests.
Implementations of this interface are responsible for the management of OAuth 2.0 Authorization(s).
Configurer for OAuth 2.0 Client Authentication.
An OAuth2AuthenticationContext that holds an OAuth2ClientAuthenticationToken and additional information and is used when validating an OAuth 2.0 Client Authentication.
A Filter that processes an authentication request for an OAuth 2.0 Client.
An Authentication implementation used for OAuth 2.0 Client Authentication.
An OAuth2AuthenticationContext that holds an OAuth2ClientCredentialsAuthenticationToken and additional information and is used when validating the OAuth 2.0 Client Credentials Grant Request.
Attempts to extract an Access Token Request from HttpServletRequest for the OAuth 2.0 Client Credentials Grant and then converts it to an OAuth2ClientCredentialsAuthenticationToken used for authenticating the authorization grant.
An AuthenticationProvider implementation for the OAuth 2.0 Client Credentials Grant.
An Authentication implementation used for the OAuth 2.0 Client Credentials Grant.
A Consumer providing access to the OAuth2ClientCredentialsAuthenticationContext containing an OAuth2ClientCredentialsAuthenticationToken and is the default authentication validator used for validating specific OAuth 2.0 Client Credentials Grant Request parameters.
Attempts to extract a Device Authorization Consent from HttpServletRequest for the OAuth 2.0 Device Authorization Grant and then converts it to an OAuth2DeviceAuthorizationConsentAuthenticationToken used for authenticating the request.
An AuthenticationProvider implementation for the Device Authorization Consent used in the OAuth 2.0 Device Authorization Grant.
An Authentication implementation for the Device Authorization Consent used in the OAuth 2.0 Device Authorization Grant.
Configurer for the OAuth 2.0 Device Authorization Endpoint.
A Filter for the OAuth 2.0 Device Authorization endpoint, which handles the processing of the OAuth 2.0 Device Authorization Request.
Attempts to extract a Device Authorization Request from HttpServletRequest for the OAuth 2.0 Device Authorization Grant and then converts it to an OAuth2DeviceAuthorizationRequestAuthenticationToken used for authenticating the request.
An AuthenticationProvider implementation for the Device Authorization Request used in the OAuth 2.0 Device Authorization Grant.
An Authentication implementation for the Device Authorization Request used in the OAuth 2.0 Device Authorization Grant.
Attempts to extract a Device Access Token Request from HttpServletRequest for the OAuth 2.0 Device Authorization Grant and then converts it to an OAuth2DeviceCodeAuthenticationToken used for authenticating the authorization grant.
An AuthenticationProvider implementation for the Device Access Token Request used in the OAuth 2.0 Device Authorization Grant.
An Authentication implementation for the Device Access Token Request used in the OAuth 2.0 Device Authorization Grant.
Attempts to extract a user code from HttpServletRequest for the OAuth 2.0 Device Authorization Grant and then converts it to an OAuth2DeviceVerificationAuthenticationToken used for authenticating the request.
An AuthenticationProvider implementation for the Device Verification Request (submission of the user code) used in the OAuth 2.0 Device Authorization Grant.
An Authentication implementation for the Device Verification Request (submission of the user code) used in the OAuth 2.0 Device Authorization Grant.
Configurer for the OAuth 2.0 Device Verification Endpoint.
A Filter for the OAuth 2.0 Device Authorization Grant, which handles the processing of the Device Verification Request (submission of the user code) and the Device Authorization Consent.
An implementation of an AuthenticationFailureHandler used for handling an OAuth2AuthenticationException and returning the OAuth 2.0 Error Response.
Attempts to extract an Access Token Request from HttpServletRequest for the OAuth 2.0 Refresh Token Grant and then converts it to an OAuth2RefreshTokenAuthenticationToken used for authenticating the authorization grant.
An AuthenticationProvider implementation for the OAuth 2.0 Refresh Token Grant.
An Authentication implementation used for the OAuth 2.0 Refresh Token Grant.
An OAuth2TokenGenerator that generates an OAuth2RefreshToken.
A ClaimAccessor for the "claims" that may be contained in an OAuth2TokenClaimsSet.
The names of the "claims" that may be contained in an OAuth2TokenClaimsSet and are associated to an OAuth2Token.
An OAuth2TokenContext implementation that provides access to the claims of an OAuth 2.0 Token, allowing the ability to customize.
A representation of a set of claims that are associated to an OAuth2Token.
A builder for OAuth2TokenClaimsSet.
A context that holds information (to be) associated to an OAuth 2.0 Token and is used by an OAuth2TokenGenerator and OAuth2TokenCustomizer.
Base builder for implementations of OAuth2TokenContext.
Implementations of this interface are responsible for customizing the OAuth 2.0 Token attributes contained within the OAuth2TokenContext.
Configurer for the OAuth 2.0 Token Endpoint.
A Filter for the OAuth 2.0 Token endpoint, which handles the processing of an OAuth 2.0 Authorization Grant.
A ClaimAccessor used for the OAuth 2.0 Token Exchange Grant to represent an actor in a OAuth2TokenExchangeCompositeAuthenticationToken (e.g.
Attempts to extract an Access Token Request from HttpServletRequest for the OAuth 2.0 Token Exchange Grant and then converts it to an OAuth2TokenExchangeAuthenticationToken used for authenticating the authorization grant.
An AuthenticationProvider implementation for the OAuth 2.0 Token Exchange Grant.
An Authentication implementation used for the OAuth 2.0 Token Exchange Grant.
An Authentication implementation used for the OAuth 2.0 Token Exchange Grant to represent the principal in a composite token (e.g.
Standard data formats for OAuth 2.0 Tokens.
OAuth2TokenGenerator<T extends org.springframework.security.oauth2.core.OAuth2Token>
Implementations of this interface are responsible for generating an OAuth2Token using the attributes contained in the OAuth2TokenContext.
A representation of the claims returned in an OAuth 2.0 Token Introspection Response.
Attempts to extract an Introspection Request from HttpServletRequest and then converts it to an OAuth2TokenIntrospectionAuthenticationToken used for authenticating the request.
An AuthenticationProvider implementation for OAuth 2.0 Token Introspection.
An Authentication implementation used for OAuth 2.0 Token Introspection.
Configurer for the OAuth 2.0 Token Introspection Endpoint.
A Filter for the OAuth 2.0 Token Introspection endpoint.
A HttpMessageConverter for an OAuth 2.0 Token Introspection Response.
Attempts to extract a Revoke Token Request from HttpServletRequest and then converts it to an OAuth2TokenRevocationAuthenticationToken used for authenticating the request.
An AuthenticationProvider implementation for OAuth 2.0 Token Revocation.
An Authentication implementation used for OAuth 2.0 Token Revocation.
Configurer for the OAuth 2.0 Token Revocation Endpoint.
A Filter for the OAuth 2.0 Token Revocation endpoint.
Standard token types defined in the OAuth Token Type Hints Registry.
An AuthenticationProvider implementation for OpenID Connect 1.0 Dynamic Client Configuration Endpoint.
A ClaimAccessor for the "claims" that are contained in the OpenID Client Registration Request and Response.
The names of the "claims" defined by OpenID Connect Dynamic Client Registration 1.0 that are contained in the OpenID Client Registration Request and Response.
A representation of an OpenID Client Registration Request and Response, which is sent to and returned from the Client Registration Endpoint, and contains a set of claims about the Client's Registration information.
Helps configure an OidcClientRegistration.
Attempts to extract an OpenID Connect 1.0 Dynamic Client Registration (or Client Read) Request from HttpServletRequest and then converts to an OidcClientRegistrationAuthenticationToken used for authenticating the request.
An AuthenticationProvider implementation for OpenID Connect 1.0 Dynamic Client Registration Endpoint.
An Authentication implementation used for OpenID Connect 1.0 Dynamic Client Registration (and Configuration) Endpoint.
Configurer for OpenID Connect 1.0 Dynamic Client Registration Endpoint.
A Filter that processes OpenID Connect 1.0 Dynamic Client Registration (and Client Read) Requests.
A Converter that converts the provided OidcClientRegistration to a RegisteredClient.
Configurer for OpenID Connect 1.0 support.
Attempts to extract an OpenID Connect 1.0 RP-Initiated Logout Request from HttpServletRequest and then converts to an OidcLogoutAuthenticationToken used for authenticating the request.
An AuthenticationProvider implementation for OpenID Connect 1.0 RP-Initiated Logout Endpoint.
An implementation of an AuthenticationSuccessHandler used for handling an OidcLogoutAuthenticationToken and performing the OpenID Connect 1.0 RP-Initiated Logout.
An Authentication implementation used for OpenID Connect 1.0 RP-Initiated Logout Endpoint.
Configurer for OpenID Connect 1.0 RP-Initiated Logout Endpoint.
A Filter that processes OpenID Connect 1.0 RP-Initiated Logout Requests.
A representation of an OpenID Provider Configuration Response, which is returned from an Issuer's Discovery Endpoint, and contains a set of claims about the OpenID Provider's configuration.
Helps configure an OidcProviderConfiguration.
Configurer for the OpenID Connect 1.0 Provider Configuration Endpoint.
A Filter that processes OpenID Provider Configuration Requests.
A HttpMessageConverter for an OpenID Provider Configuration Response.
A ClaimAccessor for the "claims" that can be returned in the OpenID Provider Configuration Response.
The names of the "claims" defined by OpenID Connect Discovery 1.0 that can be returned in the OpenID Provider Configuration Response.
An OAuth2AuthenticationContext that holds an OidcUserInfoAuthenticationToken and additional information and is used when mapping claims to an instance of OidcUserInfo.
An AuthenticationProvider implementation for OpenID Connect 1.0 UserInfo Endpoint.
An Authentication implementation used for OpenID Connect 1.0 UserInfo Endpoint.
Configurer for OpenID Connect 1.0 UserInfo Endpoint.
A Filter that processes OpenID Connect 1.0 UserInfo Requests.
A HttpMessageConverter for an OpenID Connect UserInfo Response.
Attempts to extract the parameters from HttpServletRequest used for authenticating public clients using Proof Key for Code Exchange (PKCE).
An AuthenticationProvider implementation used for OAuth 2.0 Public Client Authentication, which authenticates the code_verifier parameter.
A representation of a client registration with an OAuth 2.0 Authorization Server.
A builder for RegisteredClient.
A Converter that converts the provided RegisteredClient to an OidcClientRegistration.
A repository for OAuth 2.0 RegisteredClient(s).
Internal class used for serialization across Spring Authorization Server classes.
A facility for token configuration settings.
A builder for TokenSettings.
Attempts to extract a client X509Certificate chain from HttpServletRequest and then converts to an OAuth2ClientAuthenticationToken used for authenticating the client using the tls_client_auth or self_signed_tls_client_auth method.
An AuthenticationProvider implementation used for OAuth 2.0 Client Authentication, which authenticates the client X509Certificate received when the tls_client_auth or self_signed_tls_client_auth authentication method is used.