Package org.springframework.security.oauth2.server.authorization.authentication

Class ClientSecretAuthenticationProvider

java.lang.Object

org.springframework.security.oauth2.server.authorization.authentication.ClientSecretAuthenticationProvider

All Implemented Interfaces:

org.springframework.security.authentication.AuthenticationProvider

public final class ClientSecretAuthenticationProvider
extends Object
implements org.springframework.security.authentication.AuthenticationProvider

An AuthenticationProvider implementation used for OAuth 2.0 Client Authentication, which authenticates the client_secret parameter.

Since:

0.2.3

See Also:

• AuthenticationProvider
• OAuth2ClientAuthenticationToken
• RegisteredClientRepository
• OAuth2AuthorizationService
• PasswordEncoder

Constructor Summary

Constructors

Constructor	Description
ClientSecretAuthenticationProvider(RegisteredClientRepository registeredClientRepository, OAuth2AuthorizationService authorizationService)	Constructs a ClientSecretAuthenticationProvider using the provided parameters.

Method Summary

Modifier and Type	Method	Description
org.springframework.security.core.Authentication	authenticate(org.springframework.security.core.Authentication authentication)
void	setPasswordEncoder(org.springframework.security.crypto.password.PasswordEncoder passwordEncoder)	Sets the PasswordEncoder used to validate the client secret.
boolean	supports(Class<?> authentication)

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Constructor Details

ClientSecretAuthenticationProvider

public ClientSecretAuthenticationProvider(RegisteredClientRepository registeredClientRepository,
 OAuth2AuthorizationService authorizationService)

Constructs a ClientSecretAuthenticationProvider using the provided parameters.

Parameters:

registeredClientRepository - the repository of registered clients

authorizationService - the authorization service

Method Details

setPasswordEncoder

public void setPasswordEncoder(org.springframework.security.crypto.password.PasswordEncoder passwordEncoder)

Sets the PasswordEncoder used to validate the client secret. If not set, the client secret will be compared using PasswordEncoderFactories.createDelegatingPasswordEncoder().

Parameters:

passwordEncoder - the PasswordEncoder used to validate the client secret

authenticate

public org.springframework.security.core.Authentication authenticate(org.springframework.security.core.Authentication authentication)
                                                              throws org.springframework.security.core.AuthenticationException

Specified by:

authenticate in interface org.springframework.security.authentication.AuthenticationProvider

Throws:

org.springframework.security.core.AuthenticationException

supports

public boolean supports(Class<?> authentication)

Specified by:

supports in interface org.springframework.security.authentication.AuthenticationProvider