Class OAuth2AuthorizationEndpointFilter
java.lang.Object
org.springframework.web.filter.GenericFilterBean
org.springframework.web.filter.OncePerRequestFilter
org.springframework.security.oauth2.server.authorization.web.OAuth2AuthorizationEndpointFilter
- All Implemented Interfaces:
jakarta.servlet.Filter
,org.springframework.beans.factory.Aware
,org.springframework.beans.factory.BeanNameAware
,org.springframework.beans.factory.DisposableBean
,org.springframework.beans.factory.InitializingBean
,org.springframework.context.EnvironmentAware
,org.springframework.core.env.EnvironmentCapable
,org.springframework.web.context.ServletContextAware
public final class OAuth2AuthorizationEndpointFilter
extends org.springframework.web.filter.OncePerRequestFilter
A
Filter
for the OAuth 2.0 Authorization Code Grant, which handles the
processing of the OAuth 2.0 Authorization Request and Consent.-
Field Summary
Fields inherited from class org.springframework.web.filter.OncePerRequestFilter
ALREADY_FILTERED_SUFFIX
Fields inherited from class org.springframework.web.filter.GenericFilterBean
logger
-
Constructor Summary
ConstructorDescriptionOAuth2AuthorizationEndpointFilter
(org.springframework.security.authentication.AuthenticationManager authenticationManager) Constructs anOAuth2AuthorizationEndpointFilter
using the provided parameters.OAuth2AuthorizationEndpointFilter
(org.springframework.security.authentication.AuthenticationManager authenticationManager, String authorizationEndpointUri) Constructs anOAuth2AuthorizationEndpointFilter
using the provided parameters. -
Method Summary
Modifier and TypeMethodDescriptionprotected void
doFilterInternal
(jakarta.servlet.http.HttpServletRequest request, jakarta.servlet.http.HttpServletResponse response, jakarta.servlet.FilterChain filterChain) void
setAuthenticationConverter
(org.springframework.security.web.authentication.AuthenticationConverter authenticationConverter) Sets theAuthenticationConverter
used when attempting to extract an Authorization Request (or Consent) fromHttpServletRequest
to an instance ofOAuth2AuthorizationCodeRequestAuthenticationToken
orOAuth2AuthorizationConsentAuthenticationToken
used for authenticating the request.void
setAuthenticationDetailsSource
(org.springframework.security.authentication.AuthenticationDetailsSource<jakarta.servlet.http.HttpServletRequest, ?> authenticationDetailsSource) Sets theAuthenticationDetailsSource
used for building an authentication details instance fromHttpServletRequest
.void
setAuthenticationFailureHandler
(org.springframework.security.web.authentication.AuthenticationFailureHandler authenticationFailureHandler) Sets theAuthenticationFailureHandler
used for handling anOAuth2AuthorizationCodeRequestAuthenticationException
and returning theError Response
.void
setAuthenticationSuccessHandler
(org.springframework.security.web.authentication.AuthenticationSuccessHandler authenticationSuccessHandler) Sets theAuthenticationSuccessHandler
used for handling anOAuth2AuthorizationCodeRequestAuthenticationToken
and returning theAuthorization Response
.void
setConsentPage
(String consentPage) Specify the URI to redirect Resource Owners to if consent is required.void
setSessionAuthenticationStrategy
(org.springframework.security.web.authentication.session.SessionAuthenticationStrategy sessionAuthenticationStrategy) Sets theSessionAuthenticationStrategy
used for handling anOAuth2AuthorizationCodeRequestAuthenticationToken
before calling theAuthenticationSuccessHandler
.Methods inherited from class org.springframework.web.filter.OncePerRequestFilter
doFilter, doFilterNestedErrorDispatch, getAlreadyFilteredAttributeName, isAsyncDispatch, isAsyncStarted, shouldNotFilter, shouldNotFilterAsyncDispatch, shouldNotFilterErrorDispatch
Methods inherited from class org.springframework.web.filter.GenericFilterBean
addRequiredProperty, afterPropertiesSet, createEnvironment, destroy, getEnvironment, getFilterConfig, getFilterName, getServletContext, init, initBeanWrapper, initFilterBean, setBeanName, setEnvironment, setServletContext
-
Constructor Details
-
OAuth2AuthorizationEndpointFilter
public OAuth2AuthorizationEndpointFilter(org.springframework.security.authentication.AuthenticationManager authenticationManager) Constructs anOAuth2AuthorizationEndpointFilter
using the provided parameters.- Parameters:
authenticationManager
- the authentication manager
-
OAuth2AuthorizationEndpointFilter
public OAuth2AuthorizationEndpointFilter(org.springframework.security.authentication.AuthenticationManager authenticationManager, String authorizationEndpointUri) Constructs anOAuth2AuthorizationEndpointFilter
using the provided parameters.- Parameters:
authenticationManager
- the authentication managerauthorizationEndpointUri
- the endpointURI
for authorization requests
-
-
Method Details
-
doFilterInternal
protected void doFilterInternal(jakarta.servlet.http.HttpServletRequest request, jakarta.servlet.http.HttpServletResponse response, jakarta.servlet.FilterChain filterChain) throws jakarta.servlet.ServletException, IOException - Specified by:
doFilterInternal
in classorg.springframework.web.filter.OncePerRequestFilter
- Throws:
jakarta.servlet.ServletException
IOException
-
setAuthenticationDetailsSource
public void setAuthenticationDetailsSource(org.springframework.security.authentication.AuthenticationDetailsSource<jakarta.servlet.http.HttpServletRequest, ?> authenticationDetailsSource) Sets theAuthenticationDetailsSource
used for building an authentication details instance fromHttpServletRequest
.- Parameters:
authenticationDetailsSource
- theAuthenticationDetailsSource
used for building an authentication details instance fromHttpServletRequest
- Since:
- 0.3.1
-
setAuthenticationConverter
public void setAuthenticationConverter(org.springframework.security.web.authentication.AuthenticationConverter authenticationConverter) Sets theAuthenticationConverter
used when attempting to extract an Authorization Request (or Consent) fromHttpServletRequest
to an instance ofOAuth2AuthorizationCodeRequestAuthenticationToken
orOAuth2AuthorizationConsentAuthenticationToken
used for authenticating the request.- Parameters:
authenticationConverter
- theAuthenticationConverter
used when attempting to extract an Authorization Request (or Consent) fromHttpServletRequest
-
setAuthenticationSuccessHandler
public void setAuthenticationSuccessHandler(org.springframework.security.web.authentication.AuthenticationSuccessHandler authenticationSuccessHandler) Sets theAuthenticationSuccessHandler
used for handling anOAuth2AuthorizationCodeRequestAuthenticationToken
and returning theAuthorization Response
.- Parameters:
authenticationSuccessHandler
- theAuthenticationSuccessHandler
used for handling anOAuth2AuthorizationCodeRequestAuthenticationToken
-
setAuthenticationFailureHandler
public void setAuthenticationFailureHandler(org.springframework.security.web.authentication.AuthenticationFailureHandler authenticationFailureHandler) Sets theAuthenticationFailureHandler
used for handling anOAuth2AuthorizationCodeRequestAuthenticationException
and returning theError Response
.- Parameters:
authenticationFailureHandler
- theAuthenticationFailureHandler
used for handling anOAuth2AuthorizationCodeRequestAuthenticationException
-
setSessionAuthenticationStrategy
public void setSessionAuthenticationStrategy(org.springframework.security.web.authentication.session.SessionAuthenticationStrategy sessionAuthenticationStrategy) Sets theSessionAuthenticationStrategy
used for handling anOAuth2AuthorizationCodeRequestAuthenticationToken
before calling theAuthenticationSuccessHandler
. If OpenID Connect is enabled, the default implementation tracks OpenID Connect sessions using aSessionRegistry
.- Parameters:
sessionAuthenticationStrategy
- theSessionAuthenticationStrategy
used for handling anOAuth2AuthorizationCodeRequestAuthenticationToken
- Since:
- 1.1
-
setConsentPage
Specify the URI to redirect Resource Owners to if consent is required. A default consent page will be generated when this attribute is not specified.- Parameters:
consentPage
- the URI of the custom consent page to redirect to if consent is required (e.g. "/oauth2/consent")
-