Class OAuth2DeviceVerificationEndpointFilter
java.lang.Object
org.springframework.web.filter.GenericFilterBean
org.springframework.web.filter.OncePerRequestFilter
org.springframework.security.oauth2.server.authorization.web.OAuth2DeviceVerificationEndpointFilter
- All Implemented Interfaces:
jakarta.servlet.Filter
,org.springframework.beans.factory.Aware
,org.springframework.beans.factory.BeanNameAware
,org.springframework.beans.factory.DisposableBean
,org.springframework.beans.factory.InitializingBean
,org.springframework.context.EnvironmentAware
,org.springframework.core.env.EnvironmentCapable
,org.springframework.web.context.ServletContextAware
public final class OAuth2DeviceVerificationEndpointFilter
extends org.springframework.web.filter.OncePerRequestFilter
A
Filter
for the OAuth 2.0 Device Authorization Grant, which handles the
processing of the Device Verification Request (submission of the user code) and the
Device Authorization Consent.- Since:
- 1.1
- See Also:
-
Field Summary
Fields inherited from class org.springframework.web.filter.OncePerRequestFilter
ALREADY_FILTERED_SUFFIX
Fields inherited from class org.springframework.web.filter.GenericFilterBean
logger
-
Constructor Summary
ConstructorDescriptionOAuth2DeviceVerificationEndpointFilter
(org.springframework.security.authentication.AuthenticationManager authenticationManager) Constructs anOAuth2DeviceVerificationEndpointFilter
using the provided parameters.OAuth2DeviceVerificationEndpointFilter
(org.springframework.security.authentication.AuthenticationManager authenticationManager, String deviceVerificationEndpointUri) Constructs anOAuth2DeviceVerificationEndpointFilter
using the provided parameters. -
Method Summary
Modifier and TypeMethodDescriptionprotected void
doFilterInternal
(jakarta.servlet.http.HttpServletRequest request, jakarta.servlet.http.HttpServletResponse response, jakarta.servlet.FilterChain filterChain) void
setAuthenticationConverter
(org.springframework.security.web.authentication.AuthenticationConverter authenticationConverter) Sets theAuthenticationConverter
used when attempting to extract a Device Verification Request (or Device Authorization Consent) fromHttpServletRequest
to an instance ofOAuth2DeviceVerificationAuthenticationToken
orOAuth2DeviceAuthorizationConsentAuthenticationToken
used for authenticating the request.void
setAuthenticationDetailsSource
(org.springframework.security.authentication.AuthenticationDetailsSource<jakarta.servlet.http.HttpServletRequest, ?> authenticationDetailsSource) Sets theAuthenticationDetailsSource
used for building an authentication details instance fromHttpServletRequest
.void
setAuthenticationFailureHandler
(org.springframework.security.web.authentication.AuthenticationFailureHandler authenticationFailureHandler) Sets theAuthenticationFailureHandler
used for handling anOAuth2AuthenticationException
and returning theError Response
.void
setAuthenticationSuccessHandler
(org.springframework.security.web.authentication.AuthenticationSuccessHandler authenticationSuccessHandler) Sets theAuthenticationSuccessHandler
used for handling anOAuth2DeviceVerificationAuthenticationToken
and returning the response.void
setConsentPage
(String consentPage) Specify the URI to redirect Resource Owners to if consent is required.Methods inherited from class org.springframework.web.filter.OncePerRequestFilter
doFilter, doFilterNestedErrorDispatch, getAlreadyFilteredAttributeName, isAsyncDispatch, isAsyncStarted, shouldNotFilter, shouldNotFilterAsyncDispatch, shouldNotFilterErrorDispatch
Methods inherited from class org.springframework.web.filter.GenericFilterBean
addRequiredProperty, afterPropertiesSet, createEnvironment, destroy, getEnvironment, getFilterConfig, getFilterName, getServletContext, init, initBeanWrapper, initFilterBean, setBeanName, setEnvironment, setServletContext
-
Constructor Details
-
OAuth2DeviceVerificationEndpointFilter
public OAuth2DeviceVerificationEndpointFilter(org.springframework.security.authentication.AuthenticationManager authenticationManager) Constructs anOAuth2DeviceVerificationEndpointFilter
using the provided parameters.- Parameters:
authenticationManager
- the authentication manager
-
OAuth2DeviceVerificationEndpointFilter
public OAuth2DeviceVerificationEndpointFilter(org.springframework.security.authentication.AuthenticationManager authenticationManager, String deviceVerificationEndpointUri) Constructs anOAuth2DeviceVerificationEndpointFilter
using the provided parameters.- Parameters:
authenticationManager
- the authentication managerdeviceVerificationEndpointUri
- the endpointURI
for device verification requests
-
-
Method Details
-
doFilterInternal
protected void doFilterInternal(jakarta.servlet.http.HttpServletRequest request, jakarta.servlet.http.HttpServletResponse response, jakarta.servlet.FilterChain filterChain) throws jakarta.servlet.ServletException, IOException - Specified by:
doFilterInternal
in classorg.springframework.web.filter.OncePerRequestFilter
- Throws:
jakarta.servlet.ServletException
IOException
-
setAuthenticationDetailsSource
public void setAuthenticationDetailsSource(org.springframework.security.authentication.AuthenticationDetailsSource<jakarta.servlet.http.HttpServletRequest, ?> authenticationDetailsSource) Sets theAuthenticationDetailsSource
used for building an authentication details instance fromHttpServletRequest
.- Parameters:
authenticationDetailsSource
- theAuthenticationDetailsSource
used for building an authentication details instance fromHttpServletRequest
-
setAuthenticationConverter
public void setAuthenticationConverter(org.springframework.security.web.authentication.AuthenticationConverter authenticationConverter) Sets theAuthenticationConverter
used when attempting to extract a Device Verification Request (or Device Authorization Consent) fromHttpServletRequest
to an instance ofOAuth2DeviceVerificationAuthenticationToken
orOAuth2DeviceAuthorizationConsentAuthenticationToken
used for authenticating the request.- Parameters:
authenticationConverter
- theAuthenticationConverter
used when attempting to extract a Device Verification Request (or Device Authorization Consent) fromHttpServletRequest
-
setAuthenticationSuccessHandler
public void setAuthenticationSuccessHandler(org.springframework.security.web.authentication.AuthenticationSuccessHandler authenticationSuccessHandler) Sets theAuthenticationSuccessHandler
used for handling anOAuth2DeviceVerificationAuthenticationToken
and returning the response.- Parameters:
authenticationSuccessHandler
- theAuthenticationSuccessHandler
used for handling anOAuth2DeviceVerificationAuthenticationToken
-
setAuthenticationFailureHandler
public void setAuthenticationFailureHandler(org.springframework.security.web.authentication.AuthenticationFailureHandler authenticationFailureHandler) Sets theAuthenticationFailureHandler
used for handling anOAuth2AuthenticationException
and returning theError Response
.- Parameters:
authenticationFailureHandler
- theAuthenticationFailureHandler
used for handling anOAuth2AuthenticationException
-
setConsentPage
Specify the URI to redirect Resource Owners to if consent is required. A default consent page will be generated when this attribute is not specified.- Parameters:
consentPage
- the URI of the custom consent page to redirect to if consent is required (e.g. "/oauth2/consent")
-