java.lang.Object
org.springframework.security.oauth2.server.authorization.oidc.authentication.OidcLogoutAuthenticationProvider
All Implemented Interfaces:
org.springframework.security.authentication.AuthenticationProvider

public final class OidcLogoutAuthenticationProvider extends Object implements org.springframework.security.authentication.AuthenticationProvider
An AuthenticationProvider implementation for OpenID Connect 1.0 RP-Initiated Logout Endpoint.
Since:
1.1
See Also:
  • Constructor Details

    • OidcLogoutAuthenticationProvider

      public OidcLogoutAuthenticationProvider(RegisteredClientRepository registeredClientRepository, OAuth2AuthorizationService authorizationService, org.springframework.security.core.session.SessionRegistry sessionRegistry)
      Constructs an OidcLogoutAuthenticationProvider using the provided parameters.
      Parameters:
      registeredClientRepository - the repository of registered clients
      authorizationService - the authorization service
      sessionRegistry - the SessionRegistry used to track OpenID Connect sessions
  • Method Details

    • authenticate

      public org.springframework.security.core.Authentication authenticate(org.springframework.security.core.Authentication authentication) throws org.springframework.security.core.AuthenticationException
      Specified by:
      authenticate in interface org.springframework.security.authentication.AuthenticationProvider
      Throws:
      org.springframework.security.core.AuthenticationException
    • supports

      public boolean supports(Class<?> authentication)
      Specified by:
      supports in interface org.springframework.security.authentication.AuthenticationProvider
    • setAuthenticationValidator

      public void setAuthenticationValidator(Consumer<OidcLogoutAuthenticationContext> authenticationValidator)
      Sets the Consumer providing access to the OidcLogoutAuthenticationContext and is responsible for validating specific OpenID Connect RP-Initiated Logout Request parameters associated in the OidcLogoutAuthenticationToken. The default authentication validator is OidcLogoutAuthenticationValidator.

      NOTE: The authentication validator MUST throw OAuth2AuthenticationException if validation fails.

      Parameters:
      authenticationValidator - the Consumer providing access to the OidcLogoutAuthenticationContext and is responsible for validating specific OpenID Connect RP-Initiated Logout Request parameters
      Since:
      1.4