org.springframework.security.oauth2.client.token

Class AccessTokenProviderChain

java.lang.Object

org.springframework.security.oauth2.client.token.OAuth2AccessTokenSupport

org.springframework.security.oauth2.client.token.AccessTokenProviderChain

All Implemented Interfaces:

AccessTokenProvider

public class AccessTokenProviderChain
extends OAuth2AccessTokenSupport
implements AccessTokenProvider

A chain of OAuth2 access token providers. This implementation will iterate through its chain to find the first provider that supports the resource and use it to obtain the access token. Note that the order of the chain is relevant.

Author:

Ryan Heaton, Dave Syer

Field Summary

Fields inherited from class org.springframework.security.oauth2.client.token.OAuth2AccessTokenSupport

logger

Constructor Summary

Constructors

Constructor and Description
AccessTokenProviderChain(List<? extends AccessTokenProvider> chain)

Method Summary

Methods

Modifier and Type	Method and Description
OAuth2AccessToken	obtainAccessToken(OAuth2ProtectedResourceDetails resource, AccessTokenRequest request) Obtain a new access token for the specified protected resource.
protected OAuth2AccessToken	obtainNewAccessTokenInternal(OAuth2ProtectedResourceDetails details, AccessTokenRequest request)
OAuth2AccessToken	refreshAccessToken(OAuth2ProtectedResourceDetails resource, OAuth2RefreshToken refreshToken, AccessTokenRequest request) Obtain a new access token for the specified resource using the refresh token.
void	setClientTokenServices(ClientTokenServices clientTokenServices) Token services for long-term persistence of access tokens.
boolean	supportsRefresh(OAuth2ProtectedResourceDetails resource)
boolean	supportsResource(OAuth2ProtectedResourceDetails resource) Whether this provider supports the specified resource.

Methods inherited from class org.springframework.security.oauth2.client.token.OAuth2AccessTokenSupport

getAccessTokenUri, getHttpMethod, getRequestCallback, getResponseErrorHandler, getResponseExtractor, getRestTemplate, retrieveToken, setAuthenticationHandler, setInterceptors, setMessageConverters, setRequestFactory, setTokenRequestEnhancer

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Constructor Detail

AccessTokenProviderChain

public AccessTokenProviderChain(List<? extends AccessTokenProvider> chain)

Method Detail

setClientTokenServices

public void setClientTokenServices(ClientTokenServices clientTokenServices)

Token services for long-term persistence of access tokens.

Parameters:

clientTokenServices - the clientTokenServices to set

supportsResource

public boolean supportsResource(OAuth2ProtectedResourceDetails resource)

Description copied from interface: AccessTokenProvider

Whether this provider supports the specified resource.

Specified by:

supportsResource in interface AccessTokenProvider

Parameters:

resource - The resource.

Returns:

Whether this provider supports the specified resource.

supportsRefresh

public boolean supportsRefresh(OAuth2ProtectedResourceDetails resource)

Specified by:

supportsRefresh in interface AccessTokenProvider

Parameters:

resource - The resource to check

Returns:

true if this provider can refresh an access token

obtainAccessToken

public OAuth2AccessToken obtainAccessToken(OAuth2ProtectedResourceDetails resource,
                                  AccessTokenRequest request)
                                    throws UserRedirectRequiredException,
                                           org.springframework.security.access.AccessDeniedException

Description copied from interface: AccessTokenProvider

Obtain a new access token for the specified protected resource.

Specified by:

obtainAccessToken in interface AccessTokenProvider

Parameters:

resource - The protected resource for which this provider is to obtain an access token.

request - The parameters of the request giving context for the token details if any.

Returns:

The access token for the specified protected resource. The return value may NOT be null.

Throws:

UserRedirectRequiredException - If the provider requires the current user to be redirected for authorization.

org.springframework.security.access.AccessDeniedException - If the user denies access to the protected resource.

obtainNewAccessTokenInternal

protected OAuth2AccessToken obtainNewAccessTokenInternal(OAuth2ProtectedResourceDetails details,
                                             AccessTokenRequest request)
                                                  throws UserRedirectRequiredException,
                                                         org.springframework.security.access.AccessDeniedException

Throws:

UserRedirectRequiredException

org.springframework.security.access.AccessDeniedException

refreshAccessToken

public OAuth2AccessToken refreshAccessToken(OAuth2ProtectedResourceDetails resource,
                                   OAuth2RefreshToken refreshToken,
                                   AccessTokenRequest request)
                                     throws UserRedirectRequiredException

Obtain a new access token for the specified resource using the refresh token.

Specified by:

refreshAccessToken in interface AccessTokenProvider

Parameters:

resource - The resource.

refreshToken - The refresh token.

Returns:

The access token, or null if failed.

Throws:

UserRedirectRequiredException