org.springframework.security.oauth2.provider

Class OAuth2Authentication

java.lang.Object

org.springframework.security.authentication.AbstractAuthenticationToken

org.springframework.security.oauth2.provider.OAuth2Authentication

All Implemented Interfaces:

Serializable, Principal, org.springframework.security.core.Authentication, org.springframework.security.core.CredentialsContainer

public class OAuth2Authentication
extends org.springframework.security.authentication.AbstractAuthenticationToken

An OAuth 2 authentication token can contain two authentications: one for the client and one for the user. Since some OAuth authorization grants don't require user authentication, the user authentication may be null.

Author:

Ryan Heaton

See Also:

Serialized Form

Constructor Summary

Constructors

Constructor and Description
OAuth2Authentication(OAuth2Request storedRequest, org.springframework.security.core.Authentication userAuthentication) Construct an OAuth 2 authentication.

Method Summary

Methods

Modifier and Type	Method and Description
boolean	equals(Object o)
void	eraseCredentials()
Object	getCredentials()
OAuth2Request	getOAuth2Request() The authorization request containing details of the client application.
Object	getPrincipal()
org.springframework.security.core.Authentication	getUserAuthentication() The user authentication.
int	hashCode()
boolean	isAuthenticated()
boolean	isClientOnly() Convenience method to check if there is a user associated with this token, or just a client application.

Methods inherited from class org.springframework.security.authentication.AbstractAuthenticationToken

getAuthorities, getDetails, getName, setAuthenticated, setDetails, toString

Methods inherited from class java.lang.Object

clone, finalize, getClass, notify, notifyAll, wait, wait, wait

Constructor Detail

OAuth2Authentication

public OAuth2Authentication(OAuth2Request storedRequest,
                    org.springframework.security.core.Authentication userAuthentication)

Construct an OAuth 2 authentication. Since some grant types don't require user authentication, the user authentication may be null.

Parameters:

storedRequest - The authorization request (must not be null).

userAuthentication - The user authentication (possibly null).

Method Detail

getCredentials

public Object getCredentials()

getPrincipal

public Object getPrincipal()

isClientOnly

public boolean isClientOnly()

Convenience method to check if there is a user associated with this token, or just a client application.

Returns:

true if this token represents a client app not acting on behalf of a user

getOAuth2Request

public OAuth2Request getOAuth2Request()

The authorization request containing details of the client application.

Returns:

The client authentication.

getUserAuthentication

public org.springframework.security.core.Authentication getUserAuthentication()

The user authentication.

Returns:

The user authentication.

isAuthenticated

public boolean isAuthenticated()

Specified by:

isAuthenticated in interface org.springframework.security.core.Authentication

Overrides:

isAuthenticated in class org.springframework.security.authentication.AbstractAuthenticationToken

eraseCredentials

public void eraseCredentials()

Specified by:

eraseCredentials in interface org.springframework.security.core.CredentialsContainer

Overrides:

eraseCredentials in class org.springframework.security.authentication.AbstractAuthenticationToken

equals

public boolean equals(Object o)

Specified by:

equals in interface Principal

Overrides:

equals in class org.springframework.security.authentication.AbstractAuthenticationToken

hashCode

public int hashCode()

Specified by:

hashCode in interface Principal

Overrides:

hashCode in class org.springframework.security.authentication.AbstractAuthenticationToken