Class OneTimeTokenAuthenticationToken

java.lang.Object
org.springframework.security.authentication.AbstractAuthenticationToken
org.springframework.security.authentication.ott.OneTimeTokenAuthenticationToken
All Implemented Interfaces:
Serializable, Principal, Authentication, CredentialsContainer

public class OneTimeTokenAuthenticationToken extends AbstractAuthenticationToken
Represents a One-Time Token authentication that can be authenticated or not.
Since:
6.4
See Also:
  • Constructor Details

    • OneTimeTokenAuthenticationToken

      @Deprecated(forRemoval=true, since="7.0") public OneTimeTokenAuthenticationToken(@Nullable Object principal, String tokenValue)
      Deprecated, for removal: This API element is subject to removal in a future version.
      Please use constructor that takes a String instead
    • OneTimeTokenAuthenticationToken

      public OneTimeTokenAuthenticationToken(String tokenValue)
    • OneTimeTokenAuthenticationToken

      @Deprecated(forRemoval=true, since="7.0") public OneTimeTokenAuthenticationToken(Object principal, Collection<? extends GrantedAuthority> authorities)
      Deprecated, for removal: This API element is subject to removal in a future version.
      Please use OneTimeTokenAuthentication instead
  • Method Details

    • unauthenticated

      @Deprecated(forRemoval=true, since="7.0") public static OneTimeTokenAuthenticationToken unauthenticated(@Nullable String tokenValue)
      Deprecated, for removal: This API element is subject to removal in a future version.
      Please use constructor that takes a String instead
      Creates an unauthenticated token
      Parameters:
      tokenValue - the one-time token value
      Returns:
      an unauthenticated OneTimeTokenAuthenticationToken
    • unauthenticated

      @Deprecated(forRemoval=true, since="7.0") public static OneTimeTokenAuthenticationToken unauthenticated(Object principal, String tokenValue)
      Deprecated, for removal: This API element is subject to removal in a future version.
      Please use constructor that takes a String instead
      Creates an unauthenticated token
      Parameters:
      principal - the principal
      tokenValue - the one-time token value
      Returns:
      an unauthenticated OneTimeTokenAuthenticationToken
    • authenticated

      @Deprecated(forRemoval=true, since="7.0") public static OneTimeTokenAuthenticationToken authenticated(Object principal, Collection<? extends GrantedAuthority> authorities)
      Deprecated, for removal: This API element is subject to removal in a future version.
      Please use OneTimeTokenAuthentication instead
      Creates an unauthenticated token
      Parameters:
      principal - the principal
      authorities - the principal authorities
      Returns:
      an authenticated OneTimeTokenAuthenticationToken
    • getTokenValue

      public @Nullable String getTokenValue()
      Returns the one-time token value
      Returns:
    • getCredentials

      public @Nullable Object getCredentials()
      Description copied from interface: Authentication
      The credentials that prove the principal is correct. This is usually a password, but could be anything relevant to the AuthenticationManager. Callers are expected to populate the credentials.
      Returns:
      the credentials that prove the identity of the Principal
    • getPrincipal

      public @Nullable Object getPrincipal()
      Description copied from interface: Authentication
      The identity of the principal being authenticated. In the case of an authentication request with username and password, this would be the username. Callers are expected to populate the principal for an authentication request.

      The AuthenticationManager implementation will often return an Authentication containing richer information as the principal for use by the application. Many of the authentication providers will create a UserDetails object as the principal.

      Returns:
      the Principal being authenticated or the authenticated principal after authentication.