public class AuthorizationCodeRequestRedirectFilter
extends OncePerRequestFilter
Filter
initiates the authorization code grant flow by redirecting
the end-user's user-agent to the authorization server's Authorization Endpoint.
It uses an AuthorizationRequestUriBuilder
to build the OAuth 2.0 Authorization Request,
which is used as the redirect URI
to the Authorization Endpoint.
The redirect URI
will include the client identifier, requested scope(s), state, response type, and a redirection URI
which the authorization server will send the user-agent back to (handled by AuthorizationCodeAuthenticationProcessingFilter
)
once access is granted (or denied) by the end-user (resource owner).
Modifier and Type | Field and Description |
---|---|
static java.lang.String |
AUTHORIZATION_BASE_URI |
Constructor and Description |
---|
AuthorizationCodeRequestRedirectFilter(ClientRegistrationRepository clientRegistrationRepository,
AuthorizationRequestUriBuilder authorizationUriBuilder) |
Modifier and Type | Method and Description |
---|---|
protected void |
doFilterInternal(HttpServletRequest request,
HttpServletResponse response,
FilterChain filterChain) |
protected boolean |
requiresAuthorization(HttpServletRequest request,
HttpServletResponse response) |
protected void |
sendRedirectForAuthorization(HttpServletRequest request,
HttpServletResponse response) |
void |
setAuthorizationRequestRepository(AuthorizationRequestRepository authorizationRequestRepository) |
protected void |
unsuccessfulAuthorization(HttpServletRequest request,
HttpServletResponse response,
java.lang.Exception failed) |
public static final java.lang.String AUTHORIZATION_BASE_URI
public AuthorizationCodeRequestRedirectFilter(ClientRegistrationRepository clientRegistrationRepository, AuthorizationRequestUriBuilder authorizationUriBuilder)
public final void setAuthorizationRequestRepository(AuthorizationRequestRepository authorizationRequestRepository)
protected void doFilterInternal(HttpServletRequest request, HttpServletResponse response, FilterChain filterChain) throws ServletException, java.io.IOException
ServletException
java.io.IOException
protected boolean requiresAuthorization(HttpServletRequest request, HttpServletResponse response)
protected void sendRedirectForAuthorization(HttpServletRequest request, HttpServletResponse response) throws java.io.IOException, ServletException
java.io.IOException
ServletException
protected void unsuccessfulAuthorization(HttpServletRequest request, HttpServletResponse response, java.lang.Exception failed) throws java.io.IOException, ServletException
java.io.IOException
ServletException