org.springframework.security.oauth2.client.authentication

Class OAuth2UserAuthenticationProvider

java.lang.Object

org.springframework.security.oauth2.client.authentication.OAuth2UserAuthenticationProvider

All Implemented Interfaces:

AuthenticationProvider

public class OAuth2UserAuthenticationProvider
extends java.lang.Object
implements AuthenticationProvider

An implementation of an AuthenticationProvider that is responsible for obtaining the user attributes of the End-User (resource owner) from the UserInfo Endpoint and creating a Principal in the form of an OAuth2User.

The OAuth2UserAuthenticationProvider uses an OAuth2UserService for loading the OAuth2User and then associating it to the returned OAuth2UserAuthenticationToken.

Since:

5.0

See Also:

OAuth2UserAuthenticationToken, OidcUserAuthenticationToken, OAuth2ClientAuthenticationToken, OidcClientAuthenticationToken, OAuth2UserService, DefaultOAuth2UserService, OidcUserService, OAuth2User, OidcUser

Constructor Summary

Constructors

Constructor and Description
OAuth2UserAuthenticationProvider(OAuth2UserService userService)

Method Summary

Modifier and Type	Method and Description
Authentication	authenticate(Authentication authentication) Performs authentication with the same contract as AuthenticationManager.authenticate(Authentication) .
void	setAuthoritiesMapper(GrantedAuthoritiesMapper authoritiesMapper)
boolean	supports(java.lang.Class<?> authentication) Returns true if this AuthenticationProvider supports the indicated Authentication object.

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Constructor Detail

OAuth2UserAuthenticationProvider

public OAuth2UserAuthenticationProvider(OAuth2UserService userService)

Method Detail

authenticate

public Authentication authenticate(Authentication authentication)
                            throws AuthenticationException

Description copied from interface: AuthenticationProvider

Performs authentication with the same contract as AuthenticationManager.authenticate(Authentication) .

Specified by:

authenticate in interface AuthenticationProvider

Parameters:

authentication - the authentication request object.

Returns:

a fully authenticated object including credentials. May return null if the AuthenticationProvider is unable to support authentication of the passed Authentication object. In such a case, the next AuthenticationProvider that supports the presented Authentication class will be tried.

Throws:

AuthenticationException - if authentication fails.

setAuthoritiesMapper

public final void setAuthoritiesMapper(GrantedAuthoritiesMapper authoritiesMapper)

supports

public boolean supports(java.lang.Class<?> authentication)

Description copied from interface: AuthenticationProvider

Returns true if this AuthenticationProvider supports the indicated Authentication object.

Returning true does not guarantee an AuthenticationProvider will be able to authenticate the presented instance of the Authentication class. It simply indicates it can support closer evaluation of it. An AuthenticationProvider can still return null from the AuthenticationProvider.authenticate(Authentication) method to indicate another AuthenticationProvider should be tried.

Selection of an AuthenticationProvider capable of performing authentication is conducted at runtime the ProviderManager.

Specified by:

supports in interface AuthenticationProvider

Returns:

true if the implementation can more closely evaluate the Authentication class presented