org.springframework.security.oauth2.client.authentication

Class OAuth2UserAuthenticationToken

java.lang.Object

org.springframework.security.authentication.AbstractAuthenticationToken

org.springframework.security.oauth2.client.authentication.OAuth2UserAuthenticationToken

All Implemented Interfaces:

java.io.Serializable, java.security.Principal, Authentication, CredentialsContainer

Direct Known Subclasses:

OidcUserAuthenticationToken

public class OAuth2UserAuthenticationToken
extends AbstractAuthenticationToken

An implementation of an AbstractAuthenticationToken that represents an OAuth 2.0 User Authentication.

This Authentication associates an OAuth2User principal to a OAuth2ClientAuthenticationToken which represents the "Authorized Client".

Since:

5.0

See Also:

OAuth2User, OAuth2ClientAuthenticationToken, Serialized Form

Constructor Summary

Constructors

Constructor and Description
OAuth2UserAuthenticationToken(OAuth2ClientAuthenticationToken clientAuthentication)
OAuth2UserAuthenticationToken(OAuth2User principal, java.util.Collection<? extends GrantedAuthority> authorities, OAuth2ClientAuthenticationToken clientAuthentication)

Method Summary

Modifier and Type	Method and Description
OAuth2ClientAuthenticationToken	getClientAuthentication()
java.lang.Object	getCredentials() The credentials that prove the principal is correct.
java.lang.Object	getPrincipal() The identity of the principal being authenticated.

Methods inherited from class org.springframework.security.authentication.AbstractAuthenticationToken

equals, eraseCredentials, getAuthorities, getDetails, getName, hashCode, isAuthenticated, setAuthenticated, setDetails, toString

Methods inherited from class java.lang.Object

clone, finalize, getClass, notify, notifyAll, wait, wait, wait

Methods inherited from interface java.security.Principal

implies

Constructor Detail

OAuth2UserAuthenticationToken

public OAuth2UserAuthenticationToken(OAuth2ClientAuthenticationToken clientAuthentication)

OAuth2UserAuthenticationToken

public OAuth2UserAuthenticationToken(OAuth2User principal,
                                     java.util.Collection<? extends GrantedAuthority> authorities,
                                     OAuth2ClientAuthenticationToken clientAuthentication)

Method Detail

getPrincipal

public java.lang.Object getPrincipal()

Description copied from interface: Authentication

The identity of the principal being authenticated. In the case of an authentication request with username and password, this would be the username. Callers are expected to populate the principal for an authentication request.

The AuthenticationManager implementation will often return an Authentication containing richer information as the principal for use by the application. Many of the authentication providers will create a UserDetails object as the principal.

Returns:

the Principal being authenticated or the authenticated principal after authentication.

getCredentials

public java.lang.Object getCredentials()

Description copied from interface: Authentication

The credentials that prove the principal is correct. This is usually a password, but could be anything relevant to the AuthenticationManager. Callers are expected to populate the credentials.

Returns:

the credentials that prove the identity of the Principal

getClientAuthentication

public OAuth2ClientAuthenticationToken getClientAuthentication()