public class AuthorizationCodeAuthenticationFilter extends AbstractAuthenticationProcessingFilter
AbstractAuthenticationProcessingFilter
that handles
the processing of an OAuth 2.0 Authorization Response for the authorization code grant flow.
This Filter
processes the Authorization Response as follows:
OAuth2Parameter.CODE
and OAuth2Parameter.STATE
(if provided in the Authorization Request) parameters
to the OAuth2Parameter.REDIRECT_URI
(provided in the Authorization Request)
and redirect the end-user's user-agent back to this Filter
(the client).
Filter
will then create an AuthorizationCodeAuthenticationToken
with
the OAuth2Parameter.CODE
received in the previous step and delegate it to
AuthorizationCodeAuthenticationProvider.authenticate(Authentication)
(indirectly via AuthenticationManager
).
AbstractAuthenticationProcessingFilter
,
AuthorizationCodeAuthenticationToken
,
AuthorizationCodeAuthenticationProvider
,
AuthorizationCodeRequestRedirectFilter
,
AuthorizationRequest
,
AuthorizationRequestRepository
,
ClientRegistrationRepository
,
Section 4.1 Authorization Code Grant Flow,
Section 4.1.2 Authorization ResponseModifier and Type | Field and Description |
---|---|
static java.lang.String |
DEFAULT_AUTHORIZATION_RESPONSE_BASE_URI |
authenticationDetailsSource, eventPublisher, messages
Constructor and Description |
---|
AuthorizationCodeAuthenticationFilter() |
AuthorizationCodeAuthenticationFilter(java.lang.String authorizationResponseBaseUri) |
Modifier and Type | Method and Description |
---|---|
void |
afterPropertiesSet() |
Authentication |
attemptAuthentication(javax.servlet.http.HttpServletRequest request,
javax.servlet.http.HttpServletResponse response)
Performs actual authentication.
|
RequestMatcher |
getAuthorizationResponseMatcher() |
void |
setAuthorizationRequestRepository(AuthorizationRequestRepository authorizationRequestRepository) |
void |
setAuthorizationResponseBaseUri(java.lang.String authorizationResponseBaseUri) |
void |
setClientRegistrationRepository(ClientRegistrationRepository clientRegistrationRepository) |
doFilter, getAllowSessionCreation, getAuthenticationManager, getFailureHandler, getRememberMeServices, getSuccessHandler, requiresAuthentication, setAllowSessionCreation, setApplicationEventPublisher, setAuthenticationDetailsSource, setAuthenticationFailureHandler, setAuthenticationManager, setAuthenticationSuccessHandler, setContinueChainBeforeSuccessfulAuthentication, setFilterProcessesUrl, setMessageSource, setRememberMeServices, setRequiresAuthenticationRequestMatcher, setSessionAuthenticationStrategy, successfulAuthentication, unsuccessfulAuthentication
public static final java.lang.String DEFAULT_AUTHORIZATION_RESPONSE_BASE_URI
public AuthorizationCodeAuthenticationFilter()
public AuthorizationCodeAuthenticationFilter(java.lang.String authorizationResponseBaseUri)
public void afterPropertiesSet()
afterPropertiesSet
in interface org.springframework.beans.factory.InitializingBean
afterPropertiesSet
in class AbstractAuthenticationProcessingFilter
public Authentication attemptAuthentication(javax.servlet.http.HttpServletRequest request, javax.servlet.http.HttpServletResponse response) throws AuthenticationException, java.io.IOException, javax.servlet.ServletException
AbstractAuthenticationProcessingFilter
The implementation should do one of the following:
attemptAuthentication
in class AbstractAuthenticationProcessingFilter
request
- from which to extract parameters and perform the authenticationresponse
- the response, which may be needed if the implementation has to do a
redirect as part of a multi-stage authentication process (such as OpenID).AuthenticationException
- if authentication fails.java.io.IOException
javax.servlet.ServletException
public final RequestMatcher getAuthorizationResponseMatcher()
public final void setAuthorizationResponseBaseUri(java.lang.String authorizationResponseBaseUri)
public final void setClientRegistrationRepository(ClientRegistrationRepository clientRegistrationRepository)
public final void setAuthorizationRequestRepository(AuthorizationRequestRepository authorizationRequestRepository)