public class AuthorizationCodeRequestRedirectFilter
extends org.springframework.web.filter.OncePerRequestFilter
Filter
initiates the authorization code grant flow by redirecting
the end-user's user-agent to the authorization server's Authorization Endpoint.
It uses an AuthorizationRequestUriBuilder
to build the OAuth 2.0 Authorization Request,
which is used as the redirect URI
to the Authorization Endpoint.
The redirect URI
will include the client identifier, requested scope(s), state, response type, and a redirection URI
which the authorization server will send the user-agent back to (handled by AuthorizationCodeAuthenticationFilter
)
once access is granted (or denied) by the end-user (resource owner).
Modifier and Type | Field and Description |
---|---|
static java.lang.String |
DEFAULT_AUTHORIZATION_REQUEST_BASE_URI |
static java.lang.String |
REGISTRATION_ID_URI_VARIABLE_NAME |
Constructor and Description |
---|
AuthorizationCodeRequestRedirectFilter(ClientRegistrationRepository clientRegistrationRepository) |
AuthorizationCodeRequestRedirectFilter(java.lang.String authorizationRequestBaseUri,
ClientRegistrationRepository clientRegistrationRepository) |
Modifier and Type | Method and Description |
---|---|
protected void |
doFilterInternal(javax.servlet.http.HttpServletRequest request,
javax.servlet.http.HttpServletResponse response,
javax.servlet.FilterChain filterChain) |
protected void |
sendRedirectForAuthorizationCode(javax.servlet.http.HttpServletRequest request,
javax.servlet.http.HttpServletResponse response) |
void |
setAuthorizationRequestRepository(AuthorizationRequestRepository authorizationRequestRepository) |
void |
setAuthorizationUriBuilder(AuthorizationRequestUriBuilder authorizationUriBuilder) |
protected boolean |
shouldRequestAuthorizationCode(javax.servlet.http.HttpServletRequest request,
javax.servlet.http.HttpServletResponse response) |
protected void |
unsuccessfulRedirectForAuthorizationCode(javax.servlet.http.HttpServletRequest request,
javax.servlet.http.HttpServletResponse response,
java.lang.Exception failed) |
doFilter, getAlreadyFilteredAttributeName, isAsyncDispatch, isAsyncStarted, shouldNotFilter, shouldNotFilterAsyncDispatch, shouldNotFilterErrorDispatch
public static final java.lang.String DEFAULT_AUTHORIZATION_REQUEST_BASE_URI
public static final java.lang.String REGISTRATION_ID_URI_VARIABLE_NAME
public AuthorizationCodeRequestRedirectFilter(ClientRegistrationRepository clientRegistrationRepository)
public AuthorizationCodeRequestRedirectFilter(java.lang.String authorizationRequestBaseUri, ClientRegistrationRepository clientRegistrationRepository)
public final void setAuthorizationUriBuilder(AuthorizationRequestUriBuilder authorizationUriBuilder)
public final void setAuthorizationRequestRepository(AuthorizationRequestRepository authorizationRequestRepository)
protected void doFilterInternal(javax.servlet.http.HttpServletRequest request, javax.servlet.http.HttpServletResponse response, javax.servlet.FilterChain filterChain) throws javax.servlet.ServletException, java.io.IOException
doFilterInternal
in class org.springframework.web.filter.OncePerRequestFilter
javax.servlet.ServletException
java.io.IOException
protected boolean shouldRequestAuthorizationCode(javax.servlet.http.HttpServletRequest request, javax.servlet.http.HttpServletResponse response)
protected void sendRedirectForAuthorizationCode(javax.servlet.http.HttpServletRequest request, javax.servlet.http.HttpServletResponse response) throws java.io.IOException, javax.servlet.ServletException
java.io.IOException
javax.servlet.ServletException
protected void unsuccessfulRedirectForAuthorizationCode(javax.servlet.http.HttpServletRequest request, javax.servlet.http.HttpServletResponse response, java.lang.Exception failed) throws java.io.IOException, javax.servlet.ServletException
java.io.IOException
javax.servlet.ServletException