public class OAuth2LoginAuthenticationFilter extends AbstractAuthenticationProcessingFilter
AbstractAuthenticationProcessingFilter
for OAuth 2.0 Login.
This authentication Filter
handles the processing of an OAuth 2.0 Authorization Response
for the authorization code grant flow and delegates an OAuth2LoginAuthenticationToken
to the AuthenticationManager
to log in the End-User.
The OAuth 2.0 Authorization Response is processed as follows:
code
and state
parameters
to the redirect_uri
(provided in the Authorization Request)
and redirect the End-User's user-agent back to this Filter
(the Client).
Filter
will then create an OAuth2LoginAuthenticationToken
with
the code
received and
delegate it to the AuthenticationManager
to authenticate.
OAuth2AuthenticationToken
is created (representing the End-User Principal
)
and associated to the Authorized Client
using the OAuth2AuthorizedClientService
.
OAuth2AuthenticationToken
is returned and ultimately stored
in the SecurityContextRepository
to complete the authentication processing.
AbstractAuthenticationProcessingFilter
,
OAuth2LoginAuthenticationToken
,
OAuth2AuthenticationToken
,
OAuth2LoginAuthenticationProvider
,
OAuth2AuthorizationRequest
,
OAuth2AuthorizationResponse
,
AuthorizationRequestRepository
,
OAuth2AuthorizationRequestRedirectFilter
,
ClientRegistrationRepository
,
OAuth2AuthorizedClient
,
OAuth2AuthorizedClientService
,
Section 4.1 Authorization Code Grant,
Section 4.1.2 Authorization ResponseModifier and Type | Field and Description |
---|---|
static java.lang.String |
DEFAULT_FILTER_PROCESSES_URI
The default
URI where this Filter processes authentication requests. |
authenticationDetailsSource, eventPublisher, messages
Constructor and Description |
---|
OAuth2LoginAuthenticationFilter(ClientRegistrationRepository clientRegistrationRepository,
OAuth2AuthorizedClientService authorizedClientService)
Constructs an
OAuth2LoginAuthenticationFilter using the provided parameters. |
OAuth2LoginAuthenticationFilter(ClientRegistrationRepository clientRegistrationRepository,
OAuth2AuthorizedClientService authorizedClientService,
java.lang.String filterProcessesUrl)
Constructs an
OAuth2LoginAuthenticationFilter using the provided parameters. |
Modifier and Type | Method and Description |
---|---|
Authentication |
attemptAuthentication(javax.servlet.http.HttpServletRequest request,
javax.servlet.http.HttpServletResponse response)
Performs actual authentication.
|
void |
setAuthorizationRequestRepository(AuthorizationRequestRepository<OAuth2AuthorizationRequest> authorizationRequestRepository)
Sets the repository for stored
OAuth2AuthorizationRequest 's. |
afterPropertiesSet, doFilter, getAllowSessionCreation, getAuthenticationManager, getFailureHandler, getRememberMeServices, getSuccessHandler, requiresAuthentication, setAllowSessionCreation, setApplicationEventPublisher, setAuthenticationDetailsSource, setAuthenticationFailureHandler, setAuthenticationManager, setAuthenticationSuccessHandler, setContinueChainBeforeSuccessfulAuthentication, setFilterProcessesUrl, setMessageSource, setRememberMeServices, setRequiresAuthenticationRequestMatcher, setSessionAuthenticationStrategy, successfulAuthentication, unsuccessfulAuthentication
public static final java.lang.String DEFAULT_FILTER_PROCESSES_URI
URI
where this Filter
processes authentication requests.public OAuth2LoginAuthenticationFilter(ClientRegistrationRepository clientRegistrationRepository, OAuth2AuthorizedClientService authorizedClientService)
OAuth2LoginAuthenticationFilter
using the provided parameters.clientRegistrationRepository
- the repository of client registrationsauthorizedClientService
- the authorized client servicepublic OAuth2LoginAuthenticationFilter(ClientRegistrationRepository clientRegistrationRepository, OAuth2AuthorizedClientService authorizedClientService, java.lang.String filterProcessesUrl)
OAuth2LoginAuthenticationFilter
using the provided parameters.clientRegistrationRepository
- the repository of client registrationsauthorizedClientService
- the authorized client servicefilterProcessesUrl
- the URI
where this Filter
will process the authentication requestspublic Authentication attemptAuthentication(javax.servlet.http.HttpServletRequest request, javax.servlet.http.HttpServletResponse response) throws AuthenticationException, java.io.IOException, javax.servlet.ServletException
AbstractAuthenticationProcessingFilter
The implementation should do one of the following:
attemptAuthentication
in class AbstractAuthenticationProcessingFilter
request
- from which to extract parameters and perform the authenticationresponse
- the response, which may be needed if the implementation has to do a
redirect as part of a multi-stage authentication process (such as OpenID).AuthenticationException
- if authentication fails.java.io.IOException
javax.servlet.ServletException
public final void setAuthorizationRequestRepository(AuthorizationRequestRepository<OAuth2AuthorizationRequest> authorizationRequestRepository)
OAuth2AuthorizationRequest
's.authorizationRequestRepository
- the repository for stored OAuth2AuthorizationRequest
's