public final class ServerOAuth2AuthorizedClientExchangeFilterFunction
extends java.lang.Object
implements org.springframework.web.reactive.function.client.ExchangeFilterFunction
OAuth2AuthorizedClient
to make OAuth2 requests by including the
token as a Bearer Token.Constructor and Description |
---|
ServerOAuth2AuthorizedClientExchangeFilterFunction(ReactiveClientRegistrationRepository clientRegistrationRepository,
ServerOAuth2AuthorizedClientRepository authorizedClientRepository) |
Modifier and Type | Method and Description |
---|---|
static java.util.function.Consumer<java.util.Map<java.lang.String,java.lang.Object>> |
clientRegistrationId(java.lang.String clientRegistrationId)
Modifies the
ClientRequest.attributes() to include the ClientRegistration.getRegistrationId() to
be used to look up the OAuth2AuthorizedClient . |
reactor.core.publisher.Mono<org.springframework.web.reactive.function.client.ClientResponse> |
filter(org.springframework.web.reactive.function.client.ClientRequest request,
org.springframework.web.reactive.function.client.ExchangeFunction next) |
static java.util.function.Consumer<java.util.Map<java.lang.String,java.lang.Object>> |
oauth2AuthorizedClient(OAuth2AuthorizedClient authorizedClient)
Modifies the
ClientRequest.attributes() to include the OAuth2AuthorizedClient to be used for
providing the Bearer Token. |
static java.util.function.Consumer<java.util.Map<java.lang.String,java.lang.Object>> |
serverWebExchange(org.springframework.web.server.ServerWebExchange serverWebExchange)
Modifies the
ClientRequest.attributes() to include the OAuth2AuthorizedClient to be used for
providing the Bearer Token. |
void |
setAccessTokenExpiresSkew(java.time.Duration accessTokenExpiresSkew)
An access token will be considered expired by comparing its expiration to now +
this skewed Duration.
|
void |
setClientCredentialsTokenResponseClient(ReactiveOAuth2AccessTokenResponseClient<OAuth2ClientCredentialsGrantRequest> clientCredentialsTokenResponseClient)
Sets the
ReactiveOAuth2AccessTokenResponseClient to be used for getting an OAuth2AuthorizedClient for
client_credentials grant. |
void |
setDefaultOAuth2AuthorizedClient(boolean defaultOAuth2AuthorizedClient)
If true, a default
OAuth2AuthorizedClient can be discovered from the current Authentication. |
public ServerOAuth2AuthorizedClientExchangeFilterFunction(ReactiveClientRegistrationRepository clientRegistrationRepository, ServerOAuth2AuthorizedClientRepository authorizedClientRepository)
public static java.util.function.Consumer<java.util.Map<java.lang.String,java.lang.Object>> oauth2AuthorizedClient(OAuth2AuthorizedClient authorizedClient)
ClientRequest.attributes()
to include the OAuth2AuthorizedClient
to be used for
providing the Bearer Token. Example usage:
WebClient webClient = WebClient.builder() .filter(new OAuth2AuthorizedClientExchangeFilterFunction(authorizedClientRepository)) .build(); MonoAn attempt to automatically refresh the token will be made if all of the following are true:response = webClient .get() .uri(uri) .attributes(oauth2AuthorizedClient(authorizedClient)) // ... .retrieve() .bodyToMono(String.class);
ServerOAuth2AuthorizedClientExchangeFilterFunction
is not nullsetAccessTokenExpiresSkew(Duration)
ReactiveSecurityContextHolder
will be used to attempt to save
the token. If it is empty, then the principal name on the OAuth2AuthorizedClient
will be used to create an Authentication for saving.authorizedClient
- the OAuth2AuthorizedClient
to use.Consumer
to populate thepublic static java.util.function.Consumer<java.util.Map<java.lang.String,java.lang.Object>> serverWebExchange(org.springframework.web.server.ServerWebExchange serverWebExchange)
ClientRequest.attributes()
to include the OAuth2AuthorizedClient
to be used for
providing the Bearer Token. Example usage:
WebClient webClient = WebClient.builder() .filter(new OAuth2AuthorizedClientExchangeFilterFunction(authorizedClientRepository)) .build(); Monoresponse = webClient .get() .uri(uri) .attributes(serverWebExchange(serverWebExchange)) // ... .retrieve() .bodyToMono(String.class);
serverWebExchange
- the ServerWebExchange
to useConsumer
to populate the client request attributespublic static java.util.function.Consumer<java.util.Map<java.lang.String,java.lang.Object>> clientRegistrationId(java.lang.String clientRegistrationId)
ClientRequest.attributes()
to include the ClientRegistration.getRegistrationId()
to
be used to look up the OAuth2AuthorizedClient
.clientRegistrationId
- the ClientRegistration.getRegistrationId()
to
be used to look up the OAuth2AuthorizedClient
.Consumer
to populate the attributespublic void setDefaultOAuth2AuthorizedClient(boolean defaultOAuth2AuthorizedClient)
OAuth2AuthorizedClient
can be discovered from the current Authentication. It is
recommended to be cautious with this feature since all HTTP requests will receive the access token if it can be
resolved from the current Authentication.defaultOAuth2AuthorizedClient
- true if a default OAuth2AuthorizedClient
should be used, else false.
Default is false.public void setClientCredentialsTokenResponseClient(ReactiveOAuth2AccessTokenResponseClient<OAuth2ClientCredentialsGrantRequest> clientCredentialsTokenResponseClient)
ReactiveOAuth2AccessTokenResponseClient
to be used for getting an OAuth2AuthorizedClient
for
client_credentials grant.clientCredentialsTokenResponseClient
- the client to usepublic void setAccessTokenExpiresSkew(java.time.Duration accessTokenExpiresSkew)
accessTokenExpiresSkew
- the Duration to use.public reactor.core.publisher.Mono<org.springframework.web.reactive.function.client.ClientResponse> filter(org.springframework.web.reactive.function.client.ClientRequest request, org.springframework.web.reactive.function.client.ExchangeFunction next)
filter
in interface org.springframework.web.reactive.function.client.ExchangeFilterFunction