public final class OAuth2ResourceServerConfigurer<H extends HttpSecurityBuilder<H>> extends AbstractHttpConfigurer<OAuth2ResourceServerConfigurer<H>,H>
AbstractHttpConfigurer
for OAuth 2.0 Resource Server Support.
By default, this wires a BearerTokenAuthenticationFilter
, which can be used to parse the request
for bearer tokens and make an authentication attempt.
The following configuration options are available:
accessDeniedHandler(AccessDeniedHandler)
authenticationEntryPoint(AuthenticationEntryPoint)
bearerTokenResolver(BearerTokenResolver)
- customizes how to resolve a bearer token from the requestjwt()
- enables Jwt-encoded bearer token support
When using jwt()
, either
OAuth2ResourceServerConfigurer.JwtConfigurer.jwkSetUri(java.lang.String)
, or
JwtDecoder
instance via OAuth2ResourceServerConfigurer.JwtConfigurer.decoder
, or
JwtDecoder
bean
jwt()
consider
Jwt
to an Authentication
with
OAuth2ResourceServerConfigurer.JwtConfigurer.jwtAuthenticationConverter(Converter)
Filter
s are populated when jwt()
is configured:
SessionCreationPolicy
(optional)BearerTokenAuthenticationFilter
,
JwtAuthenticationProvider
,
NimbusJwtDecoderJwkSupport
,
AbstractHttpConfigurer
Modifier and Type | Class and Description |
---|---|
class |
OAuth2ResourceServerConfigurer.JwtConfigurer |
Constructor and Description |
---|
OAuth2ResourceServerConfigurer(org.springframework.context.ApplicationContext context) |
Modifier and Type | Method and Description |
---|---|
OAuth2ResourceServerConfigurer<H> |
accessDeniedHandler(AccessDeniedHandler accessDeniedHandler) |
OAuth2ResourceServerConfigurer<H> |
authenticationEntryPoint(AuthenticationEntryPoint entryPoint) |
OAuth2ResourceServerConfigurer<H> |
bearerTokenResolver(BearerTokenResolver bearerTokenResolver) |
void |
configure(H http)
Configure the
SecurityBuilder by setting the necessary properties on the
SecurityBuilder . |
void |
init(H http)
Initialize the
SecurityBuilder . |
OAuth2ResourceServerConfigurer.JwtConfigurer |
jwt() |
disable, withObjectPostProcessor
addObjectPostProcessor, and, getBuilder, postProcess, setBuilder
public OAuth2ResourceServerConfigurer(org.springframework.context.ApplicationContext context)
public OAuth2ResourceServerConfigurer<H> accessDeniedHandler(AccessDeniedHandler accessDeniedHandler)
public OAuth2ResourceServerConfigurer<H> authenticationEntryPoint(AuthenticationEntryPoint entryPoint)
public OAuth2ResourceServerConfigurer<H> bearerTokenResolver(BearerTokenResolver bearerTokenResolver)
public OAuth2ResourceServerConfigurer.JwtConfigurer jwt()
public void init(H http) throws java.lang.Exception
SecurityConfigurer
SecurityBuilder
. Here only shared state should be created
and modified, but not properties on the SecurityBuilder
used for building
the object. This ensures that the SecurityConfigurer.configure(SecurityBuilder)
method uses
the correct shared objects when building.init
in interface SecurityConfigurer<DefaultSecurityFilterChain,H extends HttpSecurityBuilder<H>>
init
in class SecurityConfigurerAdapter<DefaultSecurityFilterChain,H extends HttpSecurityBuilder<H>>
java.lang.Exception
public void configure(H http) throws java.lang.Exception
SecurityConfigurer
SecurityBuilder
by setting the necessary properties on the
SecurityBuilder
.configure
in interface SecurityConfigurer<DefaultSecurityFilterChain,H extends HttpSecurityBuilder<H>>
configure
in class SecurityConfigurerAdapter<DefaultSecurityFilterChain,H extends HttpSecurityBuilder<H>>
java.lang.Exception