public final class ServletOAuth2AuthorizedClientExchangeFilterFunction
extends java.lang.Object
implements org.springframework.web.reactive.function.client.ExchangeFilterFunction, org.springframework.beans.factory.InitializingBean, org.springframework.beans.factory.DisposableBean
OAuth2AuthorizedClient
to make OAuth2 requests by including the
token as a Bearer Token. It also provides mechanisms for looking up the OAuth2AuthorizedClient
. This class is
intended to be used in a servlet environment.
Example usage:
OAuth2AuthorizedClientExchangeFilterFunction oauth2 = new OAuth2AuthorizedClientExchangeFilterFunction(authorizedClientService); WebClient webClient = WebClient.builder() .apply(oauth2.oauth2Configuration()) .build(); MonoAn attempt to automatically refresh the token will be made if all of the following are true:response = webClient .get() .uri(uri) .attributes(oauth2AuthorizedClient(authorizedClient)) // ... .retrieve() .bodyToMono(String.class);
ServletOAuth2AuthorizedClientExchangeFilterFunction
is not nullsetAccessTokenExpiresSkew(Duration)
ReactiveSecurityContextHolder
will be used to attempt to save
the token. If it is empty, then the principal name on the OAuth2AuthorizedClient
will be used to create an Authentication for saving.Constructor and Description |
---|
ServletOAuth2AuthorizedClientExchangeFilterFunction() |
ServletOAuth2AuthorizedClientExchangeFilterFunction(ClientRegistrationRepository clientRegistrationRepository,
OAuth2AuthorizedClientRepository authorizedClientRepository) |
Modifier and Type | Method and Description |
---|---|
void |
afterPropertiesSet() |
static java.util.function.Consumer<java.util.Map<java.lang.String,java.lang.Object>> |
authentication(Authentication authentication)
Modifies the
ClientRequest.attributes() to include the Authentication used to
look up and save the OAuth2AuthorizedClient . |
static java.util.function.Consumer<java.util.Map<java.lang.String,java.lang.Object>> |
clientRegistrationId(java.lang.String clientRegistrationId)
Modifies the
ClientRequest.attributes() to include the ClientRegistration.getRegistrationId() to
be used to look up the OAuth2AuthorizedClient . |
java.util.function.Consumer<org.springframework.web.reactive.function.client.WebClient.RequestHeadersSpec<?>> |
defaultRequest()
Provides defaults for the
HttpServletRequest and the HttpServletResponse using
RequestContextHolder . |
void |
destroy() |
reactor.core.publisher.Mono<org.springframework.web.reactive.function.client.ClientResponse> |
filter(org.springframework.web.reactive.function.client.ClientRequest request,
org.springframework.web.reactive.function.client.ExchangeFunction next) |
static java.util.function.Consumer<java.util.Map<java.lang.String,java.lang.Object>> |
httpServletRequest(javax.servlet.http.HttpServletRequest request)
Modifies the
ClientRequest.attributes() to include the HttpServletRequest used to
look up and save the OAuth2AuthorizedClient . |
static java.util.function.Consumer<java.util.Map<java.lang.String,java.lang.Object>> |
httpServletResponse(javax.servlet.http.HttpServletResponse response)
Modifies the
ClientRequest.attributes() to include the HttpServletResponse used to
save the OAuth2AuthorizedClient . |
static java.util.function.Consumer<java.util.Map<java.lang.String,java.lang.Object>> |
oauth2AuthorizedClient(OAuth2AuthorizedClient authorizedClient)
Modifies the
ClientRequest.attributes() to include the OAuth2AuthorizedClient to be used for
providing the Bearer Token. |
java.util.function.Consumer<org.springframework.web.reactive.function.client.WebClient.Builder> |
oauth2Configuration()
Configures the builder with
defaultRequest() and adds this as a ExchangeFilterFunction |
void |
setAccessTokenExpiresSkew(java.time.Duration accessTokenExpiresSkew)
An access token will be considered expired by comparing its expiration to now +
this skewed Duration.
|
void |
setClientCredentialsTokenResponseClient(OAuth2AccessTokenResponseClient<OAuth2ClientCredentialsGrantRequest> clientCredentialsTokenResponseClient)
Sets the
OAuth2AccessTokenResponseClient to be used for getting an OAuth2AuthorizedClient for
client_credentials grant. |
void |
setDefaultClientRegistrationId(java.lang.String clientRegistrationId)
If set, will be used as the default
ClientRegistration.getRegistrationId() . |
void |
setDefaultOAuth2AuthorizedClient(boolean defaultOAuth2AuthorizedClient)
If true, a default
OAuth2AuthorizedClient can be discovered from the current Authentication. |
public ServletOAuth2AuthorizedClientExchangeFilterFunction()
public ServletOAuth2AuthorizedClientExchangeFilterFunction(ClientRegistrationRepository clientRegistrationRepository, OAuth2AuthorizedClientRepository authorizedClientRepository)
public void afterPropertiesSet() throws java.lang.Exception
afterPropertiesSet
in interface org.springframework.beans.factory.InitializingBean
java.lang.Exception
public void destroy() throws java.lang.Exception
destroy
in interface org.springframework.beans.factory.DisposableBean
java.lang.Exception
public void setClientCredentialsTokenResponseClient(OAuth2AccessTokenResponseClient<OAuth2ClientCredentialsGrantRequest> clientCredentialsTokenResponseClient)
OAuth2AccessTokenResponseClient
to be used for getting an OAuth2AuthorizedClient
for
client_credentials grant.clientCredentialsTokenResponseClient
- the client to usepublic void setDefaultOAuth2AuthorizedClient(boolean defaultOAuth2AuthorizedClient)
OAuth2AuthorizedClient
can be discovered from the current Authentication. It is
recommended to be cautious with this feature since all HTTP requests will receive the access token if it can be
resolved from the current Authentication.defaultOAuth2AuthorizedClient
- true if a default OAuth2AuthorizedClient
should be used, else false.
Default is false.public void setDefaultClientRegistrationId(java.lang.String clientRegistrationId)
ClientRegistration.getRegistrationId()
. It is
recommended to be cautious with this feature since all HTTP requests will receive the access token.clientRegistrationId
- the id to usepublic java.util.function.Consumer<org.springframework.web.reactive.function.client.WebClient.Builder> oauth2Configuration()
defaultRequest()
and adds this as a ExchangeFilterFunction
Consumer
to configure the builderpublic java.util.function.Consumer<org.springframework.web.reactive.function.client.WebClient.RequestHeadersSpec<?>> defaultRequest()
HttpServletRequest
and the HttpServletResponse
using
RequestContextHolder
. It also provides defaults for the Authentication
using
SecurityContextHolder
. It also can default the OAuth2AuthorizedClient
using the
clientRegistrationId(String)
or the authentication(Authentication)
.Consumer
to populate the attributespublic static java.util.function.Consumer<java.util.Map<java.lang.String,java.lang.Object>> oauth2AuthorizedClient(OAuth2AuthorizedClient authorizedClient)
ClientRequest.attributes()
to include the OAuth2AuthorizedClient
to be used for
providing the Bearer Token.authorizedClient
- the OAuth2AuthorizedClient
to use.Consumer
to populate the attributespublic static java.util.function.Consumer<java.util.Map<java.lang.String,java.lang.Object>> clientRegistrationId(java.lang.String clientRegistrationId)
ClientRequest.attributes()
to include the ClientRegistration.getRegistrationId()
to
be used to look up the OAuth2AuthorizedClient
.clientRegistrationId
- the ClientRegistration.getRegistrationId()
to
be used to look up the OAuth2AuthorizedClient
.Consumer
to populate the attributespublic static java.util.function.Consumer<java.util.Map<java.lang.String,java.lang.Object>> authentication(Authentication authentication)
ClientRequest.attributes()
to include the Authentication
used to
look up and save the OAuth2AuthorizedClient
. The value is defaulted in
defaultRequest()
authentication
- the Authentication
to use.Consumer
to populate the attributespublic static java.util.function.Consumer<java.util.Map<java.lang.String,java.lang.Object>> httpServletRequest(javax.servlet.http.HttpServletRequest request)
ClientRequest.attributes()
to include the HttpServletRequest
used to
look up and save the OAuth2AuthorizedClient
. The value is defaulted in
defaultRequest()
request
- the HttpServletRequest
to use.Consumer
to populate the attributespublic static java.util.function.Consumer<java.util.Map<java.lang.String,java.lang.Object>> httpServletResponse(javax.servlet.http.HttpServletResponse response)
ClientRequest.attributes()
to include the HttpServletResponse
used to
save the OAuth2AuthorizedClient
. The value is defaulted in
defaultRequest()
response
- the HttpServletResponse
to use.Consumer
to populate the attributespublic void setAccessTokenExpiresSkew(java.time.Duration accessTokenExpiresSkew)
accessTokenExpiresSkew
- the Duration to use.public reactor.core.publisher.Mono<org.springframework.web.reactive.function.client.ClientResponse> filter(org.springframework.web.reactive.function.client.ClientRequest request, org.springframework.web.reactive.function.client.ExchangeFunction next)
filter
in interface org.springframework.web.reactive.function.client.ExchangeFilterFunction