public class OAuth2IntrospectionReactiveAuthenticationManager extends java.lang.Object implements ReactiveAuthenticationManager
ReactiveAuthenticationManager
implementation for opaque
Bearer Tokens,
using an
OAuth 2.0 Introspection Endpoint
to check the token's validity and reveal its attributes.
This ReactiveAuthenticationManager
is responsible for introspecting and verifying an opaque access token,
returning its attributes set as part of the Authentication
statement.
Scopes are translated into GrantedAuthority
s according to the following algorithm:
Collection
of String
s.
Collection
and prepend the "SCOPE_" keyword to each element, adding as GrantedAuthority
s.
ReactiveAuthenticationManager
Constructor and Description |
---|
OAuth2IntrospectionReactiveAuthenticationManager(java.lang.String introspectionUri,
java.lang.String clientId,
java.lang.String clientSecret)
Creates a
OAuth2IntrospectionReactiveAuthenticationManager with the provided parameters |
OAuth2IntrospectionReactiveAuthenticationManager(java.lang.String introspectionUri,
org.springframework.web.reactive.function.client.WebClient webClient)
Creates a
OAuth2IntrospectionReactiveAuthenticationManager with the provided parameters |
Modifier and Type | Method and Description |
---|---|
reactor.core.publisher.Mono<Authentication> |
authenticate(Authentication authentication)
Attempts to authenticate the provided
Authentication |
public OAuth2IntrospectionReactiveAuthenticationManager(java.lang.String introspectionUri, java.lang.String clientId, java.lang.String clientSecret)
OAuth2IntrospectionReactiveAuthenticationManager
with the provided parametersintrospectionUri
- The introspection endpoint uriclientId
- The client id authorized to introspectclientSecret
- The client secret for the authorized clientpublic OAuth2IntrospectionReactiveAuthenticationManager(java.lang.String introspectionUri, org.springframework.web.reactive.function.client.WebClient webClient)
OAuth2IntrospectionReactiveAuthenticationManager
with the provided parametersintrospectionUri
- The introspection endpoint uriwebClient
- The client for performing the introspection requestpublic reactor.core.publisher.Mono<Authentication> authenticate(Authentication authentication)
ReactiveAuthenticationManager
Authentication
authenticate
in interface ReactiveAuthenticationManager
authentication
- the Authentication
to testAuthentication
is returned. If
authentication cannot be determined, an empty Mono is returned. If authentication
fails, a Mono error is returned.