public class OAuth2AuthorizationCodeGrantWebFilter
extends java.lang.Object
implements org.springframework.web.server.WebFilter
Filter
for the OAuth 2.0 Authorization Code Grant,
which handles the processing of the OAuth 2.0 Authorization Response.
The OAuth 2.0 Authorization Response is processed as follows:
code
and state
parameters
to the redirect_uri
(provided in the Authorization Request)
and redirect the End-User's user-agent back to this Filter
(the Client).
Filter
will then create an OAuth2AuthorizationCodeAuthenticationToken
with
the code
received and
delegate it to the ReactiveAuthenticationManager
to authenticate.
Authorized Client
is created by associating the
client
to the
access token
and current Principal
and saving it via the ServerOAuth2AuthorizedClientRepository
.
OAuth2AuthorizationCodeAuthenticationToken
,
OAuth2AuthorizationCodeReactiveAuthenticationManager
,
OAuth2AuthorizationRequest
,
OAuth2AuthorizationResponse
,
AuthorizationRequestRepository
,
OAuth2AuthorizationRequestRedirectWebFilter
,
ReactiveClientRegistrationRepository
,
OAuth2AuthorizedClient
,
ServerOAuth2AuthorizedClientRepository
,
Section 4.1 Authorization Code Grant,
Section 4.1.2 Authorization ResponseConstructor and Description |
---|
OAuth2AuthorizationCodeGrantWebFilter(ReactiveAuthenticationManager authenticationManager,
ReactiveClientRegistrationRepository clientRegistrationRepository,
ServerOAuth2AuthorizedClientRepository authorizedClientRepository) |
OAuth2AuthorizationCodeGrantWebFilter(ReactiveAuthenticationManager authenticationManager,
ServerAuthenticationConverter authenticationConverter,
ServerOAuth2AuthorizedClientRepository authorizedClientRepository) |
Modifier and Type | Method and Description |
---|---|
reactor.core.publisher.Mono<java.lang.Void> |
filter(org.springframework.web.server.ServerWebExchange exchange,
org.springframework.web.server.WebFilterChain chain) |
void |
setAuthorizationRequestRepository(ServerAuthorizationRequestRepository<OAuth2AuthorizationRequest> authorizationRequestRepository)
Sets the repository used for storing
OAuth2AuthorizationRequest 's. |
public OAuth2AuthorizationCodeGrantWebFilter(ReactiveAuthenticationManager authenticationManager, ReactiveClientRegistrationRepository clientRegistrationRepository, ServerOAuth2AuthorizedClientRepository authorizedClientRepository)
public OAuth2AuthorizationCodeGrantWebFilter(ReactiveAuthenticationManager authenticationManager, ServerAuthenticationConverter authenticationConverter, ServerOAuth2AuthorizedClientRepository authorizedClientRepository)
public final void setAuthorizationRequestRepository(ServerAuthorizationRequestRepository<OAuth2AuthorizationRequest> authorizationRequestRepository)
OAuth2AuthorizationRequest
's.
The default is WebSessionOAuth2ServerAuthorizationRequestRepository
.authorizationRequestRepository
- the repository used for storing OAuth2AuthorizationRequest
'spublic reactor.core.publisher.Mono<java.lang.Void> filter(org.springframework.web.server.ServerWebExchange exchange, org.springframework.web.server.WebFilterChain chain)
filter
in interface org.springframework.web.server.WebFilter