public final class DefaultBearerTokenResolver extends java.lang.Object implements BearerTokenResolver
BearerTokenResolver
implementation based on RFC 6750.Constructor and Description |
---|
DefaultBearerTokenResolver() |
Modifier and Type | Method and Description |
---|---|
java.lang.String |
resolve(javax.servlet.http.HttpServletRequest request)
Resolve any Bearer Token
value from the request.
|
void |
setAllowFormEncodedBodyParameter(boolean allowFormEncodedBodyParameter)
Set if transport of access token using form-encoded body parameter is supported.
|
void |
setAllowUriQueryParameter(boolean allowUriQueryParameter)
Set if transport of access token using URI query parameter is supported.
|
public java.lang.String resolve(javax.servlet.http.HttpServletRequest request)
resolve
in interface BearerTokenResolver
request
- the requestnull
if none foundpublic void setAllowFormEncodedBodyParameter(boolean allowFormEncodedBodyParameter)
false
.allowFormEncodedBodyParameter
- if the form-encoded body parameter is supportedpublic void setAllowUriQueryParameter(boolean allowUriQueryParameter)
false
.
The spec recommends against using this mechanism for sending bearer tokens, and even goes as far as
stating that it was only included for completeness.allowUriQueryParameter
- if the URI query parameter is supported