Package org.springframework.security.oauth2.client.authentication

Class OAuth2LoginAuthenticationToken

    • Constructor Detail

      • OAuth2LoginAuthenticationToken

        public OAuth2LoginAuthenticationToken​(ClientRegistration clientRegistration,
                                      OAuth2AuthorizationExchange authorizationExchange)
        This constructor should be used when the Authorization Request/Response is complete.
        Parameters:
        clientRegistration - the client registration
        authorizationExchange - the authorization exchange

      • OAuth2LoginAuthenticationToken

        public OAuth2LoginAuthenticationToken​(ClientRegistration clientRegistration,
                                      OAuth2AuthorizationExchange authorizationExchange,
                                      OAuth2User principal,
                                      java.util.Collection<? extends GrantedAuthority> authorities,
                                      OAuth2AccessToken accessToken)
        This constructor should be used when the Access Token Request/Response is complete, which indicates that the Authorization Code Grant flow has fully completed and OAuth 2.0 Login has been achieved.
        Parameters:
        clientRegistration - the client registration
        authorizationExchange - the authorization exchange
        principal - the user Principal registered with the OAuth 2.0 Provider
        authorities - the authorities granted to the user
        accessToken - the access token credential

      • OAuth2LoginAuthenticationToken

        public OAuth2LoginAuthenticationToken​(ClientRegistration clientRegistration,
                                      OAuth2AuthorizationExchange authorizationExchange,
                                      OAuth2User principal,
                                      java.util.Collection<? extends GrantedAuthority> authorities,
                                      OAuth2AccessToken accessToken,
                                      @Nullable
                                      OAuth2RefreshToken refreshToken)
        This constructor should be used when the Access Token Request/Response is complete, which indicates that the Authorization Code Grant flow has fully completed and OAuth 2.0 Login has been achieved.
        Parameters:
        clientRegistration - the client registration
        authorizationExchange - the authorization exchange
        principal - the user Principal registered with the OAuth 2.0 Provider
        authorities - the authorities granted to the user
        accessToken - the access token credential
        refreshToken - the refresh token credential

    • Method Detail

      • getPrincipal

        public OAuth2User getPrincipal()
        Description copied from interface: Authentication
        The identity of the principal being authenticated. In the case of an authentication request with username and password, this would be the username. Callers are expected to populate the principal for an authentication request.

        The AuthenticationManager implementation will often return an Authentication containing richer information as the principal for use by the application. Many of the authentication providers will create a UserDetails object as the principal.

        Returns:
        the Principal being authenticated or the authenticated principal after authentication.

      • getCredentials

        public java.lang.Object getCredentials()
        Description copied from interface: Authentication
        The credentials that prove the principal is correct. This is usually a password, but could be anything relevant to the AuthenticationManager. Callers are expected to populate the credentials.
        Returns:
        the credentials that prove the identity of the Principal