public final class OAuth2LoginConfigurer<B extends HttpSecurityBuilder<B>> extends AbstractAuthenticationFilterConfigurer<B,OAuth2LoginConfigurer<B>,OAuth2LoginAuthenticationFilter>
AbstractHttpConfigurer
for OAuth 2.0 Login,
which leverages the OAuth 2.0 Authorization Code Grant Flow.
OAuth 2.0 Login provides an application with the capability to have users log in by using their existing account at an OAuth 2.0 or OpenID Connect 1.0 Provider.
Defaults are provided for all configuration options with the only required configuration
being clientRegistrationRepository(ClientRegistrationRepository)
.
Alternatively, a ClientRegistrationRepository
@Bean
may be registered instead.
Filter
's are populated:
ClientRegistrationRepository
(required)OAuth2AuthorizedClientRepository
(optional)GrantedAuthoritiesMapper
(optional)ClientRegistrationRepository
OAuth2AuthorizedClientRepository
GrantedAuthoritiesMapper
DefaultLoginPageGeneratingFilter
- if loginPage(String)
is not configured
and DefaultLoginPageGeneratingFilter
is available, then a default login page will be made availableModifier and Type | Class and Description |
---|---|
class |
OAuth2LoginConfigurer.AuthorizationEndpointConfig
Configuration options for the Authorization Server's Authorization Endpoint.
|
class |
OAuth2LoginConfigurer.RedirectionEndpointConfig
Configuration options for the Client's Redirection Endpoint.
|
class |
OAuth2LoginConfigurer.TokenEndpointConfig
Configuration options for the Authorization Server's Token Endpoint.
|
class |
OAuth2LoginConfigurer.UserInfoEndpointConfig
Configuration options for the Authorization Server's UserInfo Endpoint.
|
Constructor and Description |
---|
OAuth2LoginConfigurer() |
Modifier and Type | Method and Description |
---|---|
OAuth2LoginConfigurer.AuthorizationEndpointConfig |
authorizationEndpoint()
Returns the
OAuth2LoginConfigurer.AuthorizationEndpointConfig for configuring the Authorization Server's Authorization Endpoint. |
OAuth2LoginConfigurer<B> |
authorizationEndpoint(Customizer<OAuth2LoginConfigurer.AuthorizationEndpointConfig> authorizationEndpointCustomizer)
Configures the Authorization Server's Authorization Endpoint.
|
OAuth2LoginConfigurer<B> |
authorizedClientRepository(OAuth2AuthorizedClientRepository authorizedClientRepository)
Sets the repository for authorized client(s).
|
OAuth2LoginConfigurer<B> |
authorizedClientService(OAuth2AuthorizedClientService authorizedClientService)
Sets the service for authorized client(s).
|
OAuth2LoginConfigurer<B> |
clientRegistrationRepository(ClientRegistrationRepository clientRegistrationRepository)
Sets the repository of client registrations.
|
void |
configure(B http)
Configure the
SecurityBuilder by setting the necessary properties on the
SecurityBuilder . |
protected RequestMatcher |
createLoginProcessingUrlMatcher(java.lang.String loginProcessingUrl)
Create the
RequestMatcher given a loginProcessingUrl |
void |
init(B http)
Initialize the
SecurityBuilder . |
OAuth2LoginConfigurer<B> |
loginPage(java.lang.String loginPage)
Specifies the URL to send users to if login is required.
|
OAuth2LoginConfigurer<B> |
loginProcessingUrl(java.lang.String loginProcessingUrl)
Specifies the URL to validate the credentials.
|
OAuth2LoginConfigurer.RedirectionEndpointConfig |
redirectionEndpoint()
Returns the
OAuth2LoginConfigurer.RedirectionEndpointConfig for configuring the Client's Redirection Endpoint. |
OAuth2LoginConfigurer<B> |
redirectionEndpoint(Customizer<OAuth2LoginConfigurer.RedirectionEndpointConfig> redirectionEndpointCustomizer)
Configures the Client's Redirection Endpoint.
|
OAuth2LoginConfigurer.TokenEndpointConfig |
tokenEndpoint()
Returns the
OAuth2LoginConfigurer.TokenEndpointConfig for configuring the Authorization Server's Token Endpoint. |
OAuth2LoginConfigurer<B> |
tokenEndpoint(Customizer<OAuth2LoginConfigurer.TokenEndpointConfig> tokenEndpointCustomizer)
Configures the Authorization Server's Token Endpoint.
|
OAuth2LoginConfigurer.UserInfoEndpointConfig |
userInfoEndpoint()
Returns the
OAuth2LoginConfigurer.UserInfoEndpointConfig for configuring the Authorization Server's UserInfo Endpoint. |
OAuth2LoginConfigurer<B> |
userInfoEndpoint(Customizer<OAuth2LoginConfigurer.UserInfoEndpointConfig> userInfoEndpointCustomizer)
Configures the Authorization Server's UserInfo Endpoint.
|
authenticationDetailsSource, defaultSuccessUrl, defaultSuccessUrl, failureHandler, failureUrl, getAuthenticationEntryPoint, getAuthenticationEntryPointMatcher, getAuthenticationFilter, getFailureUrl, getLoginPage, getLoginProcessingUrl, isCustomLoginPage, permitAll, permitAll, registerAuthenticationEntryPoint, registerDefaultAuthenticationEntryPoint, setAuthenticationFilter, successHandler, updateAccessDefaults, updateAuthenticationDefaults
disable, withObjectPostProcessor
addObjectPostProcessor, and, getBuilder, postProcess, setBuilder
public OAuth2LoginConfigurer<B> clientRegistrationRepository(ClientRegistrationRepository clientRegistrationRepository)
clientRegistrationRepository
- the repository of client registrationsOAuth2LoginConfigurer
for further configurationpublic OAuth2LoginConfigurer<B> authorizedClientRepository(OAuth2AuthorizedClientRepository authorizedClientRepository)
authorizedClientRepository
- the authorized client repositoryOAuth2LoginConfigurer
for further configurationpublic OAuth2LoginConfigurer<B> authorizedClientService(OAuth2AuthorizedClientService authorizedClientService)
authorizedClientService
- the authorized client serviceOAuth2LoginConfigurer
for further configurationpublic OAuth2LoginConfigurer<B> loginPage(java.lang.String loginPage)
AbstractAuthenticationFilterConfigurer
Specifies the URL to send users to if login is required. If used with
WebSecurityConfigurerAdapter
a default login page will be generated when
this attribute is not specified.
If a URL is specified or this is not being used in conjuction with
WebSecurityConfigurerAdapter
, users are required to process the specified
URL to generate a login page.
loginPage
in class AbstractAuthenticationFilterConfigurer<B extends HttpSecurityBuilder<B>,OAuth2LoginConfigurer<B extends HttpSecurityBuilder<B>>,OAuth2LoginAuthenticationFilter>
public OAuth2LoginConfigurer<B> loginProcessingUrl(java.lang.String loginProcessingUrl)
AbstractAuthenticationFilterConfigurer
loginProcessingUrl
in class AbstractAuthenticationFilterConfigurer<B extends HttpSecurityBuilder<B>,OAuth2LoginConfigurer<B extends HttpSecurityBuilder<B>>,OAuth2LoginAuthenticationFilter>
loginProcessingUrl
- the URL to validate username and passwordFormLoginConfigurer
for additional customizationpublic OAuth2LoginConfigurer.AuthorizationEndpointConfig authorizationEndpoint()
OAuth2LoginConfigurer.AuthorizationEndpointConfig
for configuring the Authorization Server's Authorization Endpoint.OAuth2LoginConfigurer.AuthorizationEndpointConfig
public OAuth2LoginConfigurer<B> authorizationEndpoint(Customizer<OAuth2LoginConfigurer.AuthorizationEndpointConfig> authorizationEndpointCustomizer)
authorizationEndpointCustomizer
- the Customizer
to provide more options for
the OAuth2LoginConfigurer.AuthorizationEndpointConfig
OAuth2LoginConfigurer
for further customizationspublic OAuth2LoginConfigurer.TokenEndpointConfig tokenEndpoint()
OAuth2LoginConfigurer.TokenEndpointConfig
for configuring the Authorization Server's Token Endpoint.OAuth2LoginConfigurer.TokenEndpointConfig
public OAuth2LoginConfigurer<B> tokenEndpoint(Customizer<OAuth2LoginConfigurer.TokenEndpointConfig> tokenEndpointCustomizer)
tokenEndpointCustomizer
- the Customizer
to provide more options for
the OAuth2LoginConfigurer.TokenEndpointConfig
OAuth2LoginConfigurer
for further customizationsjava.lang.Exception
public OAuth2LoginConfigurer.RedirectionEndpointConfig redirectionEndpoint()
OAuth2LoginConfigurer.RedirectionEndpointConfig
for configuring the Client's Redirection Endpoint.OAuth2LoginConfigurer.RedirectionEndpointConfig
public OAuth2LoginConfigurer<B> redirectionEndpoint(Customizer<OAuth2LoginConfigurer.RedirectionEndpointConfig> redirectionEndpointCustomizer)
redirectionEndpointCustomizer
- the Customizer
to provide more options for
the OAuth2LoginConfigurer.RedirectionEndpointConfig
OAuth2LoginConfigurer
for further customizationspublic OAuth2LoginConfigurer.UserInfoEndpointConfig userInfoEndpoint()
OAuth2LoginConfigurer.UserInfoEndpointConfig
for configuring the Authorization Server's UserInfo Endpoint.OAuth2LoginConfigurer.UserInfoEndpointConfig
public OAuth2LoginConfigurer<B> userInfoEndpoint(Customizer<OAuth2LoginConfigurer.UserInfoEndpointConfig> userInfoEndpointCustomizer)
userInfoEndpointCustomizer
- the Customizer
to provide more options for
the OAuth2LoginConfigurer.UserInfoEndpointConfig
OAuth2LoginConfigurer
for further customizationspublic void init(B http) throws java.lang.Exception
SecurityConfigurer
SecurityBuilder
. Here only shared state should be created
and modified, but not properties on the SecurityBuilder
used for building
the object. This ensures that the SecurityConfigurer.configure(SecurityBuilder)
method uses
the correct shared objects when building. Configurers should be applied here.init
in interface SecurityConfigurer<DefaultSecurityFilterChain,B extends HttpSecurityBuilder<B>>
init
in class AbstractAuthenticationFilterConfigurer<B extends HttpSecurityBuilder<B>,OAuth2LoginConfigurer<B extends HttpSecurityBuilder<B>>,OAuth2LoginAuthenticationFilter>
java.lang.Exception
public void configure(B http) throws java.lang.Exception
SecurityConfigurer
SecurityBuilder
by setting the necessary properties on the
SecurityBuilder
.configure
in interface SecurityConfigurer<DefaultSecurityFilterChain,B extends HttpSecurityBuilder<B>>
configure
in class AbstractAuthenticationFilterConfigurer<B extends HttpSecurityBuilder<B>,OAuth2LoginConfigurer<B extends HttpSecurityBuilder<B>>,OAuth2LoginAuthenticationFilter>
java.lang.Exception
protected RequestMatcher createLoginProcessingUrlMatcher(java.lang.String loginProcessingUrl)
AbstractAuthenticationFilterConfigurer
RequestMatcher
given a loginProcessingUrlcreateLoginProcessingUrlMatcher
in class AbstractAuthenticationFilterConfigurer<B extends HttpSecurityBuilder<B>,OAuth2LoginConfigurer<B extends HttpSecurityBuilder<B>>,OAuth2LoginAuthenticationFilter>
loginProcessingUrl
- creates the RequestMatcher
based upon the
loginProcessingUrlRequestMatcher
to use based upon the loginProcessingUrl