public final class DefaultReactiveOAuth2AuthorizedClientManager extends java.lang.Object implements ReactiveOAuth2AuthorizedClientManager
ReactiveOAuth2AuthorizedClientManager
for use within the context of a ServerWebExchange
.
(When operating outside of the context of a ServerWebExchange
,
use AuthorizedClientServiceReactiveOAuth2AuthorizedClientManager
instead.)
This is a reactive equivalent of DefaultOAuth2AuthorizedClientManager
.
This client manager utilizes a ServerOAuth2AuthorizedClientRepository
to persist OAuth2AuthorizedClient
s.
By default, when an authorization attempt succeeds, the OAuth2AuthorizedClient
will be saved in the authorized client repository.
This functionality can be changed by configuring a custom ReactiveOAuth2AuthorizationSuccessHandler
via setAuthorizationSuccessHandler(ReactiveOAuth2AuthorizationSuccessHandler)
.
By default, when an authorization attempt fails due to an
"invalid_grant" error,
the previously saved OAuth2AuthorizedClient
will be removed from the authorized client repository.
(The "invalid_grant"
error generally occurs when a refresh token that is no longer valid
is used to retrieve a new access token.)
This functionality can be changed by configuring a custom ReactiveOAuth2AuthorizationFailureHandler
via setAuthorizationFailureHandler(ReactiveOAuth2AuthorizationFailureHandler)
.
Modifier and Type | Class and Description |
---|---|
static class |
DefaultReactiveOAuth2AuthorizedClientManager.DefaultContextAttributesMapper
The default implementation of the
contextAttributesMapper . |
Constructor and Description |
---|
DefaultReactiveOAuth2AuthorizedClientManager(ReactiveClientRegistrationRepository clientRegistrationRepository,
ServerOAuth2AuthorizedClientRepository authorizedClientRepository)
Constructs a
DefaultReactiveOAuth2AuthorizedClientManager using the provided parameters. |
Modifier and Type | Method and Description |
---|---|
reactor.core.publisher.Mono<OAuth2AuthorizedClient> |
authorize(OAuth2AuthorizeRequest authorizeRequest)
Attempt to authorize or re-authorize (if required) the
client
identified by the provided clientRegistrationId . |
void |
setAuthorizationFailureHandler(ReactiveOAuth2AuthorizationFailureHandler authorizationFailureHandler)
Sets the handler that handles authorization failures.
|
void |
setAuthorizationSuccessHandler(ReactiveOAuth2AuthorizationSuccessHandler authorizationSuccessHandler)
Sets the handler that handles successful authorizations.
|
void |
setAuthorizedClientProvider(ReactiveOAuth2AuthorizedClientProvider authorizedClientProvider)
Sets the
ReactiveOAuth2AuthorizedClientProvider used for authorizing (or re-authorizing) an OAuth 2.0 Client. |
void |
setContextAttributesMapper(java.util.function.Function<OAuth2AuthorizeRequest,reactor.core.publisher.Mono<java.util.Map<java.lang.String,java.lang.Object>>> contextAttributesMapper)
Sets the
Function used for mapping attribute(s) from the OAuth2AuthorizeRequest to a Map of attributes
to be associated to the authorization context . |
public DefaultReactiveOAuth2AuthorizedClientManager(ReactiveClientRegistrationRepository clientRegistrationRepository, ServerOAuth2AuthorizedClientRepository authorizedClientRepository)
DefaultReactiveOAuth2AuthorizedClientManager
using the provided parameters.clientRegistrationRepository
- the repository of client registrationsauthorizedClientRepository
- the repository of authorized clientspublic reactor.core.publisher.Mono<OAuth2AuthorizedClient> authorize(OAuth2AuthorizeRequest authorizeRequest)
ReactiveOAuth2AuthorizedClientManager
client
identified by the provided clientRegistrationId
.
Implementations must return an empty Mono
if authorization is not supported for the specified client,
e.g. the associated ReactiveOAuth2AuthorizedClientProvider
(s) does not support
the authorization grant
type configured for the client.
In the case of re-authorization, implementations must return the provided authorized client
if re-authorization is not supported for the client OR is not required,
e.g. a refresh token
is not available OR
the access token
is not expired.
authorize
in interface ReactiveOAuth2AuthorizedClientManager
authorizeRequest
- the authorize requestOAuth2AuthorizedClient
or an empty Mono
if authorization is not supported for the specified clientpublic void setAuthorizedClientProvider(ReactiveOAuth2AuthorizedClientProvider authorizedClientProvider)
ReactiveOAuth2AuthorizedClientProvider
used for authorizing (or re-authorizing) an OAuth 2.0 Client.authorizedClientProvider
- the ReactiveOAuth2AuthorizedClientProvider
used for authorizing (or re-authorizing) an OAuth 2.0 Clientpublic void setContextAttributesMapper(java.util.function.Function<OAuth2AuthorizeRequest,reactor.core.publisher.Mono<java.util.Map<java.lang.String,java.lang.Object>>> contextAttributesMapper)
Function
used for mapping attribute(s) from the OAuth2AuthorizeRequest
to a Map
of attributes
to be associated to the authorization context
.contextAttributesMapper
- the Function
used for supplying the Map
of attributes
to the authorization context
public void setAuthorizationSuccessHandler(ReactiveOAuth2AuthorizationSuccessHandler authorizationSuccessHandler)
OAuth2AuthorizedClient
s in the ServerOAuth2AuthorizedClientRepository
.authorizationSuccessHandler
- the handler that handles successful authorizations.public void setAuthorizationFailureHandler(ReactiveOAuth2AuthorizationFailureHandler authorizationFailureHandler)
A RemoveAuthorizedClientReactiveOAuth2AuthorizationFailureHandler
is used by default.
authorizationFailureHandler
- the handler that handles authorization failures.RemoveAuthorizedClientReactiveOAuth2AuthorizationFailureHandler