public abstract class AbstractOAuth2TokenAuthenticationToken<T extends AbstractOAuth2Token> extends AbstractAuthenticationToken
AbstractAuthenticationToken
implementations
that expose common attributes between different OAuth 2.0 Access Token Formats.
For example, a Jwt
could expose its claims
via
getTokenAttributes()
or an "Introspected" OAuth 2.0 Access Token
could expose the attributes of the Introspection Response via getTokenAttributes()
.
OAuth2AccessToken
,
Jwt
,
2.2 Introspection Response,
Serialized FormModifier | Constructor and Description |
---|---|
protected |
AbstractOAuth2TokenAuthenticationToken(T token)
Sub-class constructor.
|
protected |
AbstractOAuth2TokenAuthenticationToken(T token,
java.util.Collection<? extends GrantedAuthority> authorities)
Sub-class constructor.
|
protected |
AbstractOAuth2TokenAuthenticationToken(T token,
java.lang.Object principal,
java.lang.Object credentials,
java.util.Collection<? extends GrantedAuthority> authorities) |
Modifier and Type | Method and Description |
---|---|
java.lang.Object |
getCredentials()
The credentials that prove the principal is correct.
|
java.lang.Object |
getPrincipal()
The identity of the principal being authenticated.
|
T |
getToken()
Get the token bound to this
Authentication . |
abstract java.util.Map<java.lang.String,java.lang.Object> |
getTokenAttributes()
Returns the attributes of the access token.
|
equals, eraseCredentials, getAuthorities, getDetails, getName, hashCode, isAuthenticated, setAuthenticated, setDetails, toString
protected AbstractOAuth2TokenAuthenticationToken(T token)
protected AbstractOAuth2TokenAuthenticationToken(T token, java.util.Collection<? extends GrantedAuthority> authorities)
authorities
- the authorities assigned to the Access Tokenprotected AbstractOAuth2TokenAuthenticationToken(T token, java.lang.Object principal, java.lang.Object credentials, java.util.Collection<? extends GrantedAuthority> authorities)
public java.lang.Object getPrincipal()
The AuthenticationManager implementation will often return an
Authentication containing richer information as the principal for use by
the application. Many of the authentication providers will create a
UserDetails
object as the principal.
Principal
being authenticated or the authenticated
principal after authentication.public java.lang.Object getCredentials()
AuthenticationManager
. Callers
are expected to populate the credentials.Principal
public final T getToken()
Authentication
.public abstract java.util.Map<java.lang.String,java.lang.Object> getTokenAttributes()
Map
of the attributes in the access token.