public final class ClientCredentialsOAuth2AuthorizedClientProvider extends java.lang.Object implements OAuth2AuthorizedClientProvider
OAuth2AuthorizedClientProvider
for the client_credentials
grant.OAuth2AuthorizedClientProvider
,
DefaultClientCredentialsTokenResponseClient
Constructor and Description |
---|
ClientCredentialsOAuth2AuthorizedClientProvider() |
Modifier and Type | Method and Description |
---|---|
OAuth2AuthorizedClient |
authorize(OAuth2AuthorizationContext context)
Attempt to authorize (or re-authorize) the
client in the provided context . |
void |
setAccessTokenResponseClient(OAuth2AccessTokenResponseClient<OAuth2ClientCredentialsGrantRequest> accessTokenResponseClient)
Sets the client used when requesting an access token credential at the Token Endpoint for the
client_credentials grant. |
void |
setClock(java.time.Clock clock)
Sets the
Clock used in Instant.now(Clock) when checking the access token expiry. |
void |
setClockSkew(java.time.Duration clockSkew)
Sets the maximum acceptable clock skew, which is used when checking the
access token expiry. |
public ClientCredentialsOAuth2AuthorizedClientProvider()
@Nullable public OAuth2AuthorizedClient authorize(OAuth2AuthorizationContext context)
client
in the provided context
.
Returns null
if authorization (or re-authorization) is not supported,
e.g. the client's authorization grant type
is not client_credentials
OR
the access token
is not expired.authorize
in interface OAuth2AuthorizedClientProvider
context
- the context that holds authorization-specific state for the clientOAuth2AuthorizedClient
or null
if authorization (or re-authorization) is not supportedpublic void setAccessTokenResponseClient(OAuth2AccessTokenResponseClient<OAuth2ClientCredentialsGrantRequest> accessTokenResponseClient)
client_credentials
grant.accessTokenResponseClient
- the client used when requesting an access token credential at the Token Endpoint for the client_credentials
grantpublic void setClockSkew(java.time.Duration clockSkew)
access token
expiry. The default is 60 seconds.
An access token is considered expired if OAuth2AccessToken#getExpiresAt() - clockSkew
is before the current time clock#instant()
.
clockSkew
- the maximum acceptable clock skewpublic void setClock(java.time.Clock clock)
Clock
used in Instant.now(Clock)
when checking the access token expiry.clock
- the clock