public final class RefreshTokenOAuth2AuthorizedClientProvider extends java.lang.Object implements OAuth2AuthorizedClientProvider
OAuth2AuthorizedClientProvider
for the refresh_token
grant.OAuth2AuthorizedClientProvider
,
DefaultRefreshTokenTokenResponseClient
Constructor and Description |
---|
RefreshTokenOAuth2AuthorizedClientProvider() |
Modifier and Type | Method and Description |
---|---|
OAuth2AuthorizedClient |
authorize(OAuth2AuthorizationContext context)
Attempt to re-authorize the
client in the provided context . |
void |
setAccessTokenResponseClient(OAuth2AccessTokenResponseClient<OAuth2RefreshTokenGrantRequest> accessTokenResponseClient)
Sets the client used when requesting an access token credential at the Token Endpoint for the
refresh_token grant. |
void |
setClock(java.time.Clock clock)
Sets the
Clock used in Instant.now(Clock) when checking the access token expiry. |
void |
setClockSkew(java.time.Duration clockSkew)
Sets the maximum acceptable clock skew, which is used when checking the
access token expiry. |
public RefreshTokenOAuth2AuthorizedClientProvider()
@Nullable public OAuth2AuthorizedClient authorize(OAuth2AuthorizationContext context)
client
in the provided context
.
Returns null
if re-authorization is not supported,
e.g. the client is not authorized OR the refresh token
is not available for the authorized client OR the access token
is not expired.
The following context attributes
are supported:
OAuth2AuthorizationContext.REQUEST_SCOPE_ATTRIBUTE_NAME
(optional) - a String[]
of scope(s)
to be requested by the client
authorize
in interface OAuth2AuthorizedClientProvider
context
- the context that holds authorization-specific state for the clientOAuth2AuthorizedClient
or null
if re-authorization is not supportedpublic void setAccessTokenResponseClient(OAuth2AccessTokenResponseClient<OAuth2RefreshTokenGrantRequest> accessTokenResponseClient)
refresh_token
grant.accessTokenResponseClient
- the client used when requesting an access token credential at the Token Endpoint for the refresh_token
grantpublic void setClockSkew(java.time.Duration clockSkew)
access token
expiry. The default is 60 seconds.
An access token is considered expired if OAuth2AccessToken#getExpiresAt() - clockSkew
is before the current time clock#instant()
.
clockSkew
- the maximum acceptable clock skewpublic void setClock(java.time.Clock clock)
Clock
used in Instant.now(Clock)
when checking the access token expiry.clock
- the clock