Package org.springframework.security.oauth2.server.resource.web

Class BearerTokenAuthenticationFilter

  • All Implemented Interfaces:
    javax.servlet.Filter, org.springframework.beans.factory.Aware, org.springframework.beans.factory.BeanNameAware, org.springframework.beans.factory.DisposableBean, org.springframework.beans.factory.InitializingBean, org.springframework.context.EnvironmentAware, org.springframework.core.env.EnvironmentCapable, org.springframework.web.context.ServletContextAware
    public final class BearerTokenAuthenticationFilter
extends org.springframework.web.filter.OncePerRequestFilter
    Authenticates requests that contain an OAuth 2.0 Bearer Token. This filter should be wired with an AuthenticationManager that can authenticate a BearerTokenAuthenticationToken.
    Since:
    5.1
    See Also:
    The OAuth 2.0 Authorization Framework: Bearer Token Usage, JwtAuthenticationProvider

    • Field Summary

      • Fields inherited from class org.springframework.web.filter.OncePerRequestFilter

        ALREADY_FILTERED_SUFFIX

      • Fields inherited from class org.springframework.web.filter.GenericFilterBean

        logger

    • Method Summary

      All Methods Instance Methods Concrete Methods 
      Modifier and Type Method Description
      protected void doFilterInternal​(javax.servlet.http.HttpServletRequest request, javax.servlet.http.HttpServletResponse response, javax.servlet.FilterChain filterChain)
      Extract any Bearer Token from the request and attempt an authentication.
      void setAuthenticationEntryPoint​(AuthenticationEntryPoint authenticationEntryPoint)
      Set the AuthenticationEntryPoint to use.
      void setAuthenticationFailureHandler​(AuthenticationFailureHandler authenticationFailureHandler)
      Set the AuthenticationFailureHandler to use.
      void setBearerTokenResolver​(BearerTokenResolver bearerTokenResolver)
      Set the BearerTokenResolver to use.

      • Methods inherited from class org.springframework.web.filter.OncePerRequestFilter

        doFilter, doFilterNestedErrorDispatch, getAlreadyFilteredAttributeName, isAsyncDispatch, isAsyncStarted, shouldNotFilter, shouldNotFilterAsyncDispatch, shouldNotFilterErrorDispatch

      • Methods inherited from class org.springframework.web.filter.GenericFilterBean

        addRequiredProperty, afterPropertiesSet, createEnvironment, destroy, getEnvironment, getFilterConfig, getFilterName, getServletContext, init, initBeanWrapper, initFilterBean, setBeanName, setEnvironment, setServletContext

      • Methods inherited from class java.lang.Object

        clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

    • Constructor Detail

      • BearerTokenAuthenticationFilter

        public BearerTokenAuthenticationFilter​(AuthenticationManagerResolver<javax.servlet.http.HttpServletRequest> authenticationManagerResolver)
        Construct a BearerTokenAuthenticationFilter using the provided parameter(s)
        Parameters:
        authenticationManagerResolver -

      • BearerTokenAuthenticationFilter

        public BearerTokenAuthenticationFilter​(AuthenticationManager authenticationManager)
        Construct a BearerTokenAuthenticationFilter using the provided parameter(s)
        Parameters:
        authenticationManager -

    • Method Detail

      • doFilterInternal

        protected void doFilterInternal​(javax.servlet.http.HttpServletRequest request,
                                javax.servlet.http.HttpServletResponse response,
                                javax.servlet.FilterChain filterChain)
                         throws javax.servlet.ServletException,
                                java.io.IOException
        Extract any Bearer Token from the request and attempt an authentication.
        Specified by:
        doFilterInternal in class org.springframework.web.filter.OncePerRequestFilter
        Parameters:
        request -
        response -
        filterChain -
        Throws:
        javax.servlet.ServletException
        java.io.IOException