public class OAuth2AuthorizationRequestRedirectFilter
extends org.springframework.web.filter.OncePerRequestFilter
Filter
initiates the authorization code grant or implicit grant flow
by redirecting the End-User's user-agent to the Authorization Server's Authorization Endpoint.
It builds the OAuth 2.0 Authorization Request,
which is used as the redirect URI
to the Authorization Endpoint.
The redirect URI
will include the client identifier, requested scope(s), state,
response type, and a redirection URI which the authorization server will send the user-agent back to
once access is granted (or denied) by the End-User (Resource Owner).
By default, this Filter
responds to authorization requests
at the URI
/oauth2/authorization/{registrationId}
using the default OAuth2AuthorizationRequestResolver
.
The URI
template variable {registrationId}
represents the
registration identifier
of the client
that is used for initiating the OAuth 2.0 Authorization Request.
The default base URI
/oauth2/authorization
may be overridden
via the constructor OAuth2AuthorizationRequestRedirectFilter(ClientRegistrationRepository, String)
,
or alternatively, an OAuth2AuthorizationRequestResolver
may be provided to the constructor
OAuth2AuthorizationRequestRedirectFilter(OAuth2AuthorizationRequestResolver)
to override the resolving of authorization requests.
OAuth2AuthorizationRequest
,
OAuth2AuthorizationRequestResolver
,
AuthorizationRequestRepository
,
ClientRegistration
,
ClientRegistrationRepository
,
Section 4.1 Authorization Code Grant,
Section 4.1.1 Authorization Request (Authorization Code),
Section 4.2 Implicit Grant,
Section 4.2.1 Authorization Request (Implicit)Modifier and Type | Field and Description |
---|---|
static java.lang.String |
DEFAULT_AUTHORIZATION_REQUEST_BASE_URI
The default base
URI used for authorization requests. |
Constructor and Description |
---|
OAuth2AuthorizationRequestRedirectFilter(ClientRegistrationRepository clientRegistrationRepository)
Constructs an
OAuth2AuthorizationRequestRedirectFilter using the provided parameters. |
OAuth2AuthorizationRequestRedirectFilter(ClientRegistrationRepository clientRegistrationRepository,
java.lang.String authorizationRequestBaseUri)
Constructs an
OAuth2AuthorizationRequestRedirectFilter using the provided parameters. |
OAuth2AuthorizationRequestRedirectFilter(OAuth2AuthorizationRequestResolver authorizationRequestResolver)
Constructs an
OAuth2AuthorizationRequestRedirectFilter using the provided parameters. |
Modifier and Type | Method and Description |
---|---|
protected void |
doFilterInternal(javax.servlet.http.HttpServletRequest request,
javax.servlet.http.HttpServletResponse response,
javax.servlet.FilterChain filterChain) |
void |
setAuthorizationRequestRepository(AuthorizationRequestRepository<OAuth2AuthorizationRequest> authorizationRequestRepository)
Sets the repository used for storing
OAuth2AuthorizationRequest 's. |
void |
setRequestCache(RequestCache requestCache)
Sets the
RequestCache used for storing the current request
before redirecting the OAuth 2.0 Authorization Request. |
doFilter, doFilterNestedErrorDispatch, getAlreadyFilteredAttributeName, isAsyncDispatch, isAsyncStarted, shouldNotFilter, shouldNotFilterAsyncDispatch, shouldNotFilterErrorDispatch
public static final java.lang.String DEFAULT_AUTHORIZATION_REQUEST_BASE_URI
URI
used for authorization requests.public OAuth2AuthorizationRequestRedirectFilter(ClientRegistrationRepository clientRegistrationRepository)
OAuth2AuthorizationRequestRedirectFilter
using the provided parameters.clientRegistrationRepository
- the repository of client registrationspublic OAuth2AuthorizationRequestRedirectFilter(ClientRegistrationRepository clientRegistrationRepository, java.lang.String authorizationRequestBaseUri)
OAuth2AuthorizationRequestRedirectFilter
using the provided parameters.clientRegistrationRepository
- the repository of client registrationsauthorizationRequestBaseUri
- the base URI
used for authorization requestspublic OAuth2AuthorizationRequestRedirectFilter(OAuth2AuthorizationRequestResolver authorizationRequestResolver)
OAuth2AuthorizationRequestRedirectFilter
using the provided parameters.authorizationRequestResolver
- the resolver used for resolving authorization requestspublic final void setAuthorizationRequestRepository(AuthorizationRequestRepository<OAuth2AuthorizationRequest> authorizationRequestRepository)
OAuth2AuthorizationRequest
's.authorizationRequestRepository
- the repository used for storing OAuth2AuthorizationRequest
'spublic final void setRequestCache(RequestCache requestCache)
RequestCache
used for storing the current request
before redirecting the OAuth 2.0 Authorization Request.requestCache
- the cache used for storing the current requestprotected void doFilterInternal(javax.servlet.http.HttpServletRequest request, javax.servlet.http.HttpServletResponse response, javax.servlet.FilterChain filterChain) throws javax.servlet.ServletException, java.io.IOException
doFilterInternal
in class org.springframework.web.filter.OncePerRequestFilter
javax.servlet.ServletException
java.io.IOException