org.springframework.security.oauth2.client.authentication

Class OAuth2LoginReactiveAuthenticationManager

java.lang.Object

org.springframework.security.oauth2.client.authentication.OAuth2LoginReactiveAuthenticationManager

All Implemented Interfaces:

ReactiveAuthenticationManager

public class OAuth2LoginReactiveAuthenticationManager
extends java.lang.Object
implements ReactiveAuthenticationManager

An implementation of an AuthenticationProvider for OAuth 2.0 Login, which leverages the OAuth 2.0 Authorization Code Grant Flow. This AuthenticationProvider is responsible for authenticating an Authorization Code credential with the Authorization Server's Token Endpoint and if valid, exchanging it for an Access Token credential.

It will also obtain the user attributes of the End-User (Resource Owner) from the UserInfo Endpoint using an OAuth2UserService, which will create a Principal in the form of an OAuth2User. The OAuth2User is then associated to the OAuth2LoginAuthenticationToken to complete the authentication.

Since:

5.1

See Also:

OAuth2LoginAuthenticationToken, ReactiveOAuth2AccessTokenResponseClient, ReactiveOAuth2UserService, OAuth2User, Section 4.1 Authorization Code Grant Flow, Section 4.1.3 Access Token Request, Section 4.1.4 Access Token Response

Constructor Summary

Constructors

Constructor and Description
OAuth2LoginReactiveAuthenticationManager(ReactiveOAuth2AccessTokenResponseClient<OAuth2AuthorizationCodeGrantRequest> accessTokenResponseClient, ReactiveOAuth2UserService<OAuth2UserRequest,OAuth2User> userService)

Method Summary

Modifier and Type	Method and Description
reactor.core.publisher.Mono<Authentication>	authenticate(Authentication authentication) Attempts to authenticate the provided Authentication
void	setAuthoritiesMapper(GrantedAuthoritiesMapper authoritiesMapper) Sets the GrantedAuthoritiesMapper used for mapping OAuth2AuthenticatedPrincipal.getAuthorities() to a new set of authorities which will be associated to the OAuth2LoginAuthenticationToken.

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Constructor Detail

OAuth2LoginReactiveAuthenticationManager

public OAuth2LoginReactiveAuthenticationManager(ReactiveOAuth2AccessTokenResponseClient<OAuth2AuthorizationCodeGrantRequest> accessTokenResponseClient,
                                                ReactiveOAuth2UserService<OAuth2UserRequest,OAuth2User> userService)

Method Detail

authenticate

public reactor.core.publisher.Mono<Authentication> authenticate(Authentication authentication)

Description copied from interface: ReactiveAuthenticationManager

Attempts to authenticate the provided Authentication

Specified by:

authenticate in interface ReactiveAuthenticationManager

Parameters:

authentication - the Authentication to test

Returns:

if authentication is successful an Authentication is returned. If authentication cannot be determined, an empty Mono is returned. If authentication fails, a Mono error is returned.

setAuthoritiesMapper

public final void setAuthoritiesMapper(GrantedAuthoritiesMapper authoritiesMapper)

Sets the GrantedAuthoritiesMapper used for mapping OAuth2AuthenticatedPrincipal.getAuthorities() to a new set of authorities which will be associated to the OAuth2LoginAuthenticationToken.

Parameters:

authoritiesMapper - the GrantedAuthoritiesMapper used for mapping the user's authorities

Since:

5.4