public class OAuth2AuthorizationRequestRedirectFilter
extends org.springframework.web.filter.OncePerRequestFilter
Filter
initiates the authorization code grant or implicit grant flow by
redirecting the End-User's user-agent to the Authorization Server's Authorization
Endpoint.
It builds the OAuth 2.0 Authorization Request, which is used as the redirect
URI
to the Authorization Endpoint. The redirect URI
will include the
client identifier, requested scope(s), state, response type, and a redirection URI
which the authorization server will send the user-agent back to once access is granted
(or denied) by the End-User (Resource Owner).
By default, this Filter
responds to authorization requests at the URI
/oauth2/authorization/{registrationId}
using the default
OAuth2AuthorizationRequestResolver
. The URI
template variable
{registrationId}
represents the registration identifier
of the client that is used for initiating the OAuth 2.0
Authorization Request.
The default base URI
/oauth2/authorization
may be overridden via the
constructor
OAuth2AuthorizationRequestRedirectFilter(ClientRegistrationRepository, String)
,
or alternatively, an OAuth2AuthorizationRequestResolver
may be provided to the
constructor
OAuth2AuthorizationRequestRedirectFilter(OAuth2AuthorizationRequestResolver)
to override the resolving of authorization requests.
OAuth2AuthorizationRequest
,
OAuth2AuthorizationRequestResolver
,
AuthorizationRequestRepository
,
ClientRegistration
,
ClientRegistrationRepository
,
Section
4.1 Authorization Code Grant,
Section 4.1.1 Authorization Request
(Authorization Code),
Section
4.2 Implicit Grant,
Section 4.2.1 Authorization Request
(Implicit)Modifier and Type | Field and Description |
---|---|
static java.lang.String |
DEFAULT_AUTHORIZATION_REQUEST_BASE_URI
The default base
URI used for authorization requests. |
Constructor and Description |
---|
OAuth2AuthorizationRequestRedirectFilter(ClientRegistrationRepository clientRegistrationRepository)
Constructs an
OAuth2AuthorizationRequestRedirectFilter using the provided
parameters. |
OAuth2AuthorizationRequestRedirectFilter(ClientRegistrationRepository clientRegistrationRepository,
java.lang.String authorizationRequestBaseUri)
Constructs an
OAuth2AuthorizationRequestRedirectFilter using the provided
parameters. |
OAuth2AuthorizationRequestRedirectFilter(OAuth2AuthorizationRequestResolver authorizationRequestResolver)
Constructs an
OAuth2AuthorizationRequestRedirectFilter using the provided
parameters. |
Modifier and Type | Method and Description |
---|---|
protected void |
doFilterInternal(javax.servlet.http.HttpServletRequest request,
javax.servlet.http.HttpServletResponse response,
javax.servlet.FilterChain filterChain) |
void |
setAuthorizationRequestRepository(AuthorizationRequestRepository<OAuth2AuthorizationRequest> authorizationRequestRepository)
Sets the repository used for storing
OAuth2AuthorizationRequest 's. |
void |
setRequestCache(RequestCache requestCache)
Sets the
RequestCache used for storing the current request before
redirecting the OAuth 2.0 Authorization Request. |
doFilter, doFilterNestedErrorDispatch, getAlreadyFilteredAttributeName, isAsyncDispatch, isAsyncStarted, shouldNotFilter, shouldNotFilterAsyncDispatch, shouldNotFilterErrorDispatch
public static final java.lang.String DEFAULT_AUTHORIZATION_REQUEST_BASE_URI
URI
used for authorization requests.public OAuth2AuthorizationRequestRedirectFilter(ClientRegistrationRepository clientRegistrationRepository)
OAuth2AuthorizationRequestRedirectFilter
using the provided
parameters.clientRegistrationRepository
- the repository of client registrationspublic OAuth2AuthorizationRequestRedirectFilter(ClientRegistrationRepository clientRegistrationRepository, java.lang.String authorizationRequestBaseUri)
OAuth2AuthorizationRequestRedirectFilter
using the provided
parameters.clientRegistrationRepository
- the repository of client registrationsauthorizationRequestBaseUri
- the base URI
used for authorization
requestspublic OAuth2AuthorizationRequestRedirectFilter(OAuth2AuthorizationRequestResolver authorizationRequestResolver)
OAuth2AuthorizationRequestRedirectFilter
using the provided
parameters.authorizationRequestResolver
- the resolver used for resolving authorization
requestspublic final void setAuthorizationRequestRepository(AuthorizationRequestRepository<OAuth2AuthorizationRequest> authorizationRequestRepository)
OAuth2AuthorizationRequest
's.authorizationRequestRepository
- the repository used for storing
OAuth2AuthorizationRequest
'spublic final void setRequestCache(RequestCache requestCache)
RequestCache
used for storing the current request before
redirecting the OAuth 2.0 Authorization Request.requestCache
- the cache used for storing the current requestprotected void doFilterInternal(javax.servlet.http.HttpServletRequest request, javax.servlet.http.HttpServletResponse response, javax.servlet.FilterChain filterChain) throws javax.servlet.ServletException, java.io.IOException
doFilterInternal
in class org.springframework.web.filter.OncePerRequestFilter
javax.servlet.ServletException
java.io.IOException