public class OAuth2LoginAuthenticationFilter extends AbstractAuthenticationProcessingFilter
AbstractAuthenticationProcessingFilter
for OAuth 2.0
Login.
This authentication Filter
handles the processing of an OAuth 2.0 Authorization
Response for the authorization code grant flow and delegates an
OAuth2LoginAuthenticationToken
to the AuthenticationManager
to log in
the End-User.
The OAuth 2.0 Authorization Response is processed as follows:
code
and
state
parameters to the
redirect_uri
(provided in the Authorization
Request) and redirect the End-User's user-agent back to this Filter
(the
Client).Filter
will then create an OAuth2LoginAuthenticationToken
with
the code
received and delegate it to the
AuthenticationManager
to authenticate.OAuth2AuthenticationToken
is created
(representing the End-User Principal
) and associated to the
Authorized Client
using the
OAuth2AuthorizedClientRepository
.OAuth2AuthenticationToken
is returned and ultimately stored in
the SecurityContextRepository
to complete the authentication processing.AbstractAuthenticationProcessingFilter
,
OAuth2LoginAuthenticationToken
,
OAuth2AuthenticationToken
,
OAuth2LoginAuthenticationProvider
,
OAuth2AuthorizationRequest
,
OAuth2AuthorizationResponse
,
AuthorizationRequestRepository
,
OAuth2AuthorizationRequestRedirectFilter
,
ClientRegistrationRepository
,
OAuth2AuthorizedClient
,
OAuth2AuthorizedClientRepository
,
Section
4.1 Authorization Code Grant,
Section 4.1.2 Authorization
ResponseModifier and Type | Field and Description |
---|---|
static java.lang.String |
DEFAULT_FILTER_PROCESSES_URI
The default
URI where this Filter processes authentication
requests. |
authenticationDetailsSource, eventPublisher, messages
Constructor and Description |
---|
OAuth2LoginAuthenticationFilter(ClientRegistrationRepository clientRegistrationRepository,
OAuth2AuthorizedClientRepository authorizedClientRepository,
java.lang.String filterProcessesUrl)
Constructs an
OAuth2LoginAuthenticationFilter using the provided
parameters. |
OAuth2LoginAuthenticationFilter(ClientRegistrationRepository clientRegistrationRepository,
OAuth2AuthorizedClientService authorizedClientService)
Constructs an
OAuth2LoginAuthenticationFilter using the provided
parameters. |
OAuth2LoginAuthenticationFilter(ClientRegistrationRepository clientRegistrationRepository,
OAuth2AuthorizedClientService authorizedClientService,
java.lang.String filterProcessesUrl)
Constructs an
OAuth2LoginAuthenticationFilter using the provided
parameters. |
Modifier and Type | Method and Description |
---|---|
Authentication |
attemptAuthentication(javax.servlet.http.HttpServletRequest request,
javax.servlet.http.HttpServletResponse response)
Performs actual authentication.
|
void |
setAuthorizationRequestRepository(AuthorizationRequestRepository<OAuth2AuthorizationRequest> authorizationRequestRepository)
Sets the repository for stored
OAuth2AuthorizationRequest 's. |
afterPropertiesSet, doFilter, getAllowSessionCreation, getAuthenticationManager, getFailureHandler, getRememberMeServices, getSuccessHandler, requiresAuthentication, setAllowSessionCreation, setApplicationEventPublisher, setAuthenticationDetailsSource, setAuthenticationFailureHandler, setAuthenticationManager, setAuthenticationSuccessHandler, setContinueChainBeforeSuccessfulAuthentication, setFilterProcessesUrl, setMessageSource, setRememberMeServices, setRequiresAuthenticationRequestMatcher, setSessionAuthenticationStrategy, successfulAuthentication, unsuccessfulAuthentication
public static final java.lang.String DEFAULT_FILTER_PROCESSES_URI
URI
where this Filter
processes authentication
requests.public OAuth2LoginAuthenticationFilter(ClientRegistrationRepository clientRegistrationRepository, OAuth2AuthorizedClientService authorizedClientService)
OAuth2LoginAuthenticationFilter
using the provided
parameters.clientRegistrationRepository
- the repository of client registrationsauthorizedClientService
- the authorized client servicepublic OAuth2LoginAuthenticationFilter(ClientRegistrationRepository clientRegistrationRepository, OAuth2AuthorizedClientService authorizedClientService, java.lang.String filterProcessesUrl)
OAuth2LoginAuthenticationFilter
using the provided
parameters.clientRegistrationRepository
- the repository of client registrationsauthorizedClientService
- the authorized client servicefilterProcessesUrl
- the URI
where this Filter
will process
the authentication requestspublic OAuth2LoginAuthenticationFilter(ClientRegistrationRepository clientRegistrationRepository, OAuth2AuthorizedClientRepository authorizedClientRepository, java.lang.String filterProcessesUrl)
OAuth2LoginAuthenticationFilter
using the provided
parameters.clientRegistrationRepository
- the repository of client registrationsauthorizedClientRepository
- the authorized client repositoryfilterProcessesUrl
- the URI
where this Filter
will process
the authentication requestspublic Authentication attemptAuthentication(javax.servlet.http.HttpServletRequest request, javax.servlet.http.HttpServletResponse response) throws AuthenticationException
AbstractAuthenticationProcessingFilter
The implementation should do one of the following:
attemptAuthentication
in class AbstractAuthenticationProcessingFilter
request
- from which to extract parameters and perform the authenticationresponse
- the response, which may be needed if the implementation has to do a
redirect as part of a multi-stage authentication process (such as OpenID).AuthenticationException
- if authentication fails.public final void setAuthorizationRequestRepository(AuthorizationRequestRepository<OAuth2AuthorizationRequest> authorizationRequestRepository)
OAuth2AuthorizationRequest
's.authorizationRequestRepository
- the repository for stored
OAuth2AuthorizationRequest
's