public class OAuth2AuthorizationCodeGrantFilter
extends org.springframework.web.filter.OncePerRequestFilter
Filter
for the OAuth 2.0 Authorization Code Grant, which handles the
processing of the OAuth 2.0 Authorization Response.
The OAuth 2.0 Authorization Response is processed as follows:
code
and
state
parameters to the
redirect_uri
(provided in the Authorization
Request) and redirect the End-User's user-agent back to this Filter
(the
Client).Filter
will then create an
OAuth2AuthorizationCodeAuthenticationToken
with the
code
received and delegate it to the
AuthenticationManager
to authenticate.Authorized
Client
is created by associating the
client
to
the access token
and current Principal
and saving it via the
OAuth2AuthorizedClientRepository
.OAuth2AuthorizationCodeAuthenticationToken
,
OAuth2AuthorizationCodeAuthenticationProvider
,
OAuth2AuthorizationRequest
,
OAuth2AuthorizationResponse
,
AuthorizationRequestRepository
,
OAuth2AuthorizationRequestRedirectFilter
,
ClientRegistrationRepository
,
OAuth2AuthorizedClient
,
OAuth2AuthorizedClientRepository
,
Section
4.1 Authorization Code Grant,
Section 4.1.2 Authorization
ResponseConstructor and Description |
---|
OAuth2AuthorizationCodeGrantFilter(ClientRegistrationRepository clientRegistrationRepository,
OAuth2AuthorizedClientRepository authorizedClientRepository,
AuthenticationManager authenticationManager)
Constructs an
OAuth2AuthorizationCodeGrantFilter using the provided
parameters. |
Modifier and Type | Method and Description |
---|---|
protected void |
doFilterInternal(javax.servlet.http.HttpServletRequest request,
javax.servlet.http.HttpServletResponse response,
javax.servlet.FilterChain filterChain) |
void |
setAuthorizationRequestRepository(AuthorizationRequestRepository<OAuth2AuthorizationRequest> authorizationRequestRepository)
Sets the repository for stored
OAuth2AuthorizationRequest 's. |
void |
setRequestCache(RequestCache requestCache)
Sets the
RequestCache used for loading a previously saved request (if
available) and replaying it after completing the processing of the OAuth 2.0
Authorization Response. |
doFilter, doFilterNestedErrorDispatch, getAlreadyFilteredAttributeName, isAsyncDispatch, isAsyncStarted, shouldNotFilter, shouldNotFilterAsyncDispatch, shouldNotFilterErrorDispatch
public OAuth2AuthorizationCodeGrantFilter(ClientRegistrationRepository clientRegistrationRepository, OAuth2AuthorizedClientRepository authorizedClientRepository, AuthenticationManager authenticationManager)
OAuth2AuthorizationCodeGrantFilter
using the provided
parameters.clientRegistrationRepository
- the repository of client registrationsauthorizedClientRepository
- the authorized client repositoryauthenticationManager
- the authentication managerpublic final void setAuthorizationRequestRepository(AuthorizationRequestRepository<OAuth2AuthorizationRequest> authorizationRequestRepository)
OAuth2AuthorizationRequest
's.authorizationRequestRepository
- the repository for stored
OAuth2AuthorizationRequest
'spublic final void setRequestCache(RequestCache requestCache)
RequestCache
used for loading a previously saved request (if
available) and replaying it after completing the processing of the OAuth 2.0
Authorization Response.requestCache
- the cache used for loading a previously saved request (if
available)protected void doFilterInternal(javax.servlet.http.HttpServletRequest request, javax.servlet.http.HttpServletResponse response, javax.servlet.FilterChain filterChain) throws javax.servlet.ServletException, java.io.IOException
doFilterInternal
in class org.springframework.web.filter.OncePerRequestFilter
javax.servlet.ServletException
java.io.IOException