public class OAuth2AuthorizationCodeGrantWebFilter
extends java.lang.Object
implements org.springframework.web.server.WebFilter
Filter
for the OAuth 2.0 Authorization Code Grant, which handles the
processing of the OAuth 2.0 Authorization Response.
The OAuth 2.0 Authorization Response is processed as follows:
code
and
state
parameters to the
redirect_uri
(provided in the Authorization
Request) and redirect the End-User's user-agent back to this Filter
(the
Client).Filter
will then create an
OAuth2AuthorizationCodeAuthenticationToken
with the
code
received and delegate it to the
ReactiveAuthenticationManager
to authenticate.Authorized
Client
is created by associating the
client
to
the access token
and current Principal
and saving it via the
ServerOAuth2AuthorizedClientRepository
.OAuth2AuthorizationCodeAuthenticationToken
,
OAuth2AuthorizationCodeReactiveAuthenticationManager
,
OAuth2AuthorizationRequest
,
OAuth2AuthorizationResponse
,
AuthorizationRequestRepository
,
OAuth2AuthorizationRequestRedirectWebFilter
,
ReactiveClientRegistrationRepository
,
OAuth2AuthorizedClient
,
ServerOAuth2AuthorizedClientRepository
,
Section
4.1 Authorization Code Grant,
Section 4.1.2 Authorization
ResponseConstructor and Description |
---|
OAuth2AuthorizationCodeGrantWebFilter(ReactiveAuthenticationManager authenticationManager,
ReactiveClientRegistrationRepository clientRegistrationRepository,
ServerOAuth2AuthorizedClientRepository authorizedClientRepository) |
OAuth2AuthorizationCodeGrantWebFilter(ReactiveAuthenticationManager authenticationManager,
ServerAuthenticationConverter authenticationConverter,
ServerOAuth2AuthorizedClientRepository authorizedClientRepository) |
Modifier and Type | Method and Description |
---|---|
reactor.core.publisher.Mono<java.lang.Void> |
filter(org.springframework.web.server.ServerWebExchange exchange,
org.springframework.web.server.WebFilterChain chain) |
void |
setAuthorizationRequestRepository(ServerAuthorizationRequestRepository<OAuth2AuthorizationRequest> authorizationRequestRepository)
Sets the repository used for storing
OAuth2AuthorizationRequest 's. |
void |
setRequestCache(ServerRequestCache requestCache)
Sets the
ServerRequestCache used for loading a previously saved request (if
available) and replaying it after completing the processing of the OAuth 2.0
Authorization Response. |
public OAuth2AuthorizationCodeGrantWebFilter(ReactiveAuthenticationManager authenticationManager, ReactiveClientRegistrationRepository clientRegistrationRepository, ServerOAuth2AuthorizedClientRepository authorizedClientRepository)
public OAuth2AuthorizationCodeGrantWebFilter(ReactiveAuthenticationManager authenticationManager, ServerAuthenticationConverter authenticationConverter, ServerOAuth2AuthorizedClientRepository authorizedClientRepository)
public final void setAuthorizationRequestRepository(ServerAuthorizationRequestRepository<OAuth2AuthorizationRequest> authorizationRequestRepository)
OAuth2AuthorizationRequest
's. The
default is WebSessionOAuth2ServerAuthorizationRequestRepository
.authorizationRequestRepository
- the repository used for storing
OAuth2AuthorizationRequest
'spublic final void setRequestCache(ServerRequestCache requestCache)
ServerRequestCache
used for loading a previously saved request (if
available) and replaying it after completing the processing of the OAuth 2.0
Authorization Response.requestCache
- the cache used for loading a previously saved request (if
available)public reactor.core.publisher.Mono<java.lang.Void> filter(org.springframework.web.server.ServerWebExchange exchange, org.springframework.web.server.WebFilterChain chain)
filter
in interface org.springframework.web.server.WebFilter