Class OidcUserService
- java.lang.Object
-
- org.springframework.security.oauth2.client.oidc.userinfo.OidcUserService
-
- All Implemented Interfaces:
OAuth2UserService<OidcUserRequest,OidcUser>
public class OidcUserService extends java.lang.Object implements OAuth2UserService<OidcUserRequest,OidcUser>
An implementation of anOAuth2UserService
that supports OpenID Connect 1.0 Provider's.- Since:
- 5.0
- See Also:
OAuth2UserService
,OidcUserRequest
,OidcUser
,DefaultOidcUser
,OidcUserInfo
-
-
Constructor Summary
Constructors Constructor Description OidcUserService()
-
Method Summary
All Methods Static Methods Instance Methods Concrete Methods Modifier and Type Method Description static java.util.Map<java.lang.String,org.springframework.core.convert.converter.Converter<java.lang.Object,?>>
createDefaultClaimTypeConverters()
Returns the defaultConverter
's used for type conversion of claim values for anOidcUserInfo
.OidcUser
loadUser(OidcUserRequest userRequest)
Returns anOAuth2User
after obtaining the user attributes of the End-User from the UserInfo Endpoint.void
setAccessibleScopes(java.util.Set<java.lang.String> accessibleScopes)
Sets the scope(s) that allow access to the user info resource.void
setClaimTypeConverterFactory(java.util.function.Function<ClientRegistration,org.springframework.core.convert.converter.Converter<java.util.Map<java.lang.String,java.lang.Object>,java.util.Map<java.lang.String,java.lang.Object>>> claimTypeConverterFactory)
Sets the factory that provides aConverter
used for type conversion of claim values for anOidcUserInfo
.void
setOauth2UserService(OAuth2UserService<OAuth2UserRequest,OAuth2User> oauth2UserService)
Sets theOAuth2UserService
used when requesting the user info resource.
-
-
-
Method Detail
-
createDefaultClaimTypeConverters
public static java.util.Map<java.lang.String,org.springframework.core.convert.converter.Converter<java.lang.Object,?>> createDefaultClaimTypeConverters()
Returns the defaultConverter
's used for type conversion of claim values for anOidcUserInfo
.- Returns:
- a
Map
ofConverter
's keyed byclaim name
- Since:
- 5.2
-
loadUser
public OidcUser loadUser(OidcUserRequest userRequest) throws OAuth2AuthenticationException
Description copied from interface:OAuth2UserService
Returns anOAuth2User
after obtaining the user attributes of the End-User from the UserInfo Endpoint.- Specified by:
loadUser
in interfaceOAuth2UserService<OidcUserRequest,OidcUser>
- Parameters:
userRequest
- the user request- Returns:
- an
OAuth2User
- Throws:
OAuth2AuthenticationException
- if an error occurs while attempting to obtain the user attributes from the UserInfo Endpoint
-
setOauth2UserService
public final void setOauth2UserService(OAuth2UserService<OAuth2UserRequest,OAuth2User> oauth2UserService)
Sets theOAuth2UserService
used when requesting the user info resource.- Parameters:
oauth2UserService
- theOAuth2UserService
used when requesting the user info resource.- Since:
- 5.1
-
setClaimTypeConverterFactory
public final void setClaimTypeConverterFactory(java.util.function.Function<ClientRegistration,org.springframework.core.convert.converter.Converter<java.util.Map<java.lang.String,java.lang.Object>,java.util.Map<java.lang.String,java.lang.Object>>> claimTypeConverterFactory)
Sets the factory that provides aConverter
used for type conversion of claim values for anOidcUserInfo
. The default isClaimTypeConverter
for allclients
.- Parameters:
claimTypeConverterFactory
- the factory that provides aConverter
used for type conversion of claim values for a specificclient
- Since:
- 5.2
-
setAccessibleScopes
public final void setAccessibleScopes(java.util.Set<java.lang.String> accessibleScopes)
Sets the scope(s) that allow access to the user info resource. The default isprofile
,email
,address
andphone
. The scope(s) are checked against the "granted" scope(s) associated to theaccess token
to determine if the user info resource is accessible or not. If there is at least one match, the user info resource will be requested, otherwise it will not.- Parameters:
accessibleScopes
- the scope(s) that allow access to the user info resource- Since:
- 5.2
-
-