Class ServletOAuth2AuthorizedClientExchangeFilterFunction

    • Constructor Detail

      • ServletOAuth2AuthorizedClientExchangeFilterFunction

        public ServletOAuth2AuthorizedClientExchangeFilterFunction()
      • ServletOAuth2AuthorizedClientExchangeFilterFunction

        public ServletOAuth2AuthorizedClientExchangeFilterFunction​(OAuth2AuthorizedClientManager authorizedClientManager)
        Constructs a ServletOAuth2AuthorizedClientExchangeFilterFunction using the provided parameters.

        When this constructor is used, authentication (HTTP 401) and authorization (HTTP 403) failures returned from an OAuth 2.0 Resource Server will NOT be forwarded to an OAuth2AuthorizationFailureHandler. Therefore, future requests to the Resource Server will most likely use the same (likely invalid) token, resulting in the same errors returned from the Resource Server. It is recommended to configure a RemoveAuthorizedClientOAuth2AuthorizationFailureHandler via setAuthorizationFailureHandler(OAuth2AuthorizationFailureHandler) so that authentication and authorization failures returned from a Resource Server will result in removing the authorized client, so that a new token is retrieved for future requests.

        Parameters:
        authorizedClientManager - the OAuth2AuthorizedClientManager which manages the authorized client(s)
        Since:
        5.2
      • ServletOAuth2AuthorizedClientExchangeFilterFunction

        public ServletOAuth2AuthorizedClientExchangeFilterFunction​(ClientRegistrationRepository clientRegistrationRepository,
                                                                   OAuth2AuthorizedClientRepository authorizedClientRepository)
        Constructs a ServletOAuth2AuthorizedClientExchangeFilterFunction using the provided parameters.

        Since 5.3, when this constructor is used, authentication (HTTP 401) and authorization (HTTP 403) failures returned from an OAuth 2.0 Resource Server will be forwarded to a RemoveAuthorizedClientOAuth2AuthorizationFailureHandler, which will potentially remove the OAuth2AuthorizedClient from the given OAuth2AuthorizedClientRepository, depending on the OAuth 2.0 error code returned. Authentication failures returned from an OAuth 2.0 Resource Server typically indicate that the token is invalid, and should not be used in future requests. Removing the authorized client from the repository will ensure that the existing token will not be sent for future requests to the Resource Server, and a new token is retrieved from the Authorization Server and used for future requests to the Resource Server.

        Parameters:
        clientRegistrationRepository - the repository of client registrations
        authorizedClientRepository - the repository of authorized clients
    • Method Detail

      • setDefaultOAuth2AuthorizedClient

        public void setDefaultOAuth2AuthorizedClient​(boolean defaultOAuth2AuthorizedClient)
        If true, a default OAuth2AuthorizedClient can be discovered from the current Authentication. It is recommended to be cautious with this feature since all HTTP requests will receive the access token if it can be resolved from the current Authentication.
        Parameters:
        defaultOAuth2AuthorizedClient - true if a default OAuth2AuthorizedClient should be used, else false. Default is false.
      • setDefaultClientRegistrationId

        public void setDefaultClientRegistrationId​(java.lang.String clientRegistrationId)
        If set, will be used as the default ClientRegistration.getRegistrationId(). It is recommended to be cautious with this feature since all HTTP requests will receive the access token.
        Parameters:
        clientRegistrationId - the id to use
      • oauth2Configuration

        public java.util.function.Consumer<org.springframework.web.reactive.function.client.WebClient.Builder> oauth2Configuration()
        Configures the builder with defaultRequest() and adds this as a ExchangeFilterFunction
        Returns:
        the Consumer to configure the builder
      • oauth2AuthorizedClient

        public static java.util.function.Consumer<java.util.Map<java.lang.String,​java.lang.Object>> oauth2AuthorizedClient​(OAuth2AuthorizedClient authorizedClient)
        Modifies the ClientRequest.attributes() to include the OAuth2AuthorizedClient to be used for providing the Bearer Token.
        Parameters:
        authorizedClient - the OAuth2AuthorizedClient to use.
        Returns:
        the Consumer to populate the attributes
      • authentication

        public static java.util.function.Consumer<java.util.Map<java.lang.String,​java.lang.Object>> authentication​(Authentication authentication)
        Modifies the ClientRequest.attributes() to include the Authentication used to look up and save the OAuth2AuthorizedClient. The value is defaulted in defaultRequest()
        Parameters:
        authentication - the Authentication to use.
        Returns:
        the Consumer to populate the attributes
      • httpServletRequest

        public static java.util.function.Consumer<java.util.Map<java.lang.String,​java.lang.Object>> httpServletRequest​(javax.servlet.http.HttpServletRequest request)
        Modifies the ClientRequest.attributes() to include the HttpServletRequest used to look up and save the OAuth2AuthorizedClient. The value is defaulted in defaultRequest()
        Parameters:
        request - the HttpServletRequest to use.
        Returns:
        the Consumer to populate the attributes
      • httpServletResponse

        public static java.util.function.Consumer<java.util.Map<java.lang.String,​java.lang.Object>> httpServletResponse​(javax.servlet.http.HttpServletResponse response)
        Modifies the ClientRequest.attributes() to include the HttpServletResponse used to save the OAuth2AuthorizedClient. The value is defaulted in defaultRequest()
        Parameters:
        response - the HttpServletResponse to use.
        Returns:
        the Consumer to populate the attributes
      • filter

        public reactor.core.publisher.Mono<org.springframework.web.reactive.function.client.ClientResponse> filter​(org.springframework.web.reactive.function.client.ClientRequest request,
                                                                                                                   org.springframework.web.reactive.function.client.ExchangeFunction next)
        Specified by:
        filter in interface org.springframework.web.reactive.function.client.ExchangeFilterFunction