Class SpringOpaqueTokenIntrospector
- java.lang.Object
-
- org.springframework.security.oauth2.server.resource.introspection.SpringOpaqueTokenIntrospector
-
- All Implemented Interfaces:
OpaqueTokenIntrospector
public class SpringOpaqueTokenIntrospector extends java.lang.Object implements OpaqueTokenIntrospector
A Spring implementation ofOpaqueTokenIntrospector
that verifies and introspects a token using the configured OAuth 2.0 Introspection Endpoint.- Since:
- 5.6
-
-
Constructor Summary
Constructors Constructor Description SpringOpaqueTokenIntrospector(java.lang.String introspectionUri, java.lang.String clientId, java.lang.String clientSecret)
Creates aOpaqueTokenAuthenticationProvider
with the provided parametersSpringOpaqueTokenIntrospector(java.lang.String introspectionUri, org.springframework.web.client.RestOperations restOperations)
Creates aOpaqueTokenAuthenticationProvider
with the provided parameters The givenRestOperations
should perform its own client authentication against the introspection endpoint.
-
Method Summary
All Methods Instance Methods Concrete Methods Modifier and Type Method Description OAuth2AuthenticatedPrincipal
introspect(java.lang.String token)
Introspect and verify the given token, returning its attributes.void
setRequestEntityConverter(org.springframework.core.convert.converter.Converter<java.lang.String,org.springframework.http.RequestEntity<?>> requestEntityConverter)
Sets theConverter
used for converting the OAuth 2.0 access token to aRequestEntity
representation of the OAuth 2.0 token introspection request.
-
-
-
Constructor Detail
-
SpringOpaqueTokenIntrospector
public SpringOpaqueTokenIntrospector(java.lang.String introspectionUri, java.lang.String clientId, java.lang.String clientSecret)
Creates aOpaqueTokenAuthenticationProvider
with the provided parameters- Parameters:
introspectionUri
- The introspection endpoint uriclientId
- The client id authorized to introspectclientSecret
- The client's secret
-
SpringOpaqueTokenIntrospector
public SpringOpaqueTokenIntrospector(java.lang.String introspectionUri, org.springframework.web.client.RestOperations restOperations)
Creates aOpaqueTokenAuthenticationProvider
with the provided parameters The givenRestOperations
should perform its own client authentication against the introspection endpoint.- Parameters:
introspectionUri
- The introspection endpoint urirestOperations
- The client for performing the introspection request
-
-
Method Detail
-
introspect
public OAuth2AuthenticatedPrincipal introspect(java.lang.String token)
Description copied from interface:OpaqueTokenIntrospector
Introspect and verify the given token, returning its attributes. Returning aMap
is indicative that the token is valid.- Specified by:
introspect
in interfaceOpaqueTokenIntrospector
- Parameters:
token
- the token to introspect- Returns:
- the token's attributes
-
setRequestEntityConverter
public void setRequestEntityConverter(org.springframework.core.convert.converter.Converter<java.lang.String,org.springframework.http.RequestEntity<?>> requestEntityConverter)
Sets theConverter
used for converting the OAuth 2.0 access token to aRequestEntity
representation of the OAuth 2.0 token introspection request.- Parameters:
requestEntityConverter
- theConverter
used for converting to aRequestEntity
representation of the token introspection request
-
-