Class OpaqueTokenReactiveAuthenticationManager
- java.lang.Object
-
- org.springframework.security.oauth2.server.resource.authentication.OpaqueTokenReactiveAuthenticationManager
-
- All Implemented Interfaces:
ReactiveAuthenticationManager
public class OpaqueTokenReactiveAuthenticationManager extends java.lang.Object implements ReactiveAuthenticationManager
AnReactiveAuthenticationManager
implementation for opaque Bearer Tokens, using an OAuth 2.0 Introspection Endpoint to check the token's validity and reveal its attributes.This
ReactiveAuthenticationManager
is responsible for introspecting and verifying an opaque access token, returning its attributes set as part of theAuthentication
statement.A
ReactiveOpaqueTokenIntrospector
is responsible for retrieving token attributes from an authorization server.A
ReactiveOpaqueTokenAuthenticationConverter
is responsible for turning a successful introspection result into anAuthentication
instance (which may include mappingGrantedAuthority
s from token attributes or retrieving from another source).- Since:
- 5.2
- See Also:
ReactiveAuthenticationManager
-
-
Constructor Summary
Constructors Constructor Description OpaqueTokenReactiveAuthenticationManager(ReactiveOpaqueTokenIntrospector introspector)
Creates aOpaqueTokenReactiveAuthenticationManager
with the provided parameters
-
Method Summary
All Methods Instance Methods Concrete Methods Modifier and Type Method Description reactor.core.publisher.Mono<Authentication>
authenticate(Authentication authentication)
Introspect and validate the opaque Bearer Token and then delegatesAuthentication
instantiation toReactiveOpaqueTokenAuthenticationConverter
.void
setAuthenticationConverter(ReactiveOpaqueTokenAuthenticationConverter authenticationConverter)
Provide with a custom bean to turn successful introspection result into anAuthentication
instance of your choice.
-
-
-
Constructor Detail
-
OpaqueTokenReactiveAuthenticationManager
public OpaqueTokenReactiveAuthenticationManager(ReactiveOpaqueTokenIntrospector introspector)
Creates aOpaqueTokenReactiveAuthenticationManager
with the provided parameters- Parameters:
introspector
- TheReactiveOpaqueTokenIntrospector
to use
-
-
Method Detail
-
authenticate
public reactor.core.publisher.Mono<Authentication> authenticate(Authentication authentication)
Introspect and validate the opaque Bearer Token and then delegatesAuthentication
instantiation toReactiveOpaqueTokenAuthenticationConverter
.If created Authentication is instance of
AbstractAuthenticationToken
and details are null, then introspection result details are used.- Specified by:
authenticate
in interfaceReactiveAuthenticationManager
- Parameters:
authentication
- the authentication request object.- Returns:
- A successful authentication
-
setAuthenticationConverter
public void setAuthenticationConverter(ReactiveOpaqueTokenAuthenticationConverter authenticationConverter)
Provide with a custom bean to turn successful introspection result into anAuthentication
instance of your choice. By default,BearerTokenAuthentication
will be built.- Parameters:
authenticationConverter
- the converter to use- Since:
- 5.8
-
-