Class OAuth2AuthorizationRequestRedirectFilter
- java.lang.Object
-
- org.springframework.web.filter.GenericFilterBean
-
- org.springframework.web.filter.OncePerRequestFilter
-
- org.springframework.security.oauth2.client.web.OAuth2AuthorizationRequestRedirectFilter
-
- All Implemented Interfaces:
javax.servlet.Filter
,org.springframework.beans.factory.Aware
,org.springframework.beans.factory.BeanNameAware
,org.springframework.beans.factory.DisposableBean
,org.springframework.beans.factory.InitializingBean
,org.springframework.context.EnvironmentAware
,org.springframework.core.env.EnvironmentCapable
,org.springframework.web.context.ServletContextAware
public class OAuth2AuthorizationRequestRedirectFilter extends org.springframework.web.filter.OncePerRequestFilter
ThisFilter
initiates the authorization code grant or implicit grant flow by redirecting the End-User's user-agent to the Authorization Server's Authorization Endpoint.It builds the OAuth 2.0 Authorization Request, which is used as the redirect
URI
to the Authorization Endpoint. The redirectURI
will include the client identifier, requested scope(s), state, response type, and a redirection URI which the authorization server will send the user-agent back to once access is granted (or denied) by the End-User (Resource Owner).By default, this
Filter
responds to authorization requests at theURI
/oauth2/authorization/{registrationId}
using the defaultOAuth2AuthorizationRequestResolver
. TheURI
template variable{registrationId}
represents theregistration identifier
of the client that is used for initiating the OAuth 2.0 Authorization Request.The default base
URI
/oauth2/authorization
may be overridden via the constructorOAuth2AuthorizationRequestRedirectFilter(ClientRegistrationRepository, String)
, or alternatively, anOAuth2AuthorizationRequestResolver
may be provided to the constructorOAuth2AuthorizationRequestRedirectFilter(OAuth2AuthorizationRequestResolver)
to override the resolving of authorization requests.- Since:
- 5.0
- See Also:
OAuth2AuthorizationRequest
,OAuth2AuthorizationRequestResolver
,AuthorizationRequestRepository
,ClientRegistration
,ClientRegistrationRepository
, Section 4.1 Authorization Code Grant, Section 4.1.1 Authorization Request (Authorization Code), Section 4.2 Implicit Grant, Section 4.2.1 Authorization Request (Implicit)
-
-
Field Summary
Fields Modifier and Type Field Description static java.lang.String
DEFAULT_AUTHORIZATION_REQUEST_BASE_URI
The default baseURI
used for authorization requests.
-
Constructor Summary
Constructors Constructor Description OAuth2AuthorizationRequestRedirectFilter(ClientRegistrationRepository clientRegistrationRepository)
Constructs anOAuth2AuthorizationRequestRedirectFilter
using the provided parameters.OAuth2AuthorizationRequestRedirectFilter(ClientRegistrationRepository clientRegistrationRepository, java.lang.String authorizationRequestBaseUri)
Constructs anOAuth2AuthorizationRequestRedirectFilter
using the provided parameters.OAuth2AuthorizationRequestRedirectFilter(OAuth2AuthorizationRequestResolver authorizationRequestResolver)
Constructs anOAuth2AuthorizationRequestRedirectFilter
using the provided parameters.
-
Method Summary
All Methods Instance Methods Concrete Methods Modifier and Type Method Description protected void
doFilterInternal(javax.servlet.http.HttpServletRequest request, javax.servlet.http.HttpServletResponse response, javax.servlet.FilterChain filterChain)
void
setAuthorizationRedirectStrategy(RedirectStrategy authorizationRedirectStrategy)
Sets the redirect strategy for Authorization Endpoint redirect URI.void
setAuthorizationRequestRepository(AuthorizationRequestRepository<OAuth2AuthorizationRequest> authorizationRequestRepository)
Sets the repository used for storingOAuth2AuthorizationRequest
's.void
setRequestCache(RequestCache requestCache)
Sets theRequestCache
used for storing the current request before redirecting the OAuth 2.0 Authorization Request.-
Methods inherited from class org.springframework.web.filter.OncePerRequestFilter
doFilter, doFilterNestedErrorDispatch, getAlreadyFilteredAttributeName, isAsyncDispatch, isAsyncStarted, shouldNotFilter, shouldNotFilterAsyncDispatch, shouldNotFilterErrorDispatch
-
-
-
-
Field Detail
-
DEFAULT_AUTHORIZATION_REQUEST_BASE_URI
public static final java.lang.String DEFAULT_AUTHORIZATION_REQUEST_BASE_URI
The default baseURI
used for authorization requests.- See Also:
- Constant Field Values
-
-
Constructor Detail
-
OAuth2AuthorizationRequestRedirectFilter
public OAuth2AuthorizationRequestRedirectFilter(ClientRegistrationRepository clientRegistrationRepository)
Constructs anOAuth2AuthorizationRequestRedirectFilter
using the provided parameters.- Parameters:
clientRegistrationRepository
- the repository of client registrations
-
OAuth2AuthorizationRequestRedirectFilter
public OAuth2AuthorizationRequestRedirectFilter(ClientRegistrationRepository clientRegistrationRepository, java.lang.String authorizationRequestBaseUri)
Constructs anOAuth2AuthorizationRequestRedirectFilter
using the provided parameters.- Parameters:
clientRegistrationRepository
- the repository of client registrationsauthorizationRequestBaseUri
- the baseURI
used for authorization requests
-
OAuth2AuthorizationRequestRedirectFilter
public OAuth2AuthorizationRequestRedirectFilter(OAuth2AuthorizationRequestResolver authorizationRequestResolver)
Constructs anOAuth2AuthorizationRequestRedirectFilter
using the provided parameters.- Parameters:
authorizationRequestResolver
- the resolver used for resolving authorization requests- Since:
- 5.1
-
-
Method Detail
-
setAuthorizationRedirectStrategy
public void setAuthorizationRedirectStrategy(RedirectStrategy authorizationRedirectStrategy)
Sets the redirect strategy for Authorization Endpoint redirect URI.- Parameters:
authorizationRedirectStrategy
- the redirect strategy
-
setAuthorizationRequestRepository
public final void setAuthorizationRequestRepository(AuthorizationRequestRepository<OAuth2AuthorizationRequest> authorizationRequestRepository)
Sets the repository used for storingOAuth2AuthorizationRequest
's.- Parameters:
authorizationRequestRepository
- the repository used for storingOAuth2AuthorizationRequest
's
-
setRequestCache
public final void setRequestCache(RequestCache requestCache)
Sets theRequestCache
used for storing the current request before redirecting the OAuth 2.0 Authorization Request.- Parameters:
requestCache
- the cache used for storing the current request
-
doFilterInternal
protected void doFilterInternal(javax.servlet.http.HttpServletRequest request, javax.servlet.http.HttpServletResponse response, javax.servlet.FilterChain filterChain) throws javax.servlet.ServletException, java.io.IOException
- Specified by:
doFilterInternal
in classorg.springframework.web.filter.OncePerRequestFilter
- Throws:
javax.servlet.ServletException
java.io.IOException
-
-