Class BearerTokenAuthenticationToken

java.lang.Object
org.springframework.security.authentication.AbstractAuthenticationToken
org.springframework.security.oauth2.server.resource.BearerTokenAuthenticationToken
All Implemented Interfaces:
Serializable, Principal, Authentication, CredentialsContainer

public class BearerTokenAuthenticationToken extends AbstractAuthenticationToken
An Authentication that contains a Bearer Token. Used by BearerTokenAuthenticationFilter to prepare an authentication attempt and supported by JwtAuthenticationProvider.
Since:
5.1
See Also:
  • Constructor Details

    • BearerTokenAuthenticationToken

      public BearerTokenAuthenticationToken(String token)
      Create a BearerTokenAuthenticationToken using the provided parameter(s)
      Parameters:
      token - - the bearer token
  • Method Details

    • getToken

      public String getToken()
      Get the Bearer Token
      Returns:
      the token that proves the caller's authority to perform the HttpServletRequest
    • getCredentials

      public Object getCredentials()
      Description copied from interface: Authentication
      The credentials that prove the principal is correct. This is usually a password, but could be anything relevant to the AuthenticationManager. Callers are expected to populate the credentials.
      Returns:
      the credentials that prove the identity of the Principal
    • getPrincipal

      public Object getPrincipal()
      Description copied from interface: Authentication
      The identity of the principal being authenticated. In the case of an authentication request with username and password, this would be the username. Callers are expected to populate the principal for an authentication request.

      The AuthenticationManager implementation will often return an Authentication containing richer information as the principal for use by the application. Many of the authentication providers will create a UserDetails object as the principal.

      Returns:
      the Principal being authenticated or the authenticated principal after authentication.