Class OAuth2LoginConfigurer<B extends HttpSecurityBuilder<B>>
java.lang.Object
org.springframework.security.config.annotation.SecurityConfigurerAdapter<DefaultSecurityFilterChain,B>
org.springframework.security.config.annotation.web.configurers.AbstractHttpConfigurer<T,B>
org.springframework.security.config.annotation.web.configurers.AbstractAuthenticationFilterConfigurer<B,OAuth2LoginConfigurer<B>,OAuth2LoginAuthenticationFilter>
org.springframework.security.config.annotation.web.configurers.oauth2.client.OAuth2LoginConfigurer<B>
- All Implemented Interfaces:
SecurityConfigurer<DefaultSecurityFilterChain,B>
public final class OAuth2LoginConfigurer<B extends HttpSecurityBuilder<B>>
extends AbstractAuthenticationFilterConfigurer<B,OAuth2LoginConfigurer<B>,OAuth2LoginAuthenticationFilter>
An
AbstractHttpConfigurer for OAuth 2.0 Login, which leverages the OAuth 2.0
Authorization Code Grant Flow.
OAuth 2.0 Login provides an application with the capability to have users log in by using their existing account at an OAuth 2.0 or OpenID Connect 1.0 Provider.
Defaults are provided for all configuration options with the only required
configuration being
clientRegistrationRepository(ClientRegistrationRepository). Alternatively, a
ClientRegistrationRepository @Bean may be registered instead.
Security Filters
The followingFilter's are populated:
Shared Objects Created
The following shared objects are populated:ClientRegistrationRepository(required)OAuth2AuthorizedClientRepository(optional)GrantedAuthoritiesMapper(optional)
Shared Objects Used
The following shared objects are used:ClientRegistrationRepositoryOAuth2AuthorizedClientRepositoryGrantedAuthoritiesMapperDefaultLoginPageGeneratingFilter- ifloginPage(String)is not configured andDefaultLoginPageGeneratingFilteris available, then a default login page will be made available
-
Nested Class Summary
Nested ClassesModifier and TypeClassDescriptionfinal classConfiguration options for the Authorization Server's Authorization Endpoint.final classConfiguration options for the Client's Redirection Endpoint.final classConfiguration options for the Authorization Server's Token Endpoint.final classConfiguration options for the Authorization Server's UserInfo Endpoint. -
Constructor Summary
Constructors -
Method Summary
Modifier and TypeMethodDescriptionReturns theOAuth2LoginConfigurer<B extends HttpSecurityBuilder<B>>.AuthorizationEndpointConfigfor configuring the Authorization Server's Authorization Endpoint.authorizationEndpoint(Customizer<OAuth2LoginConfigurer<B>.AuthorizationEndpointConfig> authorizationEndpointCustomizer) Configures the Authorization Server's Authorization Endpoint.authorizedClientRepository(OAuth2AuthorizedClientRepository authorizedClientRepository) Sets the repository for authorized client(s).authorizedClientService(OAuth2AuthorizedClientService authorizedClientService) Sets the service for authorized client(s).clientRegistrationRepository(ClientRegistrationRepository clientRegistrationRepository) Sets the repository of client registrations.voidConfigure theSecurityBuilderby setting the necessary properties on theSecurityBuilder.protected RequestMatchercreateLoginProcessingUrlMatcher(String loginProcessingUrl) Create theRequestMatchergiven a loginProcessingUrlvoidInitialize theSecurityBuilder.Specifies the URL to send users to if login is required.loginProcessingUrl(String loginProcessingUrl) Specifies the URL to validate the credentials.Returns theOAuth2LoginConfigurer<B extends HttpSecurityBuilder<B>>.RedirectionEndpointConfigfor configuring the Client's Redirection Endpoint.redirectionEndpoint(Customizer<OAuth2LoginConfigurer<B>.RedirectionEndpointConfig> redirectionEndpointCustomizer) Configures the Client's Redirection Endpoint.Returns theOAuth2LoginConfigurer<B extends HttpSecurityBuilder<B>>.TokenEndpointConfigfor configuring the Authorization Server's Token Endpoint.tokenEndpoint(Customizer<OAuth2LoginConfigurer<B>.TokenEndpointConfig> tokenEndpointCustomizer) Configures the Authorization Server's Token Endpoint.Returns theOAuth2LoginConfigurer<B extends HttpSecurityBuilder<B>>.UserInfoEndpointConfigfor configuring the Authorization Server's UserInfo Endpoint.userInfoEndpoint(Customizer<OAuth2LoginConfigurer<B>.UserInfoEndpointConfig> userInfoEndpointCustomizer) Configures the Authorization Server's UserInfo Endpoint.Methods inherited from class org.springframework.security.config.annotation.web.configurers.AbstractAuthenticationFilterConfigurer
authenticationDetailsSource, defaultSuccessUrl, defaultSuccessUrl, failureHandler, failureUrl, getAuthenticationEntryPoint, getAuthenticationEntryPointMatcher, getAuthenticationFilter, getFailureUrl, getLoginPage, getLoginProcessingUrl, isCustomLoginPage, permitAll, permitAll, registerAuthenticationEntryPoint, registerDefaultAuthenticationEntryPoint, securityContextRepository, setAuthenticationFilter, successHandler, updateAccessDefaults, updateAuthenticationDefaultsMethods inherited from class org.springframework.security.config.annotation.web.configurers.AbstractHttpConfigurer
disable, getSecurityContextHolderStrategy, withObjectPostProcessorMethods inherited from class org.springframework.security.config.annotation.SecurityConfigurerAdapter
addObjectPostProcessor, and, getBuilder, postProcess, setBuilder
-
Constructor Details
-
OAuth2LoginConfigurer
public OAuth2LoginConfigurer()
-
-
Method Details
-
clientRegistrationRepository
public OAuth2LoginConfigurer<B> clientRegistrationRepository(ClientRegistrationRepository clientRegistrationRepository) Sets the repository of client registrations.- Parameters:
clientRegistrationRepository- the repository of client registrations- Returns:
- the
OAuth2LoginConfigurerfor further configuration
-
authorizedClientRepository
public OAuth2LoginConfigurer<B> authorizedClientRepository(OAuth2AuthorizedClientRepository authorizedClientRepository) Sets the repository for authorized client(s).- Parameters:
authorizedClientRepository- the authorized client repository- Returns:
- the
OAuth2LoginConfigurerfor further configuration - Since:
- 5.1
-
authorizedClientService
public OAuth2LoginConfigurer<B> authorizedClientService(OAuth2AuthorizedClientService authorizedClientService) Sets the service for authorized client(s).- Parameters:
authorizedClientService- the authorized client service- Returns:
- the
OAuth2LoginConfigurerfor further configuration
-
loginPage
Description copied from class:AbstractAuthenticationFilterConfigurerSpecifies the URL to send users to if login is required. If used with
EnableWebSecuritya default login page will be generated when this attribute is not specified.If a URL is specified or this is not being used in conjunction with
EnableWebSecurity, users are required to process the specified URL to generate a login page.- Overrides:
loginPagein classAbstractAuthenticationFilterConfigurer<B extends HttpSecurityBuilder<B>,OAuth2LoginConfigurer<B extends HttpSecurityBuilder<B>>, OAuth2LoginAuthenticationFilter>
-
loginProcessingUrl
Description copied from class:AbstractAuthenticationFilterConfigurerSpecifies the URL to validate the credentials.- Overrides:
loginProcessingUrlin classAbstractAuthenticationFilterConfigurer<B extends HttpSecurityBuilder<B>,OAuth2LoginConfigurer<B extends HttpSecurityBuilder<B>>, OAuth2LoginAuthenticationFilter> - Parameters:
loginProcessingUrl- the URL to validate username and password- Returns:
- the
FormLoginConfigurerfor additional customization
-
authorizationEndpoint
Returns theOAuth2LoginConfigurer<B extends HttpSecurityBuilder<B>>.AuthorizationEndpointConfigfor configuring the Authorization Server's Authorization Endpoint.- Returns:
- the
OAuth2LoginConfigurer<B extends HttpSecurityBuilder<B>>.AuthorizationEndpointConfig
-
authorizationEndpoint
public OAuth2LoginConfigurer<B> authorizationEndpoint(Customizer<OAuth2LoginConfigurer<B>.AuthorizationEndpointConfig> authorizationEndpointCustomizer) Configures the Authorization Server's Authorization Endpoint.- Parameters:
authorizationEndpointCustomizer- theCustomizerto provide more options for theOAuth2LoginConfigurer<B extends HttpSecurityBuilder<B>>.AuthorizationEndpointConfig- Returns:
- the
OAuth2LoginConfigurerfor further customizations
-
tokenEndpoint
Returns theOAuth2LoginConfigurer<B extends HttpSecurityBuilder<B>>.TokenEndpointConfigfor configuring the Authorization Server's Token Endpoint.- Returns:
- the
OAuth2LoginConfigurer<B extends HttpSecurityBuilder<B>>.TokenEndpointConfig
-
tokenEndpoint
public OAuth2LoginConfigurer<B> tokenEndpoint(Customizer<OAuth2LoginConfigurer<B>.TokenEndpointConfig> tokenEndpointCustomizer) Configures the Authorization Server's Token Endpoint.- Parameters:
tokenEndpointCustomizer- theCustomizerto provide more options for theOAuth2LoginConfigurer<B extends HttpSecurityBuilder<B>>.TokenEndpointConfig- Returns:
- the
OAuth2LoginConfigurerfor further customizations - Throws:
Exception
-
redirectionEndpoint
Returns theOAuth2LoginConfigurer<B extends HttpSecurityBuilder<B>>.RedirectionEndpointConfigfor configuring the Client's Redirection Endpoint.- Returns:
- the
OAuth2LoginConfigurer<B extends HttpSecurityBuilder<B>>.RedirectionEndpointConfig
-
redirectionEndpoint
public OAuth2LoginConfigurer<B> redirectionEndpoint(Customizer<OAuth2LoginConfigurer<B>.RedirectionEndpointConfig> redirectionEndpointCustomizer) Configures the Client's Redirection Endpoint.- Parameters:
redirectionEndpointCustomizer- theCustomizerto provide more options for theOAuth2LoginConfigurer<B extends HttpSecurityBuilder<B>>.RedirectionEndpointConfig- Returns:
- the
OAuth2LoginConfigurerfor further customizations
-
userInfoEndpoint
Returns theOAuth2LoginConfigurer<B extends HttpSecurityBuilder<B>>.UserInfoEndpointConfigfor configuring the Authorization Server's UserInfo Endpoint.- Returns:
- the
OAuth2LoginConfigurer<B extends HttpSecurityBuilder<B>>.UserInfoEndpointConfig
-
userInfoEndpoint
public OAuth2LoginConfigurer<B> userInfoEndpoint(Customizer<OAuth2LoginConfigurer<B>.UserInfoEndpointConfig> userInfoEndpointCustomizer) Configures the Authorization Server's UserInfo Endpoint.- Parameters:
userInfoEndpointCustomizer- theCustomizerto provide more options for theOAuth2LoginConfigurer<B extends HttpSecurityBuilder<B>>.UserInfoEndpointConfig- Returns:
- the
OAuth2LoginConfigurerfor further customizations
-
init
Description copied from interface:SecurityConfigurerInitialize theSecurityBuilder. Here only shared state should be created and modified, but not properties on theSecurityBuilderused for building the object. This ensures that theSecurityConfigurer.configure(SecurityBuilder)method uses the correct shared objects when building. Configurers should be applied here.- Specified by:
initin interfaceSecurityConfigurer<DefaultSecurityFilterChain,B extends HttpSecurityBuilder<B>> - Overrides:
initin classAbstractAuthenticationFilterConfigurer<B extends HttpSecurityBuilder<B>,OAuth2LoginConfigurer<B extends HttpSecurityBuilder<B>>, OAuth2LoginAuthenticationFilter> - Throws:
Exception
-
configure
Description copied from interface:SecurityConfigurerConfigure theSecurityBuilderby setting the necessary properties on theSecurityBuilder.- Specified by:
configurein interfaceSecurityConfigurer<DefaultSecurityFilterChain,B extends HttpSecurityBuilder<B>> - Overrides:
configurein classAbstractAuthenticationFilterConfigurer<B extends HttpSecurityBuilder<B>,OAuth2LoginConfigurer<B extends HttpSecurityBuilder<B>>, OAuth2LoginAuthenticationFilter> - Throws:
Exception
-
createLoginProcessingUrlMatcher
Description copied from class:AbstractAuthenticationFilterConfigurerCreate theRequestMatchergiven a loginProcessingUrl- Specified by:
createLoginProcessingUrlMatcherin classAbstractAuthenticationFilterConfigurer<B extends HttpSecurityBuilder<B>,OAuth2LoginConfigurer<B extends HttpSecurityBuilder<B>>, OAuth2LoginAuthenticationFilter> - Parameters:
loginProcessingUrl- creates theRequestMatcherbased upon the loginProcessingUrl- Returns:
- the
RequestMatcherto use based upon the loginProcessingUrl
-