Package org.springframework.security.oauth2.client
package org.springframework.security.oauth2.client
Core classes and interfaces providing support for OAuth 2.0 Client.
-
ClassDescriptionAn implementation of an
OAuth2AuthorizedClientProvider
for theauthorization_code
grant.An implementation of aReactiveOAuth2AuthorizedClientProvider
for theauthorization_code
grant.An implementation of anOAuth2AuthorizedClientManager
that is capable of operating outside of the context of aHttpServletRequest
, e.g.The default implementation of thecontextAttributesMapper
.An implementation of aReactiveOAuth2AuthorizedClientManager
that is capable of operating outside of the context of aServerWebExchange
, e.g.The default implementation of thecontextAttributesMapper
.This exception is thrown on the client side when an attempt to authenticate or authorize an OAuth 2.0 client fails.This exception is thrown when an OAuth 2.0 Client is required to obtain authorization from the Resource Owner.An implementation of anOAuth2AuthorizedClientProvider
for theclient_credentials
grant.An implementation of aReactiveOAuth2AuthorizedClientProvider
for theclient_credentials
grant.An implementation of anOAuth2AuthorizedClientProvider
that simply delegates to it's internalList
ofOAuth2AuthorizedClientProvider
(s).An implementation of aReactiveOAuth2AuthorizedClientProvider
that simply delegates to it's internalList
ofReactiveOAuth2AuthorizedClientProvider
(s).AnOAuth2AuthorizedClientService
that storesAuthorized Client(s)
in-memory.AnOAuth2AuthorizedClientService
that storesAuthorized Client(s)
in-memory.A JDBC implementation of anOAuth2AuthorizedClientService
that uses aJdbcOperations
forOAuth2AuthorizedClient
persistence.A holder for anOAuth2AuthorizedClient
and End-UserAuthentication
(Resource Owner).The defaultFunction
that mapsJdbcOAuth2AuthorizedClientService.OAuth2AuthorizedClientHolder
to aList
ofSqlParameterValue
.An implementation of anOAuth2AuthorizedClientProvider
for thejwt-bearer
grant.An implementation of anReactiveOAuth2AuthorizedClientProvider
for thejwt-bearer
grant.A context that holds authorization-specific state and is used by anOAuth2AuthorizedClientProvider
when attempting to authorize (or re-authorize) an OAuth 2.0 Client.A builder forOAuth2AuthorizationContext
.Handles when an OAuth 2.0 Client fails to authorize (or re-authorize) via the Authorization Server or Resource Server.Handles when an OAuth 2.0 Client has been successfully authorized (or re-authorized) via the Authorization Server.A representation of an OAuth 2.0 "Authorized Client".The identifier forOAuth2AuthorizedClient
.Implementations of this interface are responsible for the overall management ofAuthorized Client(s)
.A strategy for authorizing (or re-authorizing) an OAuth 2.0 Client.A builder that builds aDelegatingOAuth2AuthorizedClientProvider
composed of one or moreOAuth2AuthorizedClientProvider
(s) that implement specific authorization grants.Implementations of this interface are responsible for the management ofAuthorized Client(s)
, which provide the purpose of associating anAccess Token
credential to aClient
and Resource Owner, who is thePrincipal
that originally granted the authorization.Represents a request theOAuth2AuthorizedClientManager
uses toauthorize
(or re-authorize) theclient
identified by the providedclientRegistrationId
.A builder forOAuth2AuthorizeRequest
.Deprecated.The latest OAuth 2.0 Security Best Current Practice disallows the use of the Resource Owner Password Credentials grant.Deprecated.The latest OAuth 2.0 Security Best Current Practice disallows the use of the Resource Owner Password Credentials grant.A R2DBC implementation ofReactiveOAuth2AuthorizedClientService
that uses aDatabaseClient
forOAuth2AuthorizedClient
persistence.A holder forOAuth2AuthorizedClient
data and End-UserAuthentication
(Resource Owner).The defaultFunction
that mapsR2dbcReactiveOAuth2AuthorizedClientService.OAuth2AuthorizedClientHolder
to aMap
ofString
andParameter
.The defaultBiFunction
that maps the currentio.r2dbc.spi.Row
to aR2dbcReactiveOAuth2AuthorizedClientService.OAuth2AuthorizedClientHolder
.Handles when an OAuth 2.0 Client fails to authorize (or re-authorize) via the authorization server or resource server.Handles when an OAuth 2.0 Client has been successfully authorized (or re-authorized) via the authorization server.Implementations of this interface are responsible for the overall management ofAuthorized Client(s)
.A strategy for authorizing (or re-authorizing) an OAuth 2.0 Client.A builder that builds aDelegatingReactiveOAuth2AuthorizedClientProvider
composed of one or moreReactiveOAuth2AuthorizedClientProvider
(s) that implement specific authorization grants.Implementations of this interface are responsible for the management ofAuthorized Client(s)
, which provide the purpose of associating anAccess Token
credential to aClient
and Resource Owner, who is thePrincipal
that originally granted the authorization.An implementation of anOAuth2AuthorizedClientProvider
for therefresh_token
grant.An implementation of aReactiveOAuth2AuthorizedClientProvider
for therefresh_token
grant.AnOAuth2AuthorizationFailureHandler
that removes anOAuth2AuthorizedClient
when theOAuth2Error.getErrorCode()
matches one of the configuredOAuth 2.0 error codes
.Removes anOAuth2AuthorizedClient
from anOAuth2AuthorizedClientRepository
orOAuth2AuthorizedClientService
.AReactiveOAuth2AuthorizationFailureHandler
that removes anOAuth2AuthorizedClient
when theOAuth2Error.getErrorCode()
matches one of the configuredOAuth 2.0 error codes
.