Class ServerHttpSecurity.OAuth2LoginSpec
java.lang.Object
org.springframework.security.config.web.server.ServerHttpSecurity.OAuth2LoginSpec
- Enclosing class:
- ServerHttpSecurity
-
Method Summary
Modifier and TypeMethodDescriptionand()
Deprecated, for removal: This API element is subject to removal in a future version.For removal in 7.0.authenticationConverter
(ServerAuthenticationConverter authenticationConverter) Sets the converter to useauthenticationFailureHandler
(ServerAuthenticationFailureHandler authenticationFailureHandler) TheServerAuthenticationFailureHandler
used after authentication failure.authenticationManager
(ReactiveAuthenticationManager authenticationManager) Configures theReactiveAuthenticationManager
to use.authenticationMatcher
(ServerWebExchangeMatcher authenticationMatcher) Sets thematcher
used for determining if the request is an authentication request.authenticationSuccessHandler
(ServerAuthenticationSuccessHandler authenticationSuccessHandler) TheServerAuthenticationSuccessHandler
used after authentication success.authorizationRedirectStrategy
(ServerRedirectStrategy authorizationRedirectStrategy) Sets the redirect strategy for Authorization Endpoint redirect URI.authorizationRequestRepository
(ServerAuthorizationRequestRepository<OAuth2AuthorizationRequest> authorizationRequestRepository) Sets the repository to use for storingOAuth2AuthorizationRequest
's.authorizationRequestResolver
(ServerOAuth2AuthorizationRequestResolver authorizationRequestResolver) Sets the resolver used for resolvingOAuth2AuthorizationRequest
's.authorizedClientRepository
(ServerOAuth2AuthorizedClientRepository authorizedClientRepository) authorizedClientService
(ReactiveOAuth2AuthorizedClientService authorizedClientService) clientRegistrationRepository
(ReactiveClientRegistrationRepository clientRegistrationRepository) protected void
configure
(ServerHttpSecurity http) oidcSessionRegistry
(ReactiveOidcSessionRegistry oidcSessionRegistry) Configures theReactiveOidcSessionRegistry
to use when logins use OIDC.securityContextRepository
(ServerSecurityContextRepository securityContextRepository) TheServerSecurityContextRepository
used to save theAuthentication
.
-
Method Details
-
authenticationManager
public ServerHttpSecurity.OAuth2LoginSpec authenticationManager(ReactiveAuthenticationManager authenticationManager) Configures theReactiveAuthenticationManager
to use. The default isOAuth2AuthorizationCodeReactiveAuthenticationManager
- Parameters:
authenticationManager
- the manager to use- Returns:
- the
ServerHttpSecurity.OAuth2LoginSpec
to customize
-
securityContextRepository
public ServerHttpSecurity.OAuth2LoginSpec securityContextRepository(ServerSecurityContextRepository securityContextRepository) TheServerSecurityContextRepository
used to save theAuthentication
. Defaults toWebSessionServerSecurityContextRepository
.- Parameters:
securityContextRepository
- the repository to use- Returns:
- the
ServerHttpSecurity.OAuth2LoginSpec
to continue configuring - Since:
- 5.2
-
oidcSessionRegistry
public ServerHttpSecurity.OAuth2LoginSpec oidcSessionRegistry(ReactiveOidcSessionRegistry oidcSessionRegistry) Configures theReactiveOidcSessionRegistry
to use when logins use OIDC. Default is to look the value up as a Bean, or else use anInMemoryReactiveOidcSessionRegistry
.- Parameters:
oidcSessionRegistry
- the registry to use- Returns:
- the
ServerHttpSecurity.OidcLogoutSpec
to customize - Since:
- 6.2
-
authenticationSuccessHandler
public ServerHttpSecurity.OAuth2LoginSpec authenticationSuccessHandler(ServerAuthenticationSuccessHandler authenticationSuccessHandler) TheServerAuthenticationSuccessHandler
used after authentication success. Defaults toRedirectServerAuthenticationSuccessHandler
redirecting to "/".- Parameters:
authenticationSuccessHandler
- the success handler to use- Returns:
- the
ServerHttpSecurity.OAuth2LoginSpec
to customize - Since:
- 5.2
-
authenticationFailureHandler
public ServerHttpSecurity.OAuth2LoginSpec authenticationFailureHandler(ServerAuthenticationFailureHandler authenticationFailureHandler) TheServerAuthenticationFailureHandler
used after authentication failure. Defaults toRedirectServerAuthenticationFailureHandler
redirecting to "/login?error".- Parameters:
authenticationFailureHandler
- the failure handler to use- Returns:
- the
ServerHttpSecurity.OAuth2LoginSpec
to customize - Since:
- 5.2
-
authenticationConverter
public ServerHttpSecurity.OAuth2LoginSpec authenticationConverter(ServerAuthenticationConverter authenticationConverter) Sets the converter to use- Parameters:
authenticationConverter
- the converter to use- Returns:
- the
ServerHttpSecurity.OAuth2LoginSpec
to customize
-
clientRegistrationRepository
public ServerHttpSecurity.OAuth2LoginSpec clientRegistrationRepository(ReactiveClientRegistrationRepository clientRegistrationRepository) -
authorizedClientService
public ServerHttpSecurity.OAuth2LoginSpec authorizedClientService(ReactiveOAuth2AuthorizedClientService authorizedClientService) -
authorizedClientRepository
public ServerHttpSecurity.OAuth2LoginSpec authorizedClientRepository(ServerOAuth2AuthorizedClientRepository authorizedClientRepository) -
authorizationRequestRepository
public ServerHttpSecurity.OAuth2LoginSpec authorizationRequestRepository(ServerAuthorizationRequestRepository<OAuth2AuthorizationRequest> authorizationRequestRepository) Sets the repository to use for storingOAuth2AuthorizationRequest
's.- Parameters:
authorizationRequestRepository
- the repository to use for storingOAuth2AuthorizationRequest
's- Returns:
- the
ServerHttpSecurity.OAuth2LoginSpec
for further configuration - Since:
- 5.2
-
authorizationRequestResolver
public ServerHttpSecurity.OAuth2LoginSpec authorizationRequestResolver(ServerOAuth2AuthorizationRequestResolver authorizationRequestResolver) Sets the resolver used for resolvingOAuth2AuthorizationRequest
's.- Parameters:
authorizationRequestResolver
- the resolver used for resolvingOAuth2AuthorizationRequest
's- Returns:
- the
ServerHttpSecurity.OAuth2LoginSpec
for further configuration - Since:
- 5.2
-
authorizationRedirectStrategy
public ServerHttpSecurity.OAuth2LoginSpec authorizationRedirectStrategy(ServerRedirectStrategy authorizationRedirectStrategy) Sets the redirect strategy for Authorization Endpoint redirect URI.- Parameters:
authorizationRedirectStrategy
- the redirect strategy- Returns:
- the
ServerHttpSecurity.OAuth2LoginSpec
for further configuration
-
authenticationMatcher
public ServerHttpSecurity.OAuth2LoginSpec authenticationMatcher(ServerWebExchangeMatcher authenticationMatcher) Sets thematcher
used for determining if the request is an authentication request.- Parameters:
authenticationMatcher
- thematcher
used for determining if the request is an authentication request- Returns:
- the
ServerHttpSecurity.OAuth2LoginSpec
for further configuration - Since:
- 5.2
-
and
Deprecated, for removal: This API element is subject to removal in a future version.For removal in 7.0. UseServerHttpSecurity.oauth2Login(Customizer)
oroauth2Login(Customizer.withDefaults())
to stick with defaults. See the documentation for more details.Allows method chaining to continue configuring theServerHttpSecurity
- Returns:
- the
ServerHttpSecurity
to continue configuring
-
configure
-