Class OidcAuthorizationCodeReactiveAuthenticationManager
java.lang.Object
org.springframework.security.oauth2.client.oidc.authentication.OidcAuthorizationCodeReactiveAuthenticationManager
- All Implemented Interfaces:
ReactiveAuthenticationManager
public class OidcAuthorizationCodeReactiveAuthenticationManager
extends Object
implements ReactiveAuthenticationManager
An implementation of an
AuthenticationProvider
for OAuth
2.0 Login, which leverages the OAuth 2.0 Authorization Code Grant Flow.
This AuthenticationProvider
is
responsible for authenticating an Authorization Code credential with the Authorization
Server's Token Endpoint and if valid, exchanging it for an Access Token credential.
It will also obtain the user attributes of the End-User (Resource Owner) from the
UserInfo Endpoint using an
OAuth2UserService
, which
will create a Principal
in the form of an OAuth2User
. The
OAuth2User
is then associated to the OAuth2LoginAuthenticationToken
to
complete the authentication.
-
Constructor Summary
ConstructorDescriptionOidcAuthorizationCodeReactiveAuthenticationManager
(ReactiveOAuth2AccessTokenResponseClient<OAuth2AuthorizationCodeGrantRequest> accessTokenResponseClient, ReactiveOAuth2UserService<OidcUserRequest, OidcUser> userService) -
Method Summary
Modifier and TypeMethodDescriptionreactor.core.publisher.Mono<Authentication>
authenticate
(Authentication authentication) Attempts to authenticate the providedAuthentication
final void
setAuthoritiesMapper
(GrantedAuthoritiesMapper authoritiesMapper) Sets theGrantedAuthoritiesMapper
used for mappingOAuth2AuthenticatedPrincipal.getAuthorities()
to a new set of authorities which will be associated to theOAuth2LoginAuthenticationToken
.final void
setJwtDecoderFactory
(ReactiveJwtDecoderFactory<ClientRegistration> jwtDecoderFactory) Sets theReactiveJwtDecoderFactory
used forOidcIdToken
signature verification.
-
Constructor Details
-
OidcAuthorizationCodeReactiveAuthenticationManager
public OidcAuthorizationCodeReactiveAuthenticationManager(ReactiveOAuth2AccessTokenResponseClient<OAuth2AuthorizationCodeGrantRequest> accessTokenResponseClient, ReactiveOAuth2UserService<OidcUserRequest, OidcUser> userService)
-
-
Method Details
-
authenticate
Description copied from interface:ReactiveAuthenticationManager
Attempts to authenticate the providedAuthentication
- Specified by:
authenticate
in interfaceReactiveAuthenticationManager
- Parameters:
authentication
- theAuthentication
to test- Returns:
- if authentication is successful an
Authentication
is returned. If authentication cannot be determined, an empty Mono is returned. If authentication fails, a Mono error is returned.
-
setJwtDecoderFactory
public final void setJwtDecoderFactory(ReactiveJwtDecoderFactory<ClientRegistration> jwtDecoderFactory) Sets theReactiveJwtDecoderFactory
used forOidcIdToken
signature verification. The factory returns aReactiveJwtDecoder
associated to the providedClientRegistration
.- Parameters:
jwtDecoderFactory
- theReactiveJwtDecoderFactory
used forOidcIdToken
signature verification- Since:
- 5.2
-
setAuthoritiesMapper
Sets theGrantedAuthoritiesMapper
used for mappingOAuth2AuthenticatedPrincipal.getAuthorities()
to a new set of authorities which will be associated to theOAuth2LoginAuthenticationToken
.- Parameters:
authoritiesMapper
- theGrantedAuthoritiesMapper
used for mapping the user's authorities- Since:
- 5.4
-