Class OAuth2AuthorizationCodeGrantFilter
java.lang.Object
org.springframework.web.filter.GenericFilterBean
org.springframework.web.filter.OncePerRequestFilter
org.springframework.security.oauth2.client.web.OAuth2AuthorizationCodeGrantFilter
- All Implemented Interfaces:
jakarta.servlet.Filter
,org.springframework.beans.factory.Aware
,org.springframework.beans.factory.BeanNameAware
,org.springframework.beans.factory.DisposableBean
,org.springframework.beans.factory.InitializingBean
,org.springframework.context.EnvironmentAware
,org.springframework.core.env.EnvironmentCapable
,org.springframework.web.context.ServletContextAware
public class OAuth2AuthorizationCodeGrantFilter
extends org.springframework.web.filter.OncePerRequestFilter
A
Filter
for the OAuth 2.0 Authorization Code Grant, which handles the
processing of the OAuth 2.0 Authorization Response.
The OAuth 2.0 Authorization Response is processed as follows:
- Assuming the End-User (Resource Owner) has granted access to the Client, the
Authorization Server will append the
code
andstate
parameters to theredirect_uri
(provided in the Authorization Request) and redirect the End-User's user-agent back to thisFilter
(the Client). - This
Filter
will then create anOAuth2AuthorizationCodeAuthenticationToken
with thecode
received and delegate it to theAuthenticationManager
to authenticate. - Upon a successful authentication, an
Authorized Client
is created by associating theclient
to theaccess token
and currentPrincipal
and saving it via theOAuth2AuthorizedClientRepository
.
- Since:
- 5.1
- See Also:
-
OAuth2AuthorizationCodeAuthenticationToken
OAuth2AuthorizationCodeAuthenticationProvider
OAuth2AuthorizationRequest
OAuth2AuthorizationResponse
AuthorizationRequestRepository
OAuth2AuthorizationRequestRedirectFilter
ClientRegistrationRepository
OAuth2AuthorizedClient
OAuth2AuthorizedClientRepository
- Section 4.1 Authorization Code Grant
- Section 4.1.2 Authorization Response
-
Field Summary
Fields inherited from class org.springframework.web.filter.OncePerRequestFilter
ALREADY_FILTERED_SUFFIX
Fields inherited from class org.springframework.web.filter.GenericFilterBean
logger
-
Constructor Summary
ConstructorDescriptionOAuth2AuthorizationCodeGrantFilter
(ClientRegistrationRepository clientRegistrationRepository, OAuth2AuthorizedClientRepository authorizedClientRepository, AuthenticationManager authenticationManager) Constructs anOAuth2AuthorizationCodeGrantFilter
using the provided parameters. -
Method Summary
Modifier and TypeMethodDescriptionprotected void
doFilterInternal
(jakarta.servlet.http.HttpServletRequest request, jakarta.servlet.http.HttpServletResponse response, jakarta.servlet.FilterChain filterChain) final void
setAuthorizationRequestRepository
(AuthorizationRequestRepository<OAuth2AuthorizationRequest> authorizationRequestRepository) Sets the repository for storedOAuth2AuthorizationRequest
's.final void
setRequestCache
(RequestCache requestCache) Sets theRequestCache
used for loading a previously saved request (if available) and replaying it after completing the processing of the OAuth 2.0 Authorization Response.void
setSecurityContextHolderStrategy
(SecurityContextHolderStrategy securityContextHolderStrategy) Sets theSecurityContextHolderStrategy
to use.Methods inherited from class org.springframework.web.filter.OncePerRequestFilter
doFilter, doFilterNestedErrorDispatch, getAlreadyFilteredAttributeName, isAsyncDispatch, isAsyncStarted, shouldNotFilter, shouldNotFilterAsyncDispatch, shouldNotFilterErrorDispatch
Methods inherited from class org.springframework.web.filter.GenericFilterBean
addRequiredProperty, afterPropertiesSet, createEnvironment, destroy, getEnvironment, getFilterConfig, getFilterName, getServletContext, init, initBeanWrapper, initFilterBean, setBeanName, setEnvironment, setServletContext
-
Constructor Details
-
OAuth2AuthorizationCodeGrantFilter
public OAuth2AuthorizationCodeGrantFilter(ClientRegistrationRepository clientRegistrationRepository, OAuth2AuthorizedClientRepository authorizedClientRepository, AuthenticationManager authenticationManager) Constructs anOAuth2AuthorizationCodeGrantFilter
using the provided parameters.- Parameters:
clientRegistrationRepository
- the repository of client registrationsauthorizedClientRepository
- the authorized client repositoryauthenticationManager
- the authentication manager
-
-
Method Details
-
setAuthorizationRequestRepository
public final void setAuthorizationRequestRepository(AuthorizationRequestRepository<OAuth2AuthorizationRequest> authorizationRequestRepository) Sets the repository for storedOAuth2AuthorizationRequest
's.- Parameters:
authorizationRequestRepository
- the repository for storedOAuth2AuthorizationRequest
's
-
setRequestCache
Sets theRequestCache
used for loading a previously saved request (if available) and replaying it after completing the processing of the OAuth 2.0 Authorization Response.- Parameters:
requestCache
- the cache used for loading a previously saved request (if available)- Since:
- 5.4
-
setSecurityContextHolderStrategy
public void setSecurityContextHolderStrategy(SecurityContextHolderStrategy securityContextHolderStrategy) Sets theSecurityContextHolderStrategy
to use. The default action is to use theSecurityContextHolderStrategy
stored inSecurityContextHolder
.- Since:
- 5.8
-
doFilterInternal
protected void doFilterInternal(jakarta.servlet.http.HttpServletRequest request, jakarta.servlet.http.HttpServletResponse response, jakarta.servlet.FilterChain filterChain) throws jakarta.servlet.ServletException, IOException - Specified by:
doFilterInternal
in classorg.springframework.web.filter.OncePerRequestFilter
- Throws:
jakarta.servlet.ServletException
IOException
-