Class ServerHttpSecurity.OAuth2ResourceServerSpec
java.lang.Object
org.springframework.security.config.web.server.ServerHttpSecurity.OAuth2ResourceServerSpec
- Enclosing class:
- ServerHttpSecurity
Configures OAuth2 Resource Server Support
-
Nested Class Summary
Nested ClassesModifier and TypeClassDescriptionclassConfigures JWT Resource Server Supportfinal classConfigures Opaque Token Resource Server support -
Constructor Summary
Constructors -
Method Summary
Modifier and TypeMethodDescriptionaccessDeniedHandler(ServerAccessDeniedHandler accessDeniedHandler) Configures theServerAccessDeniedHandlerto use for requests authenticating with Bearer Tokens.and()Deprecated, for removal: This API element is subject to removal in a future version.For removal in 7.0.Configures theServerAuthenticationEntryPointto use for requests authenticating with Bearer Tokens.authenticationFailureHandler(ServerAuthenticationFailureHandler authenticationFailureHandler) authenticationManagerResolver(ReactiveAuthenticationManagerResolver<org.springframework.web.server.ServerWebExchange> authenticationManagerResolver) Configures theReactiveAuthenticationManagerResolverbearerTokenConverter(ServerAuthenticationConverter bearerTokenConverter) Configures theServerAuthenticationConverterto use for requests authenticating with Bearer Tokens.protected voidconfigure(ServerHttpSecurity http) jwt()Deprecated, for removal: This API element is subject to removal in a future version.For removal in 7.0.jwt(Customizer<ServerHttpSecurity.OAuth2ResourceServerSpec.JwtSpec> jwtCustomizer) Enables JWT Resource Server support.Deprecated, for removal: This API element is subject to removal in a future version.For removal in 7.0.opaqueToken(Customizer<ServerHttpSecurity.OAuth2ResourceServerSpec.OpaqueTokenSpec> opaqueTokenCustomizer) Enables Opaque Token Resource Server support.
-
Constructor Details
-
OAuth2ResourceServerSpec
public OAuth2ResourceServerSpec()
-
-
Method Details
-
accessDeniedHandler
public ServerHttpSecurity.OAuth2ResourceServerSpec accessDeniedHandler(ServerAccessDeniedHandler accessDeniedHandler) Configures theServerAccessDeniedHandlerto use for requests authenticating with Bearer Tokens. requests.- Parameters:
accessDeniedHandler- theServerAccessDeniedHandlerto use- Returns:
- the
ServerHttpSecurity.OAuth2ResourceServerSpecfor additional configuration - Since:
- 5.2
-
authenticationEntryPoint
public ServerHttpSecurity.OAuth2ResourceServerSpec authenticationEntryPoint(ServerAuthenticationEntryPoint entryPoint) Configures theServerAuthenticationEntryPointto use for requests authenticating with Bearer Tokens.- Parameters:
entryPoint- theServerAuthenticationEntryPointto use- Returns:
- the
ServerHttpSecurity.OAuth2ResourceServerSpecfor additional configuration - Since:
- 5.2
-
authenticationFailureHandler
public ServerHttpSecurity.OAuth2ResourceServerSpec authenticationFailureHandler(ServerAuthenticationFailureHandler authenticationFailureHandler) -
bearerTokenConverter
public ServerHttpSecurity.OAuth2ResourceServerSpec bearerTokenConverter(ServerAuthenticationConverter bearerTokenConverter) Configures theServerAuthenticationConverterto use for requests authenticating with Bearer Tokens.- Parameters:
bearerTokenConverter- TheServerAuthenticationConverterto use- Returns:
- The
ServerHttpSecurity.OAuth2ResourceServerSpecfor additional configuration - Since:
- 5.2
-
authenticationManagerResolver
public ServerHttpSecurity.OAuth2ResourceServerSpec authenticationManagerResolver(ReactiveAuthenticationManagerResolver<org.springframework.web.server.ServerWebExchange> authenticationManagerResolver) Configures theReactiveAuthenticationManagerResolver- Parameters:
authenticationManagerResolver- theReactiveAuthenticationManagerResolver- Returns:
- the
ServerHttpSecurity.OAuth2ResourceServerSpecfor additional configuration - Since:
- 5.3
-
jwt
@Deprecated(since="6.1", forRemoval=true) public ServerHttpSecurity.OAuth2ResourceServerSpec.JwtSpec jwt()Deprecated, for removal: This API element is subject to removal in a future version.For removal in 7.0. Usejwt(Customizer)orjwt(Customizer.withDefaults())to stick with defaults. See the documentation for more details.Enables JWT Resource Server support.- Returns:
- the
ServerHttpSecurity.OAuth2ResourceServerSpec.JwtSpecfor additional configuration
-
jwt
public ServerHttpSecurity.OAuth2ResourceServerSpec jwt(Customizer<ServerHttpSecurity.OAuth2ResourceServerSpec.JwtSpec> jwtCustomizer) Enables JWT Resource Server support.- Parameters:
jwtCustomizer- theCustomizerto provide more options for theServerHttpSecurity.OAuth2ResourceServerSpec.JwtSpec- Returns:
- the
ServerHttpSecurity.OAuth2ResourceServerSpecto customize
-
opaqueToken
@Deprecated(since="6.1", forRemoval=true) public ServerHttpSecurity.OAuth2ResourceServerSpec.OpaqueTokenSpec opaqueToken()Deprecated, for removal: This API element is subject to removal in a future version.For removal in 7.0. UseopaqueToken(Customizer)oropaqueToken(Customizer.withDefaults())to stick with defaults. See the documentation for more details.Enables Opaque Token Resource Server support.- Returns:
- the
ServerHttpSecurity.OAuth2ResourceServerSpec.OpaqueTokenSpecfor additional configuration
-
opaqueToken
public ServerHttpSecurity.OAuth2ResourceServerSpec opaqueToken(Customizer<ServerHttpSecurity.OAuth2ResourceServerSpec.OpaqueTokenSpec> opaqueTokenCustomizer) Enables Opaque Token Resource Server support.- Parameters:
opaqueTokenCustomizer- theCustomizerto provide more options for theServerHttpSecurity.OAuth2ResourceServerSpec.OpaqueTokenSpec- Returns:
- the
ServerHttpSecurity.OAuth2ResourceServerSpecto customize
-
configure
-
and
Deprecated, for removal: This API element is subject to removal in a future version.For removal in 7.0. UseServerHttpSecurity.oauth2ResourceServer(Customizer)instead
-