Package org.springframework.security.oauth2.client.authentication

Class OAuth2AuthenticationToken

java.lang.Object

org.springframework.security.authentication.AbstractAuthenticationToken

org.springframework.security.oauth2.client.authentication.OAuth2AuthenticationToken

All Implemented Interfaces:

Serializable, Principal, Authentication, CredentialsContainer

public class OAuth2AuthenticationToken
extends AbstractAuthenticationToken

An implementation of an AbstractAuthenticationToken that represents an OAuth 2.0 Authentication.

The Authentication associates an OAuth2User Principal to the identifier of the Authorized Client, which the End-User (Principal) granted authorization to so that it can access it's protected resources at the UserInfo Endpoint.

Since:

5.0

See Also:

• AbstractAuthenticationToken
• OAuth2User
• OAuth2AuthorizedClient
• Serialized Form

Constructor Summary

Constructors

Constructor	Description
OAuth2AuthenticationToken(OAuth2User principal, Collection<? extends GrantedAuthority> authorities, String authorizedClientRegistrationId)	Constructs an OAuth2AuthenticationToken using the provided parameters.

Method Summary

Modifier and Type	Method	Description
String	getAuthorizedClientRegistrationId()	Returns the registration identifier of the Authorized Client.
Object	getCredentials()	The credentials that prove the principal is correct.
OAuth2User	getPrincipal()	The identity of the principal being authenticated.

Methods inherited from class org.springframework.security.authentication.AbstractAuthenticationToken

equals, eraseCredentials, getAuthorities, getDetails, getName, hashCode, isAuthenticated, setAuthenticated, setDetails, toString

Methods inherited from class java.lang.Object

clone, finalize, getClass, notify, notifyAll, wait, wait, wait

Methods inherited from interface java.security.Principal

implies

Constructor Details

OAuth2AuthenticationToken

public OAuth2AuthenticationToken(OAuth2User principal,
 Collection<? extends GrantedAuthority> authorities,
 String authorizedClientRegistrationId)

Constructs an OAuth2AuthenticationToken using the provided parameters.

Parameters:

principal - the user Principal registered with the OAuth 2.0 Provider

authorities - the authorities granted to the user

authorizedClientRegistrationId - the registration identifier of the Authorized Client

Method Details

getPrincipal

public OAuth2User getPrincipal()

Description copied from interface: Authentication

The identity of the principal being authenticated. In the case of an authentication request with username and password, this would be the username. Callers are expected to populate the principal for an authentication request.

The AuthenticationManager implementation will often return an Authentication containing richer information as the principal for use by the application. Many of the authentication providers will create a UserDetails object as the principal.

Returns:

the Principal being authenticated or the authenticated principal after authentication.

getCredentials

public Object getCredentials()

Description copied from interface: Authentication

The credentials that prove the principal is correct. This is usually a password, but could be anything relevant to the AuthenticationManager. Callers are expected to populate the credentials.

Returns:

the credentials that prove the identity of the Principal

getAuthorizedClientRegistrationId

public String getAuthorizedClientRegistrationId()

Returns the registration identifier of the Authorized Client.

Returns:

the registration identifier of the Authorized Client.