Class OneTimeTokenAuthenticationProvider
java.lang.Object
org.springframework.security.authentication.ott.OneTimeTokenAuthenticationProvider
- All Implemented Interfaces:
AuthenticationProvider
public final class OneTimeTokenAuthenticationProvider
extends Object
implements AuthenticationProvider
An
AuthenticationProvider
responsible for authenticating users based on
one-time tokens. It uses an OneTimeTokenService
to consume tokens and an
UserDetailsService
to fetch user authorities.- Since:
- 6.4
-
Constructor Summary
ConstructorDescriptionOneTimeTokenAuthenticationProvider
(OneTimeTokenService oneTimeTokenService, UserDetailsService userDetailsService) -
Method Summary
Modifier and TypeMethodDescriptionauthenticate
(Authentication authentication) Performs authentication with the same contract asAuthenticationManager.authenticate(Authentication)
.boolean
Returnstrue
if thisAuthenticationProvider
supports the indicatedAuthentication
object.
-
Constructor Details
-
OneTimeTokenAuthenticationProvider
public OneTimeTokenAuthenticationProvider(OneTimeTokenService oneTimeTokenService, UserDetailsService userDetailsService)
-
-
Method Details
-
authenticate
Description copied from interface:AuthenticationProvider
Performs authentication with the same contract asAuthenticationManager.authenticate(Authentication)
.- Specified by:
authenticate
in interfaceAuthenticationProvider
- Parameters:
authentication
- the authentication request object.- Returns:
- a fully authenticated object including credentials. May return
null
if theAuthenticationProvider
is unable to support authentication of the passedAuthentication
object. In such a case, the nextAuthenticationProvider
that supports the presentedAuthentication
class will be tried. - Throws:
AuthenticationException
- if authentication fails.
-
supports
Description copied from interface:AuthenticationProvider
Returnstrue
if thisAuthenticationProvider
supports the indicatedAuthentication
object.Returning
true
does not guarantee anAuthenticationProvider
will be able to authenticate the presentedAuthentication
object. It simply indicates it can support closer evaluation of it. AnAuthenticationProvider
can still returnnull
from theAuthenticationProvider.authenticate(Authentication)
method to indicate anotherAuthenticationProvider
should be tried.Selection of an
AuthenticationProvider
capable of performing authentication is conducted at runtime theProviderManager
.- Specified by:
supports
in interfaceAuthenticationProvider
- Returns:
true
if the implementation can more closely evaluate theAuthentication
class presented
-