Package org.springframework.security.authentication.ott

Class OneTimeTokenAuthentication

java.lang.Object
org.springframework.security.authentication.AbstractAuthenticationToken
org.springframework.security.authentication.ott.OneTimeTokenAuthentication
All Implemented Interfaces:
Serializable, Principal, Authentication, BuildableAuthentication, CredentialsContainer
public class OneTimeTokenAuthentication extends AbstractAuthenticationToken implements BuildableAuthentication
The result of a successful one-time-token authentication
Since:
7.0
See Also:

  • Constructor Details

  • Method Details

    • getPrincipal

      public Object getPrincipal()
      Description copied from interface: Authentication
      The identity of the principal being authenticated. In the case of an authentication request with username and password, this would be the username. Callers are expected to populate the principal for an authentication request.

      The AuthenticationManager implementation will often return an Authentication containing richer information as the principal for use by the application. Many of the authentication providers will create a UserDetails object as the principal.

      Specified by:
      getPrincipal in interface Authentication
      Returns:
      the Principal being authenticated or the authenticated principal after authentication.

    • getCredentials

      public @Nullable Object getCredentials()
      Description copied from interface: Authentication
      The credentials that prove the principal is correct. This is usually a password, but could be anything relevant to the AuthenticationManager. Callers are expected to populate the credentials.
      Specified by:
      getCredentials in interface Authentication
      Returns:
      the credentials that prove the identity of the Principal

    • toBuilder

      public OneTimeTokenAuthentication.Builder<?> toBuilder()
      Description copied from interface: BuildableAuthentication
      Return an Authentication.Builder based on this instance.

      Although a default method, all BuildableAuthentication implementations should implement this. The reason is to ensure that the BuildableAuthentication type is preserved when Authentication.Builder.build() is invoked. This is especially important in the event that your authentication implementation contains custom fields.

      This isn't strictly necessary since it is recommended that applications code to the Authentication interface and that custom information is often contained in the Authentication.getPrincipal() value.

      Specified by:
      toBuilder in interface BuildableAuthentication
      Returns:
      an Authentication.Builder for building a new Authentication based on this instance