Class OAuth2ClientConfigurer<B extends HttpSecurityBuilder<B>>
java.lang.Object
org.springframework.security.config.annotation.SecurityConfigurerAdapter<DefaultSecurityFilterChain,B>
org.springframework.security.config.annotation.web.configurers.AbstractHttpConfigurer<OAuth2ClientConfigurer<B>,B>
org.springframework.security.config.annotation.web.configurers.oauth2.client.OAuth2ClientConfigurer<B>
- All Implemented Interfaces:
SecurityConfigurer<DefaultSecurityFilterChain,
B>
public final class OAuth2ClientConfigurer<B extends HttpSecurityBuilder<B>>
extends AbstractHttpConfigurer<OAuth2ClientConfigurer<B>,B>
An
AbstractHttpConfigurer
for OAuth 2.0 Client support.
The following configuration options are available:
authorizationCodeGrant()
- support for the OAuth 2.0 Authorization Code Grant
Defaults are provided for all configuration options with the only required
configuration being
clientRegistrationRepository(ClientRegistrationRepository)
. Alternatively, a
ClientRegistrationRepository
@Bean
may be registered instead.
Security Filters
The followingFilter
's are populated for authorizationCodeGrant()
:
Shared Objects Created
The following shared objects are populated:ClientRegistrationRepository
(required)OAuth2AuthorizedClientRepository
(optional)
Shared Objects Used
The following shared objects are used:-
Nested Class Summary
Nested ClassesModifier and TypeClassDescriptionfinal class
Configuration options for the OAuth 2.0 Authorization Code Grant. -
Constructor Summary
Constructors -
Method Summary
Modifier and TypeMethodDescriptionDeprecated, for removal: This API element is subject to removal in a future version.For removal in 7.0.authorizationCodeGrant
(Customizer<OAuth2ClientConfigurer<B>.AuthorizationCodeGrantConfigurer> authorizationCodeGrantCustomizer) Configures the OAuth 2.0 Authorization Code Grant.authorizedClientRepository
(OAuth2AuthorizedClientRepository authorizedClientRepository) Sets the repository for authorized client(s).authorizedClientService
(OAuth2AuthorizedClientService authorizedClientService) Sets the service for authorized client(s).clientRegistrationRepository
(ClientRegistrationRepository clientRegistrationRepository) Sets the repository of client registrations.void
Configure theSecurityBuilder
by setting the necessary properties on theSecurityBuilder
.void
Initialize theSecurityBuilder
.Methods inherited from class org.springframework.security.config.annotation.web.configurers.AbstractHttpConfigurer
disable, getSecurityContextHolderStrategy, withObjectPostProcessor, withObjectPostProcessor
Methods inherited from class org.springframework.security.config.annotation.SecurityConfigurerAdapter
addObjectPostProcessor, addObjectPostProcessor, and, getBuilder, postProcess, setBuilder
-
Constructor Details
-
OAuth2ClientConfigurer
public OAuth2ClientConfigurer()
-
-
Method Details
-
clientRegistrationRepository
public OAuth2ClientConfigurer<B> clientRegistrationRepository(ClientRegistrationRepository clientRegistrationRepository) Sets the repository of client registrations.- Parameters:
clientRegistrationRepository
- the repository of client registrations- Returns:
- the
OAuth2ClientConfigurer
for further configuration
-
authorizedClientRepository
public OAuth2ClientConfigurer<B> authorizedClientRepository(OAuth2AuthorizedClientRepository authorizedClientRepository) Sets the repository for authorized client(s).- Parameters:
authorizedClientRepository
- the authorized client repository- Returns:
- the
OAuth2ClientConfigurer
for further configuration
-
authorizedClientService
public OAuth2ClientConfigurer<B> authorizedClientService(OAuth2AuthorizedClientService authorizedClientService) Sets the service for authorized client(s).- Parameters:
authorizedClientService
- the authorized client service- Returns:
- the
OAuth2ClientConfigurer
for further configuration
-
authorizationCodeGrant
@Deprecated(since="6.1", forRemoval=true) public OAuth2ClientConfigurer<B>.AuthorizationCodeGrantConfigurer authorizationCodeGrant()Deprecated, for removal: This API element is subject to removal in a future version.For removal in 7.0. UseauthorizationCodeGrant(Customizer)
insteadReturns theOAuth2ClientConfigurer<B extends HttpSecurityBuilder<B>>.AuthorizationCodeGrantConfigurer
for configuring the OAuth 2.0 Authorization Code Grant.- Returns:
- the
OAuth2ClientConfigurer<B extends HttpSecurityBuilder<B>>.AuthorizationCodeGrantConfigurer
-
authorizationCodeGrant
public OAuth2ClientConfigurer<B> authorizationCodeGrant(Customizer<OAuth2ClientConfigurer<B>.AuthorizationCodeGrantConfigurer> authorizationCodeGrantCustomizer) Configures the OAuth 2.0 Authorization Code Grant.- Parameters:
authorizationCodeGrantCustomizer
- theCustomizer
to provide more options for theOAuth2ClientConfigurer<B extends HttpSecurityBuilder<B>>.AuthorizationCodeGrantConfigurer
- Returns:
- the
OAuth2ClientConfigurer
for further customizations
-
init
Description copied from interface:SecurityConfigurer
Initialize theSecurityBuilder
. Here only shared state should be created and modified, but not properties on theSecurityBuilder
used for building the object. This ensures that theSecurityConfigurer.configure(SecurityBuilder)
method uses the correct shared objects when building. Configurers should be applied here.- Specified by:
init
in interfaceSecurityConfigurer<DefaultSecurityFilterChain,
B extends HttpSecurityBuilder<B>> - Overrides:
init
in classSecurityConfigurerAdapter<DefaultSecurityFilterChain,
B extends HttpSecurityBuilder<B>>
-
configure
Description copied from interface:SecurityConfigurer
Configure theSecurityBuilder
by setting the necessary properties on theSecurityBuilder
.- Specified by:
configure
in interfaceSecurityConfigurer<DefaultSecurityFilterChain,
B extends HttpSecurityBuilder<B>> - Overrides:
configure
in classSecurityConfigurerAdapter<DefaultSecurityFilterChain,
B extends HttpSecurityBuilder<B>>
-