Package org.springframework.security.oauth2.client.web

Interface OAuth2AuthorizedClientRepository

All Known Implementing Classes:

AuthenticatedPrincipalOAuth2AuthorizedClientRepository, HttpSessionOAuth2AuthorizedClientRepository

public interface OAuth2AuthorizedClientRepository

Implementations of this interface are responsible for the persistence of Authorized Client(s) between requests.

The primary purpose of an Authorized Client is to associate an Access Token credential to a Client and Resource Owner, who is the Principal that originally granted the authorization.

Since:

5.1

See Also:

• OAuth2AuthorizedClient
• ClientRegistration
• Authentication
• OAuth2AccessToken

Method Summary

Modifier and Type	Method	Description
<T extends OAuth2AuthorizedClient> T	loadAuthorizedClient(String clientRegistrationId, Authentication principal, jakarta.servlet.http.HttpServletRequest request)	Returns the OAuth2AuthorizedClient associated to the provided client registration identifier and End-User Authentication (Resource Owner) or null if not available.
void	removeAuthorizedClient(String clientRegistrationId, Authentication principal, jakarta.servlet.http.HttpServletRequest request, jakarta.servlet.http.HttpServletResponse response)	Removes the OAuth2AuthorizedClient associated to the provided client registration identifier and End-User Authentication (Resource Owner).
void	saveAuthorizedClient(OAuth2AuthorizedClient authorizedClient, Authentication principal, jakarta.servlet.http.HttpServletRequest request, jakarta.servlet.http.HttpServletResponse response)	Saves the OAuth2AuthorizedClient associating it to the provided End-User Authentication (Resource Owner).

Method Details

loadAuthorizedClient

<T extends OAuth2AuthorizedClient> T loadAuthorizedClient(String clientRegistrationId,
 Authentication principal,
 jakarta.servlet.http.HttpServletRequest request)

Returns the OAuth2AuthorizedClient associated to the provided client registration identifier and End-User Authentication (Resource Owner) or null if not available.

Type Parameters:

T - a type of OAuth2AuthorizedClient

Parameters:

clientRegistrationId - the identifier for the client's registration

principal - the End-User Authentication (Resource Owner)

request - the HttpServletRequest

Returns:

the OAuth2AuthorizedClient or null if not available

saveAuthorizedClient

void saveAuthorizedClient(OAuth2AuthorizedClient authorizedClient,
 Authentication principal,
 jakarta.servlet.http.HttpServletRequest request,
 jakarta.servlet.http.HttpServletResponse response)

Saves the OAuth2AuthorizedClient associating it to the provided End-User Authentication (Resource Owner).

Parameters:

authorizedClient - the authorized client

principal - the End-User Authentication (Resource Owner)

request - the HttpServletRequest

response - the HttpServletResponse

removeAuthorizedClient

void removeAuthorizedClient(String clientRegistrationId,
 Authentication principal,
 jakarta.servlet.http.HttpServletRequest request,
 jakarta.servlet.http.HttpServletResponse response)

Removes the OAuth2AuthorizedClient associated to the provided client registration identifier and End-User Authentication (Resource Owner).

Parameters:

clientRegistrationId - the identifier for the client's registration

principal - the End-User Authentication (Resource Owner)

request - the HttpServletRequest

response - the HttpServletResponse