Class OAuth2AuthorizationCodeGrantWebFilter
java.lang.Object
org.springframework.security.oauth2.client.web.server.OAuth2AuthorizationCodeGrantWebFilter
- All Implemented Interfaces:
org.springframework.web.server.WebFilter
public class OAuth2AuthorizationCodeGrantWebFilter
extends Object
implements org.springframework.web.server.WebFilter
A
Filter
for the OAuth 2.0 Authorization Code Grant, which handles the
processing of the OAuth 2.0 Authorization Response.
The OAuth 2.0 Authorization Response is processed as follows:
- Assuming the End-User (Resource Owner) has granted access to the Client, the
Authorization Server will append the
code
andstate
parameters to theredirect_uri
(provided in the Authorization Request) and redirect the End-User's user-agent back to thisFilter
(the Client). - This
Filter
will then create anOAuth2AuthorizationCodeAuthenticationToken
with thecode
received and delegate it to theReactiveAuthenticationManager
to authenticate. - Upon a successful authentication, an
Authorized Client
is created by associating theclient
to theaccess token
and currentPrincipal
and saving it via theServerOAuth2AuthorizedClientRepository
.
- Since:
- 5.1
- See Also:
-
OAuth2AuthorizationCodeAuthenticationToken
OAuth2AuthorizationCodeReactiveAuthenticationManager
OAuth2AuthorizationRequest
OAuth2AuthorizationResponse
AuthorizationRequestRepository
OAuth2AuthorizationRequestRedirectWebFilter
ReactiveClientRegistrationRepository
OAuth2AuthorizedClient
ServerOAuth2AuthorizedClientRepository
- Section 4.1 Authorization Code Grant
- Section 4.1.2 Authorization Response
-
Constructor Summary
ConstructorDescriptionOAuth2AuthorizationCodeGrantWebFilter
(ReactiveAuthenticationManager authenticationManager, ReactiveClientRegistrationRepository clientRegistrationRepository, ServerOAuth2AuthorizedClientRepository authorizedClientRepository) OAuth2AuthorizationCodeGrantWebFilter
(ReactiveAuthenticationManager authenticationManager, ServerAuthenticationConverter authenticationConverter, ServerOAuth2AuthorizedClientRepository authorizedClientRepository) -
Method Summary
Modifier and TypeMethodDescriptionreactor.core.publisher.Mono<Void>
filter
(org.springframework.web.server.ServerWebExchange exchange, org.springframework.web.server.WebFilterChain chain) final void
setAuthorizationRequestRepository
(ServerAuthorizationRequestRepository<OAuth2AuthorizationRequest> authorizationRequestRepository) Sets the repository used for storingOAuth2AuthorizationRequest
's.final void
setRequestCache
(ServerRequestCache requestCache) Sets theServerRequestCache
used for loading a previously saved request (if available) and replaying it after completing the processing of the OAuth 2.0 Authorization Response.
-
Constructor Details
-
OAuth2AuthorizationCodeGrantWebFilter
public OAuth2AuthorizationCodeGrantWebFilter(ReactiveAuthenticationManager authenticationManager, ReactiveClientRegistrationRepository clientRegistrationRepository, ServerOAuth2AuthorizedClientRepository authorizedClientRepository) -
OAuth2AuthorizationCodeGrantWebFilter
public OAuth2AuthorizationCodeGrantWebFilter(ReactiveAuthenticationManager authenticationManager, ServerAuthenticationConverter authenticationConverter, ServerOAuth2AuthorizedClientRepository authorizedClientRepository)
-
-
Method Details
-
setAuthorizationRequestRepository
public final void setAuthorizationRequestRepository(ServerAuthorizationRequestRepository<OAuth2AuthorizationRequest> authorizationRequestRepository) Sets the repository used for storingOAuth2AuthorizationRequest
's. The default isWebSessionOAuth2ServerAuthorizationRequestRepository
.- Parameters:
authorizationRequestRepository
- the repository used for storingOAuth2AuthorizationRequest
's- Since:
- 5.2
-
setRequestCache
Sets theServerRequestCache
used for loading a previously saved request (if available) and replaying it after completing the processing of the OAuth 2.0 Authorization Response.- Parameters:
requestCache
- the cache used for loading a previously saved request (if available)- Since:
- 5.4
-
filter
public reactor.core.publisher.Mono<Void> filter(org.springframework.web.server.ServerWebExchange exchange, org.springframework.web.server.WebFilterChain chain) - Specified by:
filter
in interfaceorg.springframework.web.server.WebFilter
-