Package org.springframework.security.oauth2.server.authorization.config.annotation.web.configurers

Class OAuth2DeviceVerificationEndpointConfigurer

java.lang.Object
org.springframework.security.oauth2.server.authorization.config.annotation.web.configurers.OAuth2DeviceVerificationEndpointConfigurer
public final class OAuth2DeviceVerificationEndpointConfigurer extends Object
Configurer for the OAuth 2.0 Device Verification Endpoint.
Since:
1.1
See Also:

  • Method Details

    • deviceVerificationRequestConverter

      public OAuth2DeviceVerificationEndpointConfigurer deviceVerificationRequestConverter(org.springframework.security.web.authentication.AuthenticationConverter deviceVerificationRequestConverter)
      Sets the AuthenticationConverter used when attempting to extract a Device Verification Request (or Device Authorization Consent) from HttpServletRequest to an instance of OAuth2DeviceVerificationAuthenticationToken or OAuth2DeviceAuthorizationConsentAuthenticationToken used for authenticating the request.
      Parameters:
      deviceVerificationRequestConverter - the AuthenticationConverter used when attempting to extract a Device Verification Request (or Device Authorization Consent) from HttpServletRequest
      Returns:
      the OAuth2DeviceVerificationEndpointConfigurer for further configuration

    • deviceVerificationRequestConverters

      public OAuth2DeviceVerificationEndpointConfigurer deviceVerificationRequestConverters(Consumer<List<org.springframework.security.web.authentication.AuthenticationConverter>> deviceVerificationRequestConvertersConsumer)
      Sets the Consumer providing access to the List of default and (optionally) added AuthenticationConverter's allowing the ability to add, remove, or customize a specific AuthenticationConverter.
      Parameters:
      deviceVerificationRequestConvertersConsumer - the Consumer providing access to the List of default and (optionally) added AuthenticationConverter's
      Returns:
      the OAuth2DeviceVerificationEndpointConfigurer for further configuration

    • authenticationProvider

      public OAuth2DeviceVerificationEndpointConfigurer authenticationProvider(org.springframework.security.authentication.AuthenticationProvider authenticationProvider)
      Adds an AuthenticationProvider used for authenticating an OAuth2DeviceVerificationAuthenticationToken or OAuth2DeviceAuthorizationConsentAuthenticationToken.
      Parameters:
      authenticationProvider - an AuthenticationProvider used for authenticating an OAuth2DeviceVerificationAuthenticationToken or OAuth2DeviceAuthorizationConsentAuthenticationToken
      Returns:
      the OAuth2DeviceVerificationEndpointConfigurer for further configuration

    • authenticationProviders

      public OAuth2DeviceVerificationEndpointConfigurer authenticationProviders(Consumer<List<org.springframework.security.authentication.AuthenticationProvider>> authenticationProvidersConsumer)
      Sets the Consumer providing access to the List of default and (optionally) added AuthenticationProvider's allowing the ability to add, remove, or customize a specific AuthenticationProvider.
      Parameters:
      authenticationProvidersConsumer - the Consumer providing access to the List of default and (optionally) added AuthenticationProvider's
      Returns:
      the OAuth2DeviceVerificationEndpointConfigurer for further configuration

    • deviceVerificationResponseHandler

      public OAuth2DeviceVerificationEndpointConfigurer deviceVerificationResponseHandler(org.springframework.security.web.authentication.AuthenticationSuccessHandler deviceVerificationResponseHandler)
      Sets the AuthenticationSuccessHandler used for handling an OAuth2DeviceVerificationAuthenticationToken and returning the response.
      Parameters:
      deviceVerificationResponseHandler - the AuthenticationSuccessHandler used for handling an OAuth2DeviceVerificationAuthenticationToken
      Returns:
      the OAuth2DeviceVerificationEndpointConfigurer for further configuration

    • errorResponseHandler

      public OAuth2DeviceVerificationEndpointConfigurer errorResponseHandler(org.springframework.security.web.authentication.AuthenticationFailureHandler errorResponseHandler)
      Sets the AuthenticationFailureHandler used for handling an OAuth2AuthenticationException and returning the Error Response.
      Parameters:
      errorResponseHandler - the AuthenticationFailureHandler used for handling an OAuth2AuthenticationException
      Returns:
      the OAuth2DeviceVerificationEndpointConfigurer for further configuration

    • consentPage

      public OAuth2DeviceVerificationEndpointConfigurer consentPage(String consentPage)
      Specify the URI to redirect Resource Owners to if consent is required during the device_code flow. A default consent page will be generated when this attribute is not specified. If a URI is specified, applications are required to process the specified URI to generate a consent page. The query string will contain the following parameters:
      • client_id - the client identifier
      • scope - a space-delimited list of scopes present in the device authorization request
      • state - a CSRF protection token
      • user_code - the user code
      In general, the consent page should create a form that submits a request with the following requirements:
      • It must be an HTTP POST
      • It must be submitted to AuthorizationServerSettings.getDeviceVerificationEndpoint()
      • It must include the received client_id as an HTTP parameter
      • It must include the received state as an HTTP parameter
      • It must include the list of scopes the Resource Owner consented to as an HTTP parameter
      • It must include the received user_code as an HTTP parameter
      Parameters:
      consentPage - the URI of the custom consent page to redirect to if consent is required (e.g. "/oauth2/consent")
      Returns:
      the OAuth2DeviceVerificationEndpointConfigurer for further configuration

    • init

      public void init(org.springframework.security.config.annotation.web.builders.HttpSecurity builder)

    • configure

      public void configure(org.springframework.security.config.annotation.web.builders.HttpSecurity builder)

    • postProcess

      protected final <T> T postProcess(T object)

    • getObjectPostProcessor

      protected final org.springframework.security.config.annotation.ObjectPostProcessor<Object> getObjectPostProcessor()