Package org.springframework.security.oauth2.server.authorization.oidc.authentication

Class OidcUserInfoAuthenticationProvider

java.lang.Object

org.springframework.security.oauth2.server.authorization.oidc.authentication.OidcUserInfoAuthenticationProvider

All Implemented Interfaces:

org.springframework.security.authentication.AuthenticationProvider

public final class OidcUserInfoAuthenticationProvider
extends Object
implements org.springframework.security.authentication.AuthenticationProvider

An AuthenticationProvider implementation for OpenID Connect 1.0 UserInfo Endpoint.

Since:

0.2.1

See Also:

• OAuth2AuthorizationService
• 5.3. UserInfo Endpoint

Constructor Summary

Constructors

Constructor	Description
OidcUserInfoAuthenticationProvider(OAuth2AuthorizationService authorizationService)	Constructs an OidcUserInfoAuthenticationProvider using the provided parameters.

Method Summary

Modifier and Type	Method	Description
org.springframework.security.core.Authentication	authenticate(org.springframework.security.core.Authentication authentication)
void	setUserInfoMapper(Function<OidcUserInfoAuthenticationContext,org.springframework.security.oauth2.core.oidc.OidcUserInfo> userInfoMapper)	Sets the Function used to extract claims from OidcUserInfoAuthenticationContext to an instance of OidcUserInfo for the UserInfo response.
boolean	supports(Class<?> authentication)

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Constructor Details

OidcUserInfoAuthenticationProvider

public OidcUserInfoAuthenticationProvider(OAuth2AuthorizationService authorizationService)

Constructs an OidcUserInfoAuthenticationProvider using the provided parameters.

Parameters:

authorizationService - the authorization service

Method Details

authenticate

public org.springframework.security.core.Authentication authenticate(org.springframework.security.core.Authentication authentication)
                                                              throws org.springframework.security.core.AuthenticationException

Specified by:

authenticate in interface org.springframework.security.authentication.AuthenticationProvider

Throws:

org.springframework.security.core.AuthenticationException

supports

public boolean supports(Class<?> authentication)

Specified by:

supports in interface org.springframework.security.authentication.AuthenticationProvider

setUserInfoMapper

public void setUserInfoMapper(Function<OidcUserInfoAuthenticationContext,org.springframework.security.oauth2.core.oidc.OidcUserInfo> userInfoMapper)

Sets the Function used to extract claims from OidcUserInfoAuthenticationContext to an instance of OidcUserInfo for the UserInfo response.

The OidcUserInfoAuthenticationContext gives the mapper access to the OidcUserInfoAuthenticationToken, as well as, the following context attributes:

• OidcUserInfoAuthenticationContext.getAccessToken() containing the bearer token used to make the request.
• OidcUserInfoAuthenticationContext.getAuthorization() containing the OidcIdToken and OAuth2AccessToken associated with the bearer token used to make the request.

Parameters:

userInfoMapper - the Function used to extract claims from OidcUserInfoAuthenticationContext to an instance of OidcUserInfo