org.springframework.security.oauth2.client.authentication

Class OAuth2LoginAuthenticationToken

java.lang.Object

org.springframework.security.authentication.AbstractAuthenticationToken

org.springframework.security.oauth2.client.authentication.OAuth2LoginAuthenticationToken

All Implemented Interfaces:

java.io.Serializable, java.security.Principal, org.springframework.security.core.Authentication, org.springframework.security.core.CredentialsContainer

public class OAuth2LoginAuthenticationToken
extends org.springframework.security.authentication.AbstractAuthenticationToken

An AbstractAuthenticationToken for OAuth 2.0 Login, which leverages the OAuth 2.0 Authorization Code Grant Flow.

Since:

5.0

See Also:

AbstractAuthenticationToken, OAuth2User, ClientRegistration, OAuth2AuthorizationExchange, OAuth2AccessToken, Section 4.1 Authorization Code Grant Flow, Serialized Form

Constructor Summary

Constructors

Constructor and Description
OAuth2LoginAuthenticationToken(ClientRegistration clientRegistration, org.springframework.security.oauth2.core.endpoint.OAuth2AuthorizationExchange authorizationExchange) This constructor should be used when the Authorization Request/Response is complete.
OAuth2LoginAuthenticationToken(ClientRegistration clientRegistration, org.springframework.security.oauth2.core.endpoint.OAuth2AuthorizationExchange authorizationExchange, org.springframework.security.oauth2.core.user.OAuth2User principal, java.util.Collection<? extends org.springframework.security.core.GrantedAuthority> authorities, org.springframework.security.oauth2.core.OAuth2AccessToken accessToken) This constructor should be used when the Access Token Request/Response is complete, which indicates that the Authorization Code Grant flow has fully completed and OAuth 2.0 Login has been achieved.
OAuth2LoginAuthenticationToken(ClientRegistration clientRegistration, org.springframework.security.oauth2.core.endpoint.OAuth2AuthorizationExchange authorizationExchange, org.springframework.security.oauth2.core.user.OAuth2User principal, java.util.Collection<? extends org.springframework.security.core.GrantedAuthority> authorities, org.springframework.security.oauth2.core.OAuth2AccessToken accessToken, org.springframework.security.oauth2.core.OAuth2RefreshToken refreshToken) This constructor should be used when the Access Token Request/Response is complete, which indicates that the Authorization Code Grant flow has fully completed and OAuth 2.0 Login has been achieved.

Method Summary

Modifier and Type	Method and Description
org.springframework.security.oauth2.core.OAuth2AccessToken	getAccessToken() Returns the access token.
org.springframework.security.oauth2.core.endpoint.OAuth2AuthorizationExchange	getAuthorizationExchange() Returns the authorization exchange.
ClientRegistration	getClientRegistration() Returns the client registration.
java.lang.Object	getCredentials()
org.springframework.security.oauth2.core.user.OAuth2User	getPrincipal()
org.springframework.security.oauth2.core.OAuth2RefreshToken	getRefreshToken() Returns the refresh token.

Methods inherited from class org.springframework.security.authentication.AbstractAuthenticationToken

equals, eraseCredentials, getAuthorities, getDetails, getName, hashCode, isAuthenticated, setAuthenticated, setDetails, toString

Methods inherited from class java.lang.Object

clone, finalize, getClass, notify, notifyAll, wait, wait, wait

Methods inherited from interface java.security.Principal

implies

Constructor Detail

OAuth2LoginAuthenticationToken

public OAuth2LoginAuthenticationToken(ClientRegistration clientRegistration,
                                      org.springframework.security.oauth2.core.endpoint.OAuth2AuthorizationExchange authorizationExchange)

This constructor should be used when the Authorization Request/Response is complete.

Parameters:

clientRegistration - the client registration

authorizationExchange - the authorization exchange

OAuth2LoginAuthenticationToken

public OAuth2LoginAuthenticationToken(ClientRegistration clientRegistration,
                                      org.springframework.security.oauth2.core.endpoint.OAuth2AuthorizationExchange authorizationExchange,
                                      org.springframework.security.oauth2.core.user.OAuth2User principal,
                                      java.util.Collection<? extends org.springframework.security.core.GrantedAuthority> authorities,
                                      org.springframework.security.oauth2.core.OAuth2AccessToken accessToken)

This constructor should be used when the Access Token Request/Response is complete, which indicates that the Authorization Code Grant flow has fully completed and OAuth 2.0 Login has been achieved.

Parameters:

clientRegistration - the client registration

authorizationExchange - the authorization exchange

principal - the user Principal registered with the OAuth 2.0 Provider

authorities - the authorities granted to the user

accessToken - the access token credential

OAuth2LoginAuthenticationToken

public OAuth2LoginAuthenticationToken(ClientRegistration clientRegistration,
                                      org.springframework.security.oauth2.core.endpoint.OAuth2AuthorizationExchange authorizationExchange,
                                      org.springframework.security.oauth2.core.user.OAuth2User principal,
                                      java.util.Collection<? extends org.springframework.security.core.GrantedAuthority> authorities,
                                      org.springframework.security.oauth2.core.OAuth2AccessToken accessToken,
                                      @Nullable
                                      org.springframework.security.oauth2.core.OAuth2RefreshToken refreshToken)

This constructor should be used when the Access Token Request/Response is complete, which indicates that the Authorization Code Grant flow has fully completed and OAuth 2.0 Login has been achieved.

Parameters:

clientRegistration - the client registration

authorizationExchange - the authorization exchange

principal - the user Principal registered with the OAuth 2.0 Provider

authorities - the authorities granted to the user

accessToken - the access token credential

refreshToken - the refresh token credential

Method Detail

getPrincipal

public org.springframework.security.oauth2.core.user.OAuth2User getPrincipal()

getCredentials

public java.lang.Object getCredentials()

getClientRegistration

public ClientRegistration getClientRegistration()

Returns the client registration.

Returns:

the ClientRegistration

getAuthorizationExchange

public org.springframework.security.oauth2.core.endpoint.OAuth2AuthorizationExchange getAuthorizationExchange()

Returns the authorization exchange.

Returns:

the OAuth2AuthorizationExchange

getAccessToken

public org.springframework.security.oauth2.core.OAuth2AccessToken getAccessToken()

Returns the access token.

Returns:

the OAuth2AccessToken

getRefreshToken

@Nullable
public org.springframework.security.oauth2.core.OAuth2RefreshToken getRefreshToken()

Returns the refresh token.

Returns:

the OAuth2RefreshToken

Since:

5.1