public class OidcAuthorizationCodeReactiveAuthenticationManager
extends java.lang.Object
implements org.springframework.security.authentication.ReactiveAuthenticationManager
AuthenticationProvider for OAuth
2.0 Login, which leverages the OAuth 2.0 Authorization Code Grant Flow.
This AuthenticationProvider is
responsible for authenticating an Authorization Code credential with the Authorization
Server's Token Endpoint and if valid, exchanging it for an Access Token credential.
It will also obtain the user attributes of the End-User (Resource Owner) from the
UserInfo Endpoint using an
OAuth2UserService, which
will create a Principal in the form of an OAuth2User. The
OAuth2User is then associated to the OAuth2LoginAuthenticationToken to
complete the authentication.
| Constructor and Description |
|---|
OidcAuthorizationCodeReactiveAuthenticationManager(ReactiveOAuth2AccessTokenResponseClient<OAuth2AuthorizationCodeGrantRequest> accessTokenResponseClient,
ReactiveOAuth2UserService<OidcUserRequest,org.springframework.security.oauth2.core.oidc.user.OidcUser> userService) |
| Modifier and Type | Method and Description |
|---|---|
reactor.core.publisher.Mono<org.springframework.security.core.Authentication> |
authenticate(org.springframework.security.core.Authentication authentication) |
void |
setAuthoritiesMapper(org.springframework.security.core.authority.mapping.GrantedAuthoritiesMapper authoritiesMapper)
Sets the
GrantedAuthoritiesMapper used for mapping
OAuth2AuthenticatedPrincipal.getAuthorities() to a new set of authorities which will be
associated to the OAuth2LoginAuthenticationToken. |
void |
setJwtDecoderFactory(org.springframework.security.oauth2.jwt.ReactiveJwtDecoderFactory<ClientRegistration> jwtDecoderFactory)
Sets the
ReactiveJwtDecoderFactory used for OidcIdToken signature
verification. |
public OidcAuthorizationCodeReactiveAuthenticationManager(ReactiveOAuth2AccessTokenResponseClient<OAuth2AuthorizationCodeGrantRequest> accessTokenResponseClient, ReactiveOAuth2UserService<OidcUserRequest,org.springframework.security.oauth2.core.oidc.user.OidcUser> userService)
public reactor.core.publisher.Mono<org.springframework.security.core.Authentication> authenticate(org.springframework.security.core.Authentication authentication)
authenticate in interface org.springframework.security.authentication.ReactiveAuthenticationManagerpublic final void setJwtDecoderFactory(org.springframework.security.oauth2.jwt.ReactiveJwtDecoderFactory<ClientRegistration> jwtDecoderFactory)
ReactiveJwtDecoderFactory used for OidcIdToken signature
verification. The factory returns a ReactiveJwtDecoder associated to the
provided ClientRegistration.jwtDecoderFactory - the ReactiveJwtDecoderFactory used for
OidcIdToken signature verificationpublic final void setAuthoritiesMapper(org.springframework.security.core.authority.mapping.GrantedAuthoritiesMapper authoritiesMapper)
GrantedAuthoritiesMapper used for mapping
OAuth2AuthenticatedPrincipal.getAuthorities() to a new set of authorities which will be
associated to the OAuth2LoginAuthenticationToken.authoritiesMapper - the GrantedAuthoritiesMapper used for mapping the
user's authorities