public final class DefaultOAuth2AuthorizedClientManager extends java.lang.Object implements OAuth2AuthorizedClientManager
OAuth2AuthorizedClientManager for use within
the context of a HttpServletRequest.
(When operating outside of the context of a HttpServletRequest, use
AuthorizedClientServiceOAuth2AuthorizedClientManager instead.)
This manager utilizes an OAuth2AuthorizedClientRepository to persist
OAuth2AuthorizedClients.
By default, when an authorization attempt succeeds, the OAuth2AuthorizedClient
will be saved in the OAuth2AuthorizedClientRepository. This functionality can
be changed by configuring a custom OAuth2AuthorizationSuccessHandler via
setAuthorizationSuccessHandler(OAuth2AuthorizationSuccessHandler).
By default, when an authorization attempt fails due to an
error, the previously saved
OAuth2AuthorizedClient will be removed from the
OAuth2AuthorizedClientRepository. (The
error can occur when a refresh token that is no longer valid is used to retrieve a new
access token.) This functionality can be changed by configuring a custom
OAuth2AuthorizationFailureHandler via
setAuthorizationFailureHandler(OAuth2AuthorizationFailureHandler).
| Modifier and Type | Class and Description |
|---|---|
static class |
DefaultOAuth2AuthorizedClientManager.DefaultContextAttributesMapper
The default implementation of the
contextAttributesMapper. |
| Constructor and Description |
|---|
DefaultOAuth2AuthorizedClientManager(ClientRegistrationRepository clientRegistrationRepository,
OAuth2AuthorizedClientRepository authorizedClientRepository)
Constructs a
DefaultOAuth2AuthorizedClientManager using the provided
parameters. |
| Modifier and Type | Method and Description |
|---|---|
OAuth2AuthorizedClient |
authorize(OAuth2AuthorizeRequest authorizeRequest)
Attempt to authorize or re-authorize (if required) the
client identified by the provided
clientRegistrationId. |
void |
setAuthorizationFailureHandler(OAuth2AuthorizationFailureHandler authorizationFailureHandler)
Sets the
OAuth2AuthorizationFailureHandler that handles authorization
failures. |
void |
setAuthorizationSuccessHandler(OAuth2AuthorizationSuccessHandler authorizationSuccessHandler)
Sets the
OAuth2AuthorizationSuccessHandler that handles successful
authorizations. |
void |
setAuthorizedClientProvider(OAuth2AuthorizedClientProvider authorizedClientProvider)
Sets the
OAuth2AuthorizedClientProvider used for authorizing (or
re-authorizing) an OAuth 2.0 Client. |
void |
setContextAttributesMapper(java.util.function.Function<OAuth2AuthorizeRequest,java.util.Map<java.lang.String,java.lang.Object>> contextAttributesMapper)
Sets the
Function used for mapping attribute(s) from the
OAuth2AuthorizeRequest to a Map of attributes to be associated to
the authorization context. |
public DefaultOAuth2AuthorizedClientManager(ClientRegistrationRepository clientRegistrationRepository, OAuth2AuthorizedClientRepository authorizedClientRepository)
DefaultOAuth2AuthorizedClientManager using the provided
parameters.clientRegistrationRepository - the repository of client registrationsauthorizedClientRepository - the repository of authorized clients@Nullable public OAuth2AuthorizedClient authorize(OAuth2AuthorizeRequest authorizeRequest)
OAuth2AuthorizedClientManagerclient identified by the provided
clientRegistrationId.
Implementations must return null if authorization is not supported for the
specified client, e.g. the associated OAuth2AuthorizedClientProvider(s)
does not support the authorization grant type configured for the client.
In the case of re-authorization, implementations must return the provided
authorized client if
re-authorization is not supported for the client OR is not required, e.g. a
refresh token is not available OR
the access token is not expired.
authorize in interface OAuth2AuthorizedClientManagerauthorizeRequest - the authorize requestOAuth2AuthorizedClient or null if authorization is not
supported for the specified clientpublic void setAuthorizedClientProvider(OAuth2AuthorizedClientProvider authorizedClientProvider)
OAuth2AuthorizedClientProvider used for authorizing (or
re-authorizing) an OAuth 2.0 Client.authorizedClientProvider - the OAuth2AuthorizedClientProvider used for
authorizing (or re-authorizing) an OAuth 2.0 Clientpublic void setContextAttributesMapper(java.util.function.Function<OAuth2AuthorizeRequest,java.util.Map<java.lang.String,java.lang.Object>> contextAttributesMapper)
Function used for mapping attribute(s) from the
OAuth2AuthorizeRequest to a Map of attributes to be associated to
the authorization context.contextAttributesMapper - the Function used for supplying the
Map of attributes to the authorization contextpublic void setAuthorizationSuccessHandler(OAuth2AuthorizationSuccessHandler authorizationSuccessHandler)
OAuth2AuthorizationSuccessHandler that handles successful
authorizations.
The default saves OAuth2AuthorizedClients in the
OAuth2AuthorizedClientRepository.
authorizationSuccessHandler - the OAuth2AuthorizationSuccessHandler
that handles successful authorizationspublic void setAuthorizationFailureHandler(OAuth2AuthorizationFailureHandler authorizationFailureHandler)
OAuth2AuthorizationFailureHandler that handles authorization
failures.
A RemoveAuthorizedClientOAuth2AuthorizationFailureHandler is used by
default.
authorizationFailureHandler - the OAuth2AuthorizationFailureHandler
that handles authorization failuresRemoveAuthorizedClientOAuth2AuthorizationFailureHandler