org.springframework.security.oauth2.client.web

Class OAuth2AuthorizationCodeGrantFilter

java.lang.Object

org.springframework.web.filter.GenericFilterBean

org.springframework.web.filter.OncePerRequestFilter

org.springframework.security.oauth2.client.web.OAuth2AuthorizationCodeGrantFilter

All Implemented Interfaces:

javax.servlet.Filter, org.springframework.beans.factory.Aware, org.springframework.beans.factory.BeanNameAware, org.springframework.beans.factory.DisposableBean, org.springframework.beans.factory.InitializingBean, org.springframework.context.EnvironmentAware, org.springframework.core.env.EnvironmentCapable, org.springframework.web.context.ServletContextAware

public class OAuth2AuthorizationCodeGrantFilter
extends org.springframework.web.filter.OncePerRequestFilter

A Filter for the OAuth 2.0 Authorization Code Grant, which handles the processing of the OAuth 2.0 Authorization Response.

The OAuth 2.0 Authorization Response is processed as follows:

• Assuming the End-User (Resource Owner) has granted access to the Client, the Authorization Server will append the code and state parameters to the redirect_uri (provided in the Authorization Request) and redirect the End-User's user-agent back to this Filter (the Client).
• This Filter will then create an OAuth2AuthorizationCodeAuthenticationToken with the code received and delegate it to the AuthenticationManager to authenticate.
• Upon a successful authentication, an Authorized Client is created by associating the client to the access token and current Principal and saving it via the OAuth2AuthorizedClientRepository.

Since:

5.1

See Also:

OAuth2AuthorizationCodeAuthenticationToken, OAuth2AuthorizationCodeAuthenticationProvider, OAuth2AuthorizationRequest, OAuth2AuthorizationResponse, AuthorizationRequestRepository, OAuth2AuthorizationRequestRedirectFilter, ClientRegistrationRepository, OAuth2AuthorizedClient, OAuth2AuthorizedClientRepository, Section 4.1 Authorization Code Grant, Section 4.1.2 Authorization Response

Field Summary

Fields inherited from class org.springframework.web.filter.OncePerRequestFilter

ALREADY_FILTERED_SUFFIX

Fields inherited from class org.springframework.web.filter.GenericFilterBean

logger

Constructor Summary

Constructors

Constructor and Description
OAuth2AuthorizationCodeGrantFilter(ClientRegistrationRepository clientRegistrationRepository, OAuth2AuthorizedClientRepository authorizedClientRepository, org.springframework.security.authentication.AuthenticationManager authenticationManager) Constructs an OAuth2AuthorizationCodeGrantFilter using the provided parameters.

Method Summary

Modifier and Type	Method and Description
protected void	doFilterInternal(javax.servlet.http.HttpServletRequest request, javax.servlet.http.HttpServletResponse response, javax.servlet.FilterChain filterChain)
void	setAuthorizationRequestRepository(AuthorizationRequestRepository<org.springframework.security.oauth2.core.endpoint.OAuth2AuthorizationRequest> authorizationRequestRepository) Sets the repository for stored OAuth2AuthorizationRequest's.
void	setRequestCache(org.springframework.security.web.savedrequest.RequestCache requestCache) Sets the RequestCache used for loading a previously saved request (if available) and replaying it after completing the processing of the OAuth 2.0 Authorization Response.

Methods inherited from class org.springframework.web.filter.OncePerRequestFilter

doFilter, doFilterNestedErrorDispatch, getAlreadyFilteredAttributeName, isAsyncDispatch, isAsyncStarted, shouldNotFilter, shouldNotFilterAsyncDispatch, shouldNotFilterErrorDispatch

Methods inherited from class org.springframework.web.filter.GenericFilterBean

addRequiredProperty, afterPropertiesSet, createEnvironment, destroy, getEnvironment, getFilterConfig, getFilterName, getServletContext, init, initBeanWrapper, initFilterBean, setBeanName, setEnvironment, setServletContext

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Constructor Detail

OAuth2AuthorizationCodeGrantFilter

public OAuth2AuthorizationCodeGrantFilter(ClientRegistrationRepository clientRegistrationRepository,
                                          OAuth2AuthorizedClientRepository authorizedClientRepository,
                                          org.springframework.security.authentication.AuthenticationManager authenticationManager)

Constructs an OAuth2AuthorizationCodeGrantFilter using the provided parameters.

Parameters:

clientRegistrationRepository - the repository of client registrations

authorizedClientRepository - the authorized client repository

authenticationManager - the authentication manager

Method Detail

setAuthorizationRequestRepository

public final void setAuthorizationRequestRepository(AuthorizationRequestRepository<org.springframework.security.oauth2.core.endpoint.OAuth2AuthorizationRequest> authorizationRequestRepository)

Sets the repository for stored OAuth2AuthorizationRequest's.

Parameters:

authorizationRequestRepository - the repository for stored OAuth2AuthorizationRequest's

setRequestCache

public final void setRequestCache(org.springframework.security.web.savedrequest.RequestCache requestCache)

Sets the RequestCache used for loading a previously saved request (if available) and replaying it after completing the processing of the OAuth 2.0 Authorization Response.

Parameters:

requestCache - the cache used for loading a previously saved request (if available)

Since:

5.4

doFilterInternal

protected void doFilterInternal(javax.servlet.http.HttpServletRequest request,
                                javax.servlet.http.HttpServletResponse response,
                                javax.servlet.FilterChain filterChain)
                         throws javax.servlet.ServletException,
                                java.io.IOException

Specified by:

doFilterInternal in class org.springframework.web.filter.OncePerRequestFilter

Throws:

javax.servlet.ServletException

java.io.IOException