OAuth2LoginAuthenticationFilter (spring-security-oauth2-client 5.4.1 API)

java.lang.Object
- org.springframework.web.filter.GenericFilterBean
- - org.springframework.security.web.authentication.AbstractAuthenticationProcessingFilter
  - - org.springframework.security.oauth2.client.web.OAuth2LoginAuthenticationFilter

All Implemented Interfaces:

javax.servlet.Filter, org.springframework.beans.factory.Aware, org.springframework.beans.factory.BeanNameAware, org.springframework.beans.factory.DisposableBean, org.springframework.beans.factory.InitializingBean, org.springframework.context.ApplicationEventPublisherAware, org.springframework.context.EnvironmentAware, org.springframework.context.MessageSourceAware, org.springframework.core.env.EnvironmentCapable, org.springframework.web.context.ServletContextAware
```
public class OAuth2LoginAuthenticationFilter
extends org.springframework.security.web.authentication.AbstractAuthenticationProcessingFilter
```
An implementation of an AbstractAuthenticationProcessingFilter for OAuth 2.0 Login.
This authentication Filter handles the processing of an OAuth 2.0 Authorization Response for the authorization code grant flow and delegates an OAuth2LoginAuthenticationToken to the AuthenticationManager to log in the End-User.
The OAuth 2.0 Authorization Response is processed as follows:
- Assuming the End-User (Resource Owner) has granted access to the Client, the Authorization Server will append the code and state parameters to the redirect_uri (provided in the Authorization Request) and redirect the End-User's user-agent back to this Filter (the Client).
- This Filter will then create an OAuth2LoginAuthenticationToken with the code received and delegate it to the AuthenticationManager to authenticate.
- Upon a successful authentication, an OAuth2AuthenticationToken is created (representing the End-User Principal) and associated to the Authorized Client using the OAuth2AuthorizedClientRepository.
- Finally, the OAuth2AuthenticationToken is returned and ultimately stored in the SecurityContextRepository to complete the authentication processing.
Since:

5.0

See Also:

AbstractAuthenticationProcessingFilter, OAuth2LoginAuthenticationToken, OAuth2AuthenticationToken, OAuth2LoginAuthenticationProvider, OAuth2AuthorizationRequest, OAuth2AuthorizationResponse, AuthorizationRequestRepository, OAuth2AuthorizationRequestRedirectFilter, ClientRegistrationRepository, OAuth2AuthorizedClient, OAuth2AuthorizedClientRepository, Section 4.1 Authorization Code Grant, Section 4.1.2 Authorization Response

Field Summary

Fields
Modifier and Type Field and Description

static java.lang.String DEFAULT_FILTER_PROCESSES_URI
The default URI where this Filter processes authentication requests.
- Fields inherited from class org.springframework.security.web.authentication.AbstractAuthenticationProcessingFilter
  authenticationDetailsSource, eventPublisher, messages
- Fields inherited from class org.springframework.web.filter.GenericFilterBean
  logger

Fields
Modifier and Type	Field and Description
`static java.lang.String`	`DEFAULT_FILTER_PROCESSES_URI` The default `URI` where this `Filter` processes authentication requests.

Constructor Summary

Constructors
Constructor and Description
`OAuth2LoginAuthenticationFilter(ClientRegistrationRepository clientRegistrationRepository, OAuth2AuthorizedClientRepository authorizedClientRepository, java.lang.String filterProcessesUrl)` Constructs an `OAuth2LoginAuthenticationFilter` using the provided parameters.
`OAuth2LoginAuthenticationFilter(ClientRegistrationRepository clientRegistrationRepository, OAuth2AuthorizedClientService authorizedClientService)` Constructs an `OAuth2LoginAuthenticationFilter` using the provided parameters.
`OAuth2LoginAuthenticationFilter(ClientRegistrationRepository clientRegistrationRepository, OAuth2AuthorizedClientService authorizedClientService, java.lang.String filterProcessesUrl)` Constructs an `OAuth2LoginAuthenticationFilter` using the provided parameters.

Method Summary

All Methods Instance Methods Concrete Methods
Modifier and Type	Method and Description
`org.springframework.security.core.Authentication`	`attemptAuthentication(javax.servlet.http.HttpServletRequest request, javax.servlet.http.HttpServletResponse response)`
`void`	`setAuthorizationRequestRepository(AuthorizationRequestRepository<org.springframework.security.oauth2.core.endpoint.OAuth2AuthorizationRequest> authorizationRequestRepository)` Sets the repository for stored `OAuth2AuthorizationRequest`'s.

Methods inherited from class org.springframework.security.web.authentication.AbstractAuthenticationProcessingFilter
afterPropertiesSet, doFilter, getAllowSessionCreation, getAuthenticationManager, getFailureHandler, getRememberMeServices, getSuccessHandler, requiresAuthentication, setAllowSessionCreation, setApplicationEventPublisher, setAuthenticationDetailsSource, setAuthenticationFailureHandler, setAuthenticationManager, setAuthenticationSuccessHandler, setContinueChainBeforeSuccessfulAuthentication, setFilterProcessesUrl, setMessageSource, setRememberMeServices, setRequiresAuthenticationRequestMatcher, setSessionAuthenticationStrategy, successfulAuthentication, unsuccessfulAuthentication

Methods inherited from class org.springframework.web.filter.GenericFilterBean
addRequiredProperty, createEnvironment, destroy, getEnvironment, getFilterConfig, getFilterName, getServletContext, init, initBeanWrapper, initFilterBean, setBeanName, setEnvironment, setServletContext

Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Field Detail
- DEFAULT_FILTER_PROCESSES_URI
```
public static final java.lang.String DEFAULT_FILTER_PROCESSES_URI
```
  The default URI where this Filter processes authentication requests.
  
  See Also:
  
  Constant Field Values

Constructor Detail
- OAuth2LoginAuthenticationFilter
```
public OAuth2LoginAuthenticationFilter(ClientRegistrationRepository clientRegistrationRepository,
                                       OAuth2AuthorizedClientService authorizedClientService)
```
  Constructs an OAuth2LoginAuthenticationFilter using the provided parameters.
  
  Parameters:
  
  clientRegistrationRepository - the repository of client registrations
  
  authorizedClientService - the authorized client service
- OAuth2LoginAuthenticationFilter
```
public OAuth2LoginAuthenticationFilter(ClientRegistrationRepository clientRegistrationRepository,
                                       OAuth2AuthorizedClientService authorizedClientService,
                                       java.lang.String filterProcessesUrl)
```
  Constructs an OAuth2LoginAuthenticationFilter using the provided parameters.
  
  Parameters:
  
  clientRegistrationRepository - the repository of client registrations
  
  authorizedClientService - the authorized client service
  
  filterProcessesUrl - the URI where this Filter will process the authentication requests
- OAuth2LoginAuthenticationFilter
```
public OAuth2LoginAuthenticationFilter(ClientRegistrationRepository clientRegistrationRepository,
                                       OAuth2AuthorizedClientRepository authorizedClientRepository,
                                       java.lang.String filterProcessesUrl)
```
  Constructs an OAuth2LoginAuthenticationFilter using the provided parameters.
  
  Parameters:
  
  clientRegistrationRepository - the repository of client registrations
  
  authorizedClientRepository - the authorized client repository
  
  filterProcessesUrl - the URI where this Filter will process the authentication requests
  
  Since:
  
  5.1

Method Detail

attemptAuthentication

public org.springframework.security.core.Authentication attemptAuthentication(javax.servlet.http.HttpServletRequest request,
                                                                              javax.servlet.http.HttpServletResponse response)
                                                                       throws org.springframework.security.core.AuthenticationException

Specified by:: attemptAuthentication in class org.springframework.security.web.authentication.AbstractAuthenticationProcessingFilter
Throws:: org.springframework.security.core.AuthenticationException

setAuthorizationRequestRepository

public final void setAuthorizationRequestRepository(AuthorizationRequestRepository<org.springframework.security.oauth2.core.endpoint.OAuth2AuthorizationRequest> authorizationRequestRepository)

Sets the repository for stored OAuth2AuthorizationRequest's.

Parameters:: authorizationRequestRepository - the repository for stored OAuth2AuthorizationRequest's

Class OAuth2LoginAuthenticationFilter

Field Summary

Fields inherited from class org.springframework.security.web.authentication.AbstractAuthenticationProcessingFilter

Fields inherited from class org.springframework.web.filter.GenericFilterBean

Constructor Summary

Method Summary

Methods inherited from class org.springframework.security.web.authentication.AbstractAuthenticationProcessingFilter

Methods inherited from class org.springframework.web.filter.GenericFilterBean

Methods inherited from class java.lang.Object

Field Detail

DEFAULT_FILTER_PROCESSES_URI

Constructor Detail

OAuth2LoginAuthenticationFilter

OAuth2LoginAuthenticationFilter

OAuth2LoginAuthenticationFilter

Method Detail

attemptAuthentication

setAuthorizationRequestRepository