org.springframework.security.oauth2.client.web.server

Class OAuth2AuthorizationCodeGrantWebFilter

java.lang.Object

org.springframework.security.oauth2.client.web.server.OAuth2AuthorizationCodeGrantWebFilter

All Implemented Interfaces:

org.springframework.web.server.WebFilter

public class OAuth2AuthorizationCodeGrantWebFilter
extends java.lang.Object
implements org.springframework.web.server.WebFilter

A Filter for the OAuth 2.0 Authorization Code Grant, which handles the processing of the OAuth 2.0 Authorization Response.

The OAuth 2.0 Authorization Response is processed as follows:

• Assuming the End-User (Resource Owner) has granted access to the Client, the Authorization Server will append the code and state parameters to the redirect_uri (provided in the Authorization Request) and redirect the End-User's user-agent back to this Filter (the Client).
• This Filter will then create an OAuth2AuthorizationCodeAuthenticationToken with the code received and delegate it to the ReactiveAuthenticationManager to authenticate.
• Upon a successful authentication, an Authorized Client is created by associating the client to the access token and current Principal and saving it via the ServerOAuth2AuthorizedClientRepository.

Since:

5.1

See Also:

OAuth2AuthorizationCodeAuthenticationToken, OAuth2AuthorizationCodeReactiveAuthenticationManager, OAuth2AuthorizationRequest, OAuth2AuthorizationResponse, AuthorizationRequestRepository, OAuth2AuthorizationRequestRedirectWebFilter, ReactiveClientRegistrationRepository, OAuth2AuthorizedClient, ServerOAuth2AuthorizedClientRepository, Section 4.1 Authorization Code Grant, Section 4.1.2 Authorization Response

Constructor Summary

Constructors

Constructor and Description
OAuth2AuthorizationCodeGrantWebFilter(org.springframework.security.authentication.ReactiveAuthenticationManager authenticationManager, ReactiveClientRegistrationRepository clientRegistrationRepository, ServerOAuth2AuthorizedClientRepository authorizedClientRepository)
OAuth2AuthorizationCodeGrantWebFilter(org.springframework.security.authentication.ReactiveAuthenticationManager authenticationManager, org.springframework.security.web.server.authentication.ServerAuthenticationConverter authenticationConverter, ServerOAuth2AuthorizedClientRepository authorizedClientRepository)

Method Summary

Modifier and Type	Method and Description
reactor.core.publisher.Mono<java.lang.Void>	filter(org.springframework.web.server.ServerWebExchange exchange, org.springframework.web.server.WebFilterChain chain)
void	setAuthorizationRequestRepository(ServerAuthorizationRequestRepository<org.springframework.security.oauth2.core.endpoint.OAuth2AuthorizationRequest> authorizationRequestRepository) Sets the repository used for storing OAuth2AuthorizationRequest's.
void	setRequestCache(org.springframework.security.web.server.savedrequest.ServerRequestCache requestCache) Sets the ServerRequestCache used for loading a previously saved request (if available) and replaying it after completing the processing of the OAuth 2.0 Authorization Response.

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Constructor Detail

OAuth2AuthorizationCodeGrantWebFilter

public OAuth2AuthorizationCodeGrantWebFilter(org.springframework.security.authentication.ReactiveAuthenticationManager authenticationManager,
                                             ReactiveClientRegistrationRepository clientRegistrationRepository,
                                             ServerOAuth2AuthorizedClientRepository authorizedClientRepository)

OAuth2AuthorizationCodeGrantWebFilter

public OAuth2AuthorizationCodeGrantWebFilter(org.springframework.security.authentication.ReactiveAuthenticationManager authenticationManager,
                                             org.springframework.security.web.server.authentication.ServerAuthenticationConverter authenticationConverter,
                                             ServerOAuth2AuthorizedClientRepository authorizedClientRepository)

Method Detail

setAuthorizationRequestRepository

public final void setAuthorizationRequestRepository(ServerAuthorizationRequestRepository<org.springframework.security.oauth2.core.endpoint.OAuth2AuthorizationRequest> authorizationRequestRepository)

Sets the repository used for storing OAuth2AuthorizationRequest's. The default is WebSessionOAuth2ServerAuthorizationRequestRepository.

Parameters:

authorizationRequestRepository - the repository used for storing OAuth2AuthorizationRequest's

Since:

5.2

setRequestCache

public final void setRequestCache(org.springframework.security.web.server.savedrequest.ServerRequestCache requestCache)

Sets the ServerRequestCache used for loading a previously saved request (if available) and replaying it after completing the processing of the OAuth 2.0 Authorization Response.

Parameters:

requestCache - the cache used for loading a previously saved request (if available)

Since:

5.4

filter

public reactor.core.publisher.Mono<java.lang.Void> filter(org.springframework.web.server.ServerWebExchange exchange,
                                                          org.springframework.web.server.WebFilterChain chain)

Specified by:

filter in interface org.springframework.web.server.WebFilter