Package org.springframework.security.oauth2.client.authentication

Class OAuth2LoginAuthenticationToken

  • All Implemented Interfaces:
    java.io.Serializable, java.security.Principal, org.springframework.security.core.Authentication, org.springframework.security.core.CredentialsContainer
    public class OAuth2LoginAuthenticationToken
extends org.springframework.security.authentication.AbstractAuthenticationToken
    An AbstractAuthenticationToken for OAuth 2.0 Login, which leverages the OAuth 2.0 Authorization Code Grant Flow.
    Since:
    5.0
    See Also:
    AbstractAuthenticationToken, OAuth2User, ClientRegistration, OAuth2AuthorizationExchange, OAuth2AccessToken, Section 4.1 Authorization Code Grant Flow, Serialized Form

    • Constructor Summary

      Constructors 
      Constructor Description
      OAuth2LoginAuthenticationToken​(ClientRegistration clientRegistration, org.springframework.security.oauth2.core.endpoint.OAuth2AuthorizationExchange authorizationExchange)
      This constructor should be used when the Authorization Request/Response is complete.
      OAuth2LoginAuthenticationToken​(ClientRegistration clientRegistration, org.springframework.security.oauth2.core.endpoint.OAuth2AuthorizationExchange authorizationExchange, org.springframework.security.oauth2.core.user.OAuth2User principal, java.util.Collection<? extends org.springframework.security.core.GrantedAuthority> authorities, org.springframework.security.oauth2.core.OAuth2AccessToken accessToken)
      This constructor should be used when the Access Token Request/Response is complete, which indicates that the Authorization Code Grant flow has fully completed and OAuth 2.0 Login has been achieved.
      OAuth2LoginAuthenticationToken​(ClientRegistration clientRegistration, org.springframework.security.oauth2.core.endpoint.OAuth2AuthorizationExchange authorizationExchange, org.springframework.security.oauth2.core.user.OAuth2User principal, java.util.Collection<? extends org.springframework.security.core.GrantedAuthority> authorities, org.springframework.security.oauth2.core.OAuth2AccessToken accessToken, org.springframework.security.oauth2.core.OAuth2RefreshToken refreshToken)
      This constructor should be used when the Access Token Request/Response is complete, which indicates that the Authorization Code Grant flow has fully completed and OAuth 2.0 Login has been achieved.

    • Method Summary

      All Methods Instance Methods Concrete Methods 
      Modifier and Type Method Description
      org.springframework.security.oauth2.core.OAuth2AccessToken getAccessToken()
      Returns the access token.
      org.springframework.security.oauth2.core.endpoint.OAuth2AuthorizationExchange getAuthorizationExchange()
      Returns the authorization exchange.
      ClientRegistration getClientRegistration()
      Returns the client registration.
      java.lang.Object getCredentials()  
      org.springframework.security.oauth2.core.user.OAuth2User getPrincipal()  
      org.springframework.security.oauth2.core.OAuth2RefreshToken getRefreshToken()
      Returns the refresh token.

      • Methods inherited from class org.springframework.security.authentication.AbstractAuthenticationToken

        equals, eraseCredentials, getAuthorities, getDetails, getName, hashCode, isAuthenticated, setAuthenticated, setDetails, toString

      • Methods inherited from class java.lang.Object

        clone, finalize, getClass, notify, notifyAll, wait, wait, wait

      • Methods inherited from interface java.security.Principal

        implies

    • Constructor Detail

      • OAuth2LoginAuthenticationToken

        public OAuth2LoginAuthenticationToken​(ClientRegistration clientRegistration,
                                      org.springframework.security.oauth2.core.endpoint.OAuth2AuthorizationExchange authorizationExchange)
        This constructor should be used when the Authorization Request/Response is complete.
        Parameters:
        clientRegistration - the client registration
        authorizationExchange - the authorization exchange

      • OAuth2LoginAuthenticationToken

        public OAuth2LoginAuthenticationToken​(ClientRegistration clientRegistration,
                                      org.springframework.security.oauth2.core.endpoint.OAuth2AuthorizationExchange authorizationExchange,
                                      org.springframework.security.oauth2.core.user.OAuth2User principal,
                                      java.util.Collection<? extends org.springframework.security.core.GrantedAuthority> authorities,
                                      org.springframework.security.oauth2.core.OAuth2AccessToken accessToken)
        This constructor should be used when the Access Token Request/Response is complete, which indicates that the Authorization Code Grant flow has fully completed and OAuth 2.0 Login has been achieved.
        Parameters:
        clientRegistration - the client registration
        authorizationExchange - the authorization exchange
        principal - the user Principal registered with the OAuth 2.0 Provider
        authorities - the authorities granted to the user
        accessToken - the access token credential

      • OAuth2LoginAuthenticationToken

        public OAuth2LoginAuthenticationToken​(ClientRegistration clientRegistration,
                                      org.springframework.security.oauth2.core.endpoint.OAuth2AuthorizationExchange authorizationExchange,
                                      org.springframework.security.oauth2.core.user.OAuth2User principal,
                                      java.util.Collection<? extends org.springframework.security.core.GrantedAuthority> authorities,
                                      org.springframework.security.oauth2.core.OAuth2AccessToken accessToken,
                                      @Nullable
                                      org.springframework.security.oauth2.core.OAuth2RefreshToken refreshToken)
        This constructor should be used when the Access Token Request/Response is complete, which indicates that the Authorization Code Grant flow has fully completed and OAuth 2.0 Login has been achieved.
        Parameters:
        clientRegistration - the client registration
        authorizationExchange - the authorization exchange
        principal - the user Principal registered with the OAuth 2.0 Provider
        authorities - the authorities granted to the user
        accessToken - the access token credential
        refreshToken - the refresh token credential

    • Method Detail

      • getPrincipal

        public org.springframework.security.oauth2.core.user.OAuth2User getPrincipal()

      • getCredentials

        public java.lang.Object getCredentials()

      • getAuthorizationExchange

        public org.springframework.security.oauth2.core.endpoint.OAuth2AuthorizationExchange getAuthorizationExchange()
        Returns the authorization exchange.
        Returns:
        the OAuth2AuthorizationExchange

      • getAccessToken

        public org.springframework.security.oauth2.core.OAuth2AccessToken getAccessToken()
        Returns the access token.
        Returns:
        the OAuth2AccessToken

      • getRefreshToken

        @Nullable
public org.springframework.security.oauth2.core.OAuth2RefreshToken getRefreshToken()
        Returns the refresh token.
        Returns:
        the OAuth2RefreshToken
        Since:
        5.1