Class OAuth2AuthorizationRequestRedirectFilter
- java.lang.Object
-
- org.springframework.web.filter.GenericFilterBean
-
- org.springframework.web.filter.OncePerRequestFilter
-
- org.springframework.security.oauth2.client.web.OAuth2AuthorizationRequestRedirectFilter
-
- All Implemented Interfaces:
javax.servlet.Filter,org.springframework.beans.factory.Aware,org.springframework.beans.factory.BeanNameAware,org.springframework.beans.factory.DisposableBean,org.springframework.beans.factory.InitializingBean,org.springframework.context.EnvironmentAware,org.springframework.core.env.EnvironmentCapable,org.springframework.web.context.ServletContextAware
public class OAuth2AuthorizationRequestRedirectFilter extends org.springframework.web.filter.OncePerRequestFilterThisFilterinitiates the authorization code grant or implicit grant flow by redirecting the End-User's user-agent to the Authorization Server's Authorization Endpoint.It builds the OAuth 2.0 Authorization Request, which is used as the redirect
URIto the Authorization Endpoint. The redirectURIwill include the client identifier, requested scope(s), state, response type, and a redirection URI which the authorization server will send the user-agent back to once access is granted (or denied) by the End-User (Resource Owner).By default, this
Filterresponds to authorization requests at theURI/oauth2/authorization/{registrationId}using the defaultOAuth2AuthorizationRequestResolver. TheURItemplate variable{registrationId}represents theregistration identifierof the client that is used for initiating the OAuth 2.0 Authorization Request.The default base
URI/oauth2/authorizationmay be overridden via the constructorOAuth2AuthorizationRequestRedirectFilter(ClientRegistrationRepository, String), or alternatively, anOAuth2AuthorizationRequestResolvermay be provided to the constructorOAuth2AuthorizationRequestRedirectFilter(OAuth2AuthorizationRequestResolver)to override the resolving of authorization requests.- Since:
- 5.0
- See Also:
OAuth2AuthorizationRequest,OAuth2AuthorizationRequestResolver,AuthorizationRequestRepository,ClientRegistration,ClientRegistrationRepository, Section 4.1 Authorization Code Grant, Section 4.1.1 Authorization Request (Authorization Code), Section 4.2 Implicit Grant, Section 4.2.1 Authorization Request (Implicit)
-
-
Field Summary
Fields Modifier and Type Field Description static java.lang.StringDEFAULT_AUTHORIZATION_REQUEST_BASE_URIThe default baseURIused for authorization requests.
-
Constructor Summary
Constructors Constructor Description OAuth2AuthorizationRequestRedirectFilter(ClientRegistrationRepository clientRegistrationRepository)Constructs anOAuth2AuthorizationRequestRedirectFilterusing the provided parameters.OAuth2AuthorizationRequestRedirectFilter(ClientRegistrationRepository clientRegistrationRepository, java.lang.String authorizationRequestBaseUri)Constructs anOAuth2AuthorizationRequestRedirectFilterusing the provided parameters.OAuth2AuthorizationRequestRedirectFilter(OAuth2AuthorizationRequestResolver authorizationRequestResolver)Constructs anOAuth2AuthorizationRequestRedirectFilterusing the provided parameters.
-
Method Summary
All Methods Instance Methods Concrete Methods Modifier and Type Method Description protected voiddoFilterInternal(javax.servlet.http.HttpServletRequest request, javax.servlet.http.HttpServletResponse response, javax.servlet.FilterChain filterChain)voidsetAuthorizationRequestRepository(AuthorizationRequestRepository<org.springframework.security.oauth2.core.endpoint.OAuth2AuthorizationRequest> authorizationRequestRepository)Sets the repository used for storingOAuth2AuthorizationRequest's.voidsetRequestCache(org.springframework.security.web.savedrequest.RequestCache requestCache)Sets theRequestCacheused for storing the current request before redirecting the OAuth 2.0 Authorization Request.-
Methods inherited from class org.springframework.web.filter.OncePerRequestFilter
doFilter, doFilterNestedErrorDispatch, getAlreadyFilteredAttributeName, isAsyncDispatch, isAsyncStarted, shouldNotFilter, shouldNotFilterAsyncDispatch, shouldNotFilterErrorDispatch
-
-
-
-
Field Detail
-
DEFAULT_AUTHORIZATION_REQUEST_BASE_URI
public static final java.lang.String DEFAULT_AUTHORIZATION_REQUEST_BASE_URI
The default baseURIused for authorization requests.- See Also:
- Constant Field Values
-
-
Constructor Detail
-
OAuth2AuthorizationRequestRedirectFilter
public OAuth2AuthorizationRequestRedirectFilter(ClientRegistrationRepository clientRegistrationRepository)
Constructs anOAuth2AuthorizationRequestRedirectFilterusing the provided parameters.- Parameters:
clientRegistrationRepository- the repository of client registrations
-
OAuth2AuthorizationRequestRedirectFilter
public OAuth2AuthorizationRequestRedirectFilter(ClientRegistrationRepository clientRegistrationRepository, java.lang.String authorizationRequestBaseUri)
Constructs anOAuth2AuthorizationRequestRedirectFilterusing the provided parameters.- Parameters:
clientRegistrationRepository- the repository of client registrationsauthorizationRequestBaseUri- the baseURIused for authorization requests
-
OAuth2AuthorizationRequestRedirectFilter
public OAuth2AuthorizationRequestRedirectFilter(OAuth2AuthorizationRequestResolver authorizationRequestResolver)
Constructs anOAuth2AuthorizationRequestRedirectFilterusing the provided parameters.- Parameters:
authorizationRequestResolver- the resolver used for resolving authorization requests- Since:
- 5.1
-
-
Method Detail
-
setAuthorizationRequestRepository
public final void setAuthorizationRequestRepository(AuthorizationRequestRepository<org.springframework.security.oauth2.core.endpoint.OAuth2AuthorizationRequest> authorizationRequestRepository)
Sets the repository used for storingOAuth2AuthorizationRequest's.- Parameters:
authorizationRequestRepository- the repository used for storingOAuth2AuthorizationRequest's
-
setRequestCache
public final void setRequestCache(org.springframework.security.web.savedrequest.RequestCache requestCache)
Sets theRequestCacheused for storing the current request before redirecting the OAuth 2.0 Authorization Request.- Parameters:
requestCache- the cache used for storing the current request
-
doFilterInternal
protected void doFilterInternal(javax.servlet.http.HttpServletRequest request, javax.servlet.http.HttpServletResponse response, javax.servlet.FilterChain filterChain) throws javax.servlet.ServletException, java.io.IOException- Specified by:
doFilterInternalin classorg.springframework.web.filter.OncePerRequestFilter- Throws:
javax.servlet.ServletExceptionjava.io.IOException
-
-