Class OAuth2AuthorizationCodeGrantFilter
java.lang.Object
org.springframework.web.filter.GenericFilterBean
org.springframework.web.filter.OncePerRequestFilter
org.springframework.security.oauth2.client.web.OAuth2AuthorizationCodeGrantFilter
- All Implemented Interfaces:
jakarta.servlet.Filter,org.springframework.beans.factory.Aware,org.springframework.beans.factory.BeanNameAware,org.springframework.beans.factory.DisposableBean,org.springframework.beans.factory.InitializingBean,org.springframework.context.EnvironmentAware,org.springframework.core.env.EnvironmentCapable,org.springframework.web.context.ServletContextAware
public class OAuth2AuthorizationCodeGrantFilter
extends org.springframework.web.filter.OncePerRequestFilter
A
Filter for the OAuth 2.0 Authorization Code Grant, which handles the
processing of the OAuth 2.0 Authorization Response.
The OAuth 2.0 Authorization Response is processed as follows:
- Assuming the End-User (Resource Owner) has granted access to the Client, the
Authorization Server will append the
codeandstateparameters to theredirect_uri(provided in the Authorization Request) and redirect the End-User's user-agent back to thisFilter(the Client). - This
Filterwill then create anOAuth2AuthorizationCodeAuthenticationTokenwith thecodereceived and delegate it to theAuthenticationManagerto authenticate. - Upon a successful authentication, an
Authorized Clientis created by associating theclientto theaccess tokenand currentPrincipaland saving it via theOAuth2AuthorizedClientRepository.
- Since:
- 5.1
- See Also:
-
OAuth2AuthorizationCodeAuthenticationTokenOAuth2AuthorizationCodeAuthenticationProviderOAuth2AuthorizationRequestOAuth2AuthorizationResponseAuthorizationRequestRepositoryOAuth2AuthorizationRequestRedirectFilterClientRegistrationRepositoryOAuth2AuthorizedClientOAuth2AuthorizedClientRepository- Section 4.1 Authorization Code Grant
- Section 4.1.2 Authorization Response
-
Field Summary
Fields inherited from class org.springframework.web.filter.OncePerRequestFilter
ALREADY_FILTERED_SUFFIXFields inherited from class org.springframework.web.filter.GenericFilterBean
logger -
Constructor Summary
ConstructorsConstructorDescriptionOAuth2AuthorizationCodeGrantFilter(ClientRegistrationRepository clientRegistrationRepository, OAuth2AuthorizedClientRepository authorizedClientRepository, org.springframework.security.authentication.AuthenticationManager authenticationManager) Constructs anOAuth2AuthorizationCodeGrantFilterusing the provided parameters. -
Method Summary
Modifier and TypeMethodDescriptionprotected voiddoFilterInternal(jakarta.servlet.http.HttpServletRequest request, jakarta.servlet.http.HttpServletResponse response, jakarta.servlet.FilterChain filterChain) final voidsetAuthorizationRequestRepository(AuthorizationRequestRepository<org.springframework.security.oauth2.core.endpoint.OAuth2AuthorizationRequest> authorizationRequestRepository) Sets the repository for storedOAuth2AuthorizationRequest's.final voidsetRequestCache(org.springframework.security.web.savedrequest.RequestCache requestCache) Sets theRequestCacheused for loading a previously saved request (if available) and replaying it after completing the processing of the OAuth 2.0 Authorization Response.voidsetSecurityContextHolderStrategy(org.springframework.security.core.context.SecurityContextHolderStrategy securityContextHolderStrategy) Sets theSecurityContextHolderStrategyto use.Methods inherited from class org.springframework.web.filter.OncePerRequestFilter
doFilter, doFilterNestedErrorDispatch, getAlreadyFilteredAttributeName, isAsyncDispatch, isAsyncStarted, shouldNotFilter, shouldNotFilterAsyncDispatch, shouldNotFilterErrorDispatchMethods inherited from class org.springframework.web.filter.GenericFilterBean
addRequiredProperty, afterPropertiesSet, createEnvironment, destroy, getEnvironment, getFilterConfig, getFilterName, getServletContext, init, initBeanWrapper, initFilterBean, setBeanName, setEnvironment, setServletContext
-
Constructor Details
-
OAuth2AuthorizationCodeGrantFilter
public OAuth2AuthorizationCodeGrantFilter(ClientRegistrationRepository clientRegistrationRepository, OAuth2AuthorizedClientRepository authorizedClientRepository, org.springframework.security.authentication.AuthenticationManager authenticationManager) Constructs anOAuth2AuthorizationCodeGrantFilterusing the provided parameters.- Parameters:
clientRegistrationRepository- the repository of client registrationsauthorizedClientRepository- the authorized client repositoryauthenticationManager- the authentication manager
-
-
Method Details
-
setAuthorizationRequestRepository
public final void setAuthorizationRequestRepository(AuthorizationRequestRepository<org.springframework.security.oauth2.core.endpoint.OAuth2AuthorizationRequest> authorizationRequestRepository) Sets the repository for storedOAuth2AuthorizationRequest's.- Parameters:
authorizationRequestRepository- the repository for storedOAuth2AuthorizationRequest's
-
setRequestCache
public final void setRequestCache(org.springframework.security.web.savedrequest.RequestCache requestCache) Sets theRequestCacheused for loading a previously saved request (if available) and replaying it after completing the processing of the OAuth 2.0 Authorization Response.- Parameters:
requestCache- the cache used for loading a previously saved request (if available)- Since:
- 5.4
-
setSecurityContextHolderStrategy
public void setSecurityContextHolderStrategy(org.springframework.security.core.context.SecurityContextHolderStrategy securityContextHolderStrategy) Sets theSecurityContextHolderStrategyto use. The default action is to use theSecurityContextHolderStrategystored inSecurityContextHolder.- Since:
- 5.8
-
doFilterInternal
protected void doFilterInternal(jakarta.servlet.http.HttpServletRequest request, jakarta.servlet.http.HttpServletResponse response, jakarta.servlet.FilterChain filterChain) throws jakarta.servlet.ServletException, IOException - Specified by:
doFilterInternalin classorg.springframework.web.filter.OncePerRequestFilter- Throws:
jakarta.servlet.ServletExceptionIOException
-