org.springframework.security.oauth2.server.resource.introspection

Class NimbusOpaqueTokenIntrospector

java.lang.Object

org.springframework.security.oauth2.server.resource.introspection.NimbusOpaqueTokenIntrospector

All Implemented Interfaces:

OpaqueTokenIntrospector

public class NimbusOpaqueTokenIntrospector
extends java.lang.Object
implements OpaqueTokenIntrospector

A Nimbus implementation of OpaqueTokenIntrospector that verifies and introspects a token using the configured OAuth 2.0 Introspection Endpoint.

Since:

5.2

Constructor Summary

Constructors

Constructor and Description
NimbusOpaqueTokenIntrospector(java.lang.String introspectionUri, org.springframework.web.client.RestOperations restOperations) Creates a OpaqueTokenAuthenticationProvider with the provided parameters The given RestOperations should perform its own client authentication against the introspection endpoint.
NimbusOpaqueTokenIntrospector(java.lang.String introspectionUri, java.lang.String clientId, java.lang.String clientSecret) Creates a OpaqueTokenAuthenticationProvider with the provided parameters

Method Summary

Modifier and Type	Method and Description
org.springframework.security.oauth2.core.OAuth2AuthenticatedPrincipal	introspect(java.lang.String token) Introspect and verify the given token, returning its attributes.
void	setRequestEntityConverter(org.springframework.core.convert.converter.Converter<java.lang.String,org.springframework.http.RequestEntity<?>> requestEntityConverter) Sets the Converter used for converting the OAuth 2.0 access token to a RequestEntity representation of the OAuth 2.0 token introspection request.

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Constructor Detail

NimbusOpaqueTokenIntrospector

public NimbusOpaqueTokenIntrospector(java.lang.String introspectionUri,
                                     java.lang.String clientId,
                                     java.lang.String clientSecret)

Creates a OpaqueTokenAuthenticationProvider with the provided parameters

Parameters:

introspectionUri - The introspection endpoint uri

clientId - The client id authorized to introspect

clientSecret - The client's secret

NimbusOpaqueTokenIntrospector

public NimbusOpaqueTokenIntrospector(java.lang.String introspectionUri,
                                     org.springframework.web.client.RestOperations restOperations)

Creates a OpaqueTokenAuthenticationProvider with the provided parameters The given RestOperations should perform its own client authentication against the introspection endpoint.

Parameters:

introspectionUri - The introspection endpoint uri

restOperations - The client for performing the introspection request

Method Detail

introspect

public org.springframework.security.oauth2.core.OAuth2AuthenticatedPrincipal introspect(java.lang.String token)

Description copied from interface: OpaqueTokenIntrospector

Introspect and verify the given token, returning its attributes. Returning a Map is indicative that the token is valid.

Specified by:

introspect in interface OpaqueTokenIntrospector

Parameters:

token - the token to introspect

Returns:

the token's attributes

setRequestEntityConverter

public void setRequestEntityConverter(org.springframework.core.convert.converter.Converter<java.lang.String,org.springframework.http.RequestEntity<?>> requestEntityConverter)

Sets the Converter used for converting the OAuth 2.0 access token to a RequestEntity representation of the OAuth 2.0 token introspection request.

Parameters:

requestEntityConverter - the Converter used for converting to a RequestEntity representation of the token introspection request