Package org.springframework.security.oauth2.server.resource.authentication

Class JwtAuthenticationProvider

  • All Implemented Interfaces:
    org.springframework.security.authentication.AuthenticationProvider
    public final class JwtAuthenticationProvider
extends java.lang.Object
implements org.springframework.security.authentication.AuthenticationProvider
    An AuthenticationProvider implementation of the Jwt-encoded Bearer Tokens for protecting OAuth 2.0 Resource Servers.

    This AuthenticationProvider is responsible for decoding and verifying a Jwt-encoded access token, returning its claims set as part of the Authentication statement.

    Scopes are translated into GrantedAuthoritys according to the following algorithm: 1. If there is a "scope" or "scp" attribute, then if a String, then split by spaces and return, or if a Collection, then simply return 2. Take the resulting Collection of Strings and prepend the "SCOPE_" keyword, adding as GrantedAuthoritys.

    Since:
    5.1
    See Also:
    AuthenticationProvider, JwtDecoder

    • Constructor Summary

      Constructors 
      Constructor Description
      JwtAuthenticationProvider​(org.springframework.security.oauth2.jwt.JwtDecoder jwtDecoder)  

    • Method Summary

      All Methods Instance Methods Concrete Methods 
      Modifier and Type Method Description
      org.springframework.security.core.Authentication authenticate​(org.springframework.security.core.Authentication authentication)
      Decode and validate the Bearer Token.
      void setJwtAuthenticationConverter​(org.springframework.core.convert.converter.Converter<org.springframework.security.oauth2.jwt.Jwt,​? extends org.springframework.security.authentication.AbstractAuthenticationToken> jwtAuthenticationConverter)  
      boolean supports​(java.lang.Class<?> authentication)  

      • Methods inherited from class java.lang.Object

        clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

    • Constructor Detail

      • JwtAuthenticationProvider

        public JwtAuthenticationProvider​(org.springframework.security.oauth2.jwt.JwtDecoder jwtDecoder)

    • Method Detail

      • authenticate

        public org.springframework.security.core.Authentication authenticate​(org.springframework.security.core.Authentication authentication)
                                                              throws org.springframework.security.core.AuthenticationException
        Decode and validate the Bearer Token.
        Specified by:
        authenticate in interface org.springframework.security.authentication.AuthenticationProvider
        Parameters:
        authentication - the authentication request object.
        Returns:
        A successful authentication
        Throws:
        org.springframework.security.core.AuthenticationException - if authentication failed for some reason

      • supports

        public boolean supports​(java.lang.Class<?> authentication)
        Specified by:
        supports in interface org.springframework.security.authentication.AuthenticationProvider

      • setJwtAuthenticationConverter

        public void setJwtAuthenticationConverter​(org.springframework.core.convert.converter.Converter<org.springframework.security.oauth2.jwt.Jwt,​? extends org.springframework.security.authentication.AbstractAuthenticationToken> jwtAuthenticationConverter)