Package org.springframework.security.oauth2.server.resource.authentication

Class OpaqueTokenReactiveAuthenticationManager

  • All Implemented Interfaces:
    org.springframework.security.authentication.ReactiveAuthenticationManager
    public class OpaqueTokenReactiveAuthenticationManager
extends java.lang.Object
implements org.springframework.security.authentication.ReactiveAuthenticationManager
    An ReactiveAuthenticationManager implementation for opaque Bearer Tokens, using an OAuth 2.0 Introspection Endpoint to check the token's validity and reveal its attributes.

    This ReactiveAuthenticationManager is responsible for introspecting and verifying an opaque access token, returning its attributes set as part of the Authentication statement.

    Scopes are translated into GrantedAuthoritys according to the following algorithm:

    1. If there is a "scope" attribute, then convert to a Collection of Strings.
    2. Take the resulting Collection and prepend the "SCOPE_" keyword to each element, adding as GrantedAuthoritys.
    Since:
    5.2
    See Also:
    ReactiveAuthenticationManager

    • Method Summary

      All Methods Instance Methods Concrete Methods 
      Modifier and Type Method Description
      reactor.core.publisher.Mono<org.springframework.security.core.Authentication> authenticate​(org.springframework.security.core.Authentication authentication)  

      • Methods inherited from class java.lang.Object

        clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

    • Method Detail

      • authenticate

        public reactor.core.publisher.Mono<org.springframework.security.core.Authentication> authenticate​(org.springframework.security.core.Authentication authentication)
        Specified by:
        authenticate in interface org.springframework.security.authentication.ReactiveAuthenticationManager