ServerBearerTokenAuthenticationConverter (spring-security-oauth2-resource-server 5.7.3 API)

java.lang.Object
- org.springframework.security.oauth2.server.resource.web.server.ServerBearerTokenAuthenticationConverter

All Implemented Interfaces:

org.springframework.security.web.server.authentication.ServerAuthenticationConverter
```
public class ServerBearerTokenAuthenticationConverter
extends java.lang.Object
implements org.springframework.security.web.server.authentication.ServerAuthenticationConverter
```
A strategy for resolving Bearer Tokens from the ServerWebExchange.

Since:

5.1

See Also:

RFC 6750 Section 2: Authenticated Requests

Constructor Summary

Constructors
Constructor Description

ServerBearerTokenAuthenticationConverter()

Method Summary

All Methods Instance Methods Concrete Methods
Modifier and Type	Method	Description
`reactor.core.publisher.Mono<org.springframework.security.core.Authentication>`	`convert(org.springframework.web.server.ServerWebExchange exchange)`
`void`	`setAllowUriQueryParameter(boolean allowUriQueryParameter)`	Set if transport of access token using URI query parameter is supported.
`void`	`setBearerTokenHeaderName(java.lang.String bearerTokenHeaderName)`	Set this value to configure what header is checked when resolving a Bearer Token.

Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

- Constructor Detail
  - ServerBearerTokenAuthenticationConverter
```
public ServerBearerTokenAuthenticationConverter()
```
- Method Detail
  - convert
```
public reactor.core.publisher.Mono<org.springframework.security.core.Authentication> convert(org.springframework.web.server.ServerWebExchange exchange)
```
    Specified by:
    
    convert in interface org.springframework.security.web.server.authentication.ServerAuthenticationConverter
  - setAllowUriQueryParameter
```
public void setAllowUriQueryParameter(boolean allowUriQueryParameter)
```
    Set if transport of access token using URI query parameter is supported. Defaults to false. The spec recommends against using this mechanism for sending bearer tokens, and even goes as far as stating that it was only included for completeness.
    
    Parameters:
    
    allowUriQueryParameter - if the URI query parameter is supported
  - setBearerTokenHeaderName
```
public void setBearerTokenHeaderName(java.lang.String bearerTokenHeaderName)
```
    Set this value to configure what header is checked when resolving a Bearer Token. This value is defaulted to HttpHeaders.AUTHORIZATION. This allows other headers to be used as the Bearer Token source such as HttpHeaders.PROXY_AUTHORIZATION
    
    Parameters:
    
    bearerTokenHeaderName - the header to check when retrieving the Bearer Token.
    
    Since:
    
    5.4