Package org.springframework.security.config.annotation.web.configurers.oauth2.client

Class OidcLogoutConfigurer<B extends HttpSecurityBuilder<B>>

java.lang.Object

org.springframework.security.config.annotation.SecurityConfigurerAdapter<org.springframework.security.web.DefaultSecurityFilterChain,B>

org.springframework.security.config.annotation.web.configurers.AbstractHttpConfigurer<OidcLogoutConfigurer<B>,B>

org.springframework.security.config.annotation.web.configurers.oauth2.client.OidcLogoutConfigurer<B>

All Implemented Interfaces:

SecurityConfigurer<org.springframework.security.web.DefaultSecurityFilterChain,B>

public final class OidcLogoutConfigurer<B extends HttpSecurityBuilder<B>>
extends AbstractHttpConfigurer<OidcLogoutConfigurer<B>,B>

An AbstractHttpConfigurer for OIDC Logout flows

OIDC Logout provides an application with the capability to have users log out by using their existing account at an OAuth 2.0 or OpenID Connect 1.0 Provider.

Security Filters

The following Filter is populated:

• OidcBackChannelLogoutFilter

Shared Objects Used

The following shared objects are used:

• ClientRegistrationRepository

Since:

6.2

See Also:

• HttpSecurity.oidcLogout()
• OidcBackChannelLogoutFilter
• ClientRegistrationRepository

Nested Class Summary

Nested Classes

Modifier and Type	Class	Description
final class	OidcLogoutConfigurer.BackChannelLogoutConfigurer	A configurer for configuring OIDC Back-Channel Logout

Constructor Summary

Constructors

Constructor	Description
OidcLogoutConfigurer()

Method Summary

Modifier and Type	Method	Description
B	and()	Deprecated, for removal: This API element is subject to removal in a future version.
OidcLogoutConfigurer<B>	backChannel(Customizer<OidcLogoutConfigurer<B>.BackChannelLogoutConfigurer> backChannelLogoutConfigurer)	Configure OIDC Back-Channel Logout using the provided Consumer
OidcLogoutConfigurer<B>	clientRegistrationRepository(org.springframework.security.oauth2.client.registration.ClientRegistrationRepository clientRegistrationRepository)	Sets the repository of client registrations.
void	configure(B builder)	Configure the SecurityBuilder by setting the necessary properties on the SecurityBuilder.
OidcLogoutConfigurer<B>	oidcSessionRegistry(org.springframework.security.oauth2.client.oidc.session.OidcSessionRegistry oidcSessionRegistry)	Sets the registry for managing the OIDC client-provider session link

Methods inherited from class org.springframework.security.config.annotation.web.configurers.AbstractHttpConfigurer

disable, getSecurityContextHolderStrategy, withObjectPostProcessor, withObjectPostProcessor

Methods inherited from class org.springframework.security.config.annotation.SecurityConfigurerAdapter

addObjectPostProcessor, addObjectPostProcessor, getBuilder, init, postProcess, setBuilder

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Constructor Details

OidcLogoutConfigurer

public OidcLogoutConfigurer()

Method Details

clientRegistrationRepository

public OidcLogoutConfigurer<B> clientRegistrationRepository(org.springframework.security.oauth2.client.registration.ClientRegistrationRepository clientRegistrationRepository)

Sets the repository of client registrations.

Parameters:

clientRegistrationRepository - the repository of client registrations

Returns:

the OAuth2LoginConfigurer for further configuration

oidcSessionRegistry

public OidcLogoutConfigurer<B> oidcSessionRegistry(org.springframework.security.oauth2.client.oidc.session.OidcSessionRegistry oidcSessionRegistry)

Sets the registry for managing the OIDC client-provider session link

Parameters:

oidcSessionRegistry - the OidcSessionRegistry to use

Returns:

the OAuth2LoginConfigurer for further configuration

backChannel

public OidcLogoutConfigurer<B> backChannel(Customizer<OidcLogoutConfigurer<B>.BackChannelLogoutConfigurer> backChannelLogoutConfigurer)

Configure OIDC Back-Channel Logout using the provided Consumer

Returns:

the OidcLogoutConfigurer for further configuration

and

@Deprecated(forRemoval=true,
            since="6.2")
public B and()

Deprecated, for removal: This API element is subject to removal in a future version.

Description copied from class: SecurityConfigurerAdapter

Return the SecurityBuilder when done using the SecurityConfigurer. This is useful for method chaining.

Overrides:

and in class SecurityConfigurerAdapter<org.springframework.security.web.DefaultSecurityFilterChain,B extends HttpSecurityBuilder<B>>

Returns:

the SecurityBuilder for further customizations

configure

public void configure(B builder)
               throws Exception

Description copied from interface: SecurityConfigurer

Configure the SecurityBuilder by setting the necessary properties on the SecurityBuilder.

Specified by:

configure in interface SecurityConfigurer<org.springframework.security.web.DefaultSecurityFilterChain,B extends HttpSecurityBuilder<B>>

Overrides:

configure in class SecurityConfigurerAdapter<org.springframework.security.web.DefaultSecurityFilterChain,B extends HttpSecurityBuilder<B>>

Throws:

Exception