Class OidcAuthorizationCodeReactiveAuthenticationManager
java.lang.Object
org.springframework.security.oauth2.client.oidc.authentication.OidcAuthorizationCodeReactiveAuthenticationManager
- All Implemented Interfaces:
org.springframework.security.authentication.ReactiveAuthenticationManager
public class OidcAuthorizationCodeReactiveAuthenticationManager
extends Object
implements org.springframework.security.authentication.ReactiveAuthenticationManager
An implementation of an
AuthenticationProvider for OAuth
2.0 Login, which leverages the OAuth 2.0 Authorization Code Grant Flow.
This AuthenticationProvider is
responsible for authenticating an Authorization Code credential with the Authorization
Server's Token Endpoint and if valid, exchanging it for an Access Token credential.
It will also obtain the user attributes of the End-User (Resource Owner) from the
UserInfo Endpoint using an
OAuth2UserService, which
will create a Principal in the form of an OAuth2User. The
OAuth2User is then associated to the OAuth2LoginAuthenticationToken to
complete the authentication.
-
Constructor Summary
ConstructorsConstructorDescriptionOidcAuthorizationCodeReactiveAuthenticationManager(ReactiveOAuth2AccessTokenResponseClient<OAuth2AuthorizationCodeGrantRequest> accessTokenResponseClient, ReactiveOAuth2UserService<OidcUserRequest, org.springframework.security.oauth2.core.oidc.user.OidcUser> userService) -
Method Summary
Modifier and TypeMethodDescriptionreactor.core.publisher.Mono<org.springframework.security.core.Authentication>authenticate(org.springframework.security.core.Authentication authentication) final voidsetAuthoritiesMapper(org.springframework.security.core.authority.mapping.GrantedAuthoritiesMapper authoritiesMapper) Sets theGrantedAuthoritiesMapperused for mappingOAuth2AuthenticatedPrincipal.getAuthorities()to a new set of authorities which will be associated to theOAuth2LoginAuthenticationToken.final voidsetJwtDecoderFactory(org.springframework.security.oauth2.jwt.ReactiveJwtDecoderFactory<ClientRegistration> jwtDecoderFactory) Sets theReactiveJwtDecoderFactoryused forOidcIdTokensignature verification.
-
Constructor Details
-
OidcAuthorizationCodeReactiveAuthenticationManager
public OidcAuthorizationCodeReactiveAuthenticationManager(ReactiveOAuth2AccessTokenResponseClient<OAuth2AuthorizationCodeGrantRequest> accessTokenResponseClient, ReactiveOAuth2UserService<OidcUserRequest, org.springframework.security.oauth2.core.oidc.user.OidcUser> userService)
-
-
Method Details
-
authenticate
public reactor.core.publisher.Mono<org.springframework.security.core.Authentication> authenticate(org.springframework.security.core.Authentication authentication) - Specified by:
authenticatein interfaceorg.springframework.security.authentication.ReactiveAuthenticationManager
-
setJwtDecoderFactory
public final void setJwtDecoderFactory(org.springframework.security.oauth2.jwt.ReactiveJwtDecoderFactory<ClientRegistration> jwtDecoderFactory) Sets theReactiveJwtDecoderFactoryused forOidcIdTokensignature verification. The factory returns aReactiveJwtDecoderassociated to the providedClientRegistration.- Parameters:
jwtDecoderFactory- theReactiveJwtDecoderFactoryused forOidcIdTokensignature verification- Since:
- 5.2
-
setAuthoritiesMapper
public final void setAuthoritiesMapper(org.springframework.security.core.authority.mapping.GrantedAuthoritiesMapper authoritiesMapper) Sets theGrantedAuthoritiesMapperused for mappingOAuth2AuthenticatedPrincipal.getAuthorities()to a new set of authorities which will be associated to theOAuth2LoginAuthenticationToken.- Parameters:
authoritiesMapper- theGrantedAuthoritiesMapperused for mapping the user's authorities- Since:
- 5.4
-