Class OAuth2AuthorizationServerConfigurer
java.lang.Object
org.springframework.security.config.annotation.SecurityConfigurerAdapter<org.springframework.security.web.DefaultSecurityFilterChain,B>
org.springframework.security.config.annotation.web.configurers.AbstractHttpConfigurer<OAuth2AuthorizationServerConfigurer,org.springframework.security.config.annotation.web.builders.HttpSecurity>
org.springframework.security.oauth2.server.authorization.config.annotation.web.configurers.OAuth2AuthorizationServerConfigurer
- All Implemented Interfaces:
org.springframework.security.config.annotation.SecurityConfigurer<org.springframework.security.web.DefaultSecurityFilterChain,
org.springframework.security.config.annotation.web.builders.HttpSecurity>
public final class OAuth2AuthorizationServerConfigurer
extends org.springframework.security.config.annotation.web.configurers.AbstractHttpConfigurer<OAuth2AuthorizationServerConfigurer,org.springframework.security.config.annotation.web.builders.HttpSecurity>
An
AbstractHttpConfigurer
for OAuth 2.0 Authorization Server support.- Since:
- 0.0.1
- See Also:
-
AbstractHttpConfigurer
OAuth2ClientAuthenticationConfigurer
OAuth2AuthorizationServerMetadataEndpointConfigurer
OAuth2AuthorizationEndpointConfigurer
OAuth2TokenEndpointConfigurer
OAuth2TokenIntrospectionEndpointConfigurer
OAuth2TokenRevocationEndpointConfigurer
OidcConfigurer
RegisteredClientRepository
OAuth2AuthorizationService
OAuth2AuthorizationConsentService
NimbusJwkSetEndpointFilter
-
Constructor Summary
-
Method Summary
Modifier and TypeMethodDescriptionauthorizationConsentService
(OAuth2AuthorizationConsentService authorizationConsentService) Sets the authorization consent service.authorizationEndpoint
(org.springframework.security.config.Customizer<OAuth2AuthorizationEndpointConfigurer> authorizationEndpointCustomizer) Configures the OAuth 2.0 Authorization Endpoint.authorizationServerMetadataEndpoint
(org.springframework.security.config.Customizer<OAuth2AuthorizationServerMetadataEndpointConfigurer> authorizationServerMetadataEndpointCustomizer) Configures the OAuth 2.0 Authorization Server Metadata Endpoint.authorizationServerSettings
(AuthorizationServerSettings authorizationServerSettings) Sets the authorization server settings.authorizationService
(OAuth2AuthorizationService authorizationService) Sets the authorization service.clientAuthentication
(org.springframework.security.config.Customizer<OAuth2ClientAuthenticationConfigurer> clientAuthenticationCustomizer) Configures OAuth 2.0 Client Authentication.void
configure
(org.springframework.security.config.annotation.web.builders.HttpSecurity httpSecurity) org.springframework.security.web.util.matcher.RequestMatcher
Returns aRequestMatcher
for the authorization server endpoints.void
init
(org.springframework.security.config.annotation.web.builders.HttpSecurity httpSecurity) oidc
(org.springframework.security.config.Customizer<OidcConfigurer> oidcCustomizer) Configures OpenID Connect 1.0 support (disabled by default).registeredClientRepository
(RegisteredClientRepository registeredClientRepository) Sets the repository of registered clients.tokenEndpoint
(org.springframework.security.config.Customizer<OAuth2TokenEndpointConfigurer> tokenEndpointCustomizer) Configures the OAuth 2.0 Token Endpoint.tokenGenerator
(OAuth2TokenGenerator<? extends org.springframework.security.oauth2.core.OAuth2Token> tokenGenerator) Sets the token generator.tokenIntrospectionEndpoint
(org.springframework.security.config.Customizer<OAuth2TokenIntrospectionEndpointConfigurer> tokenIntrospectionEndpointCustomizer) Configures the OAuth 2.0 Token Introspection Endpoint.tokenRevocationEndpoint
(org.springframework.security.config.Customizer<OAuth2TokenRevocationEndpointConfigurer> tokenRevocationEndpointCustomizer) Configures the OAuth 2.0 Token Revocation Endpoint.Methods inherited from class org.springframework.security.config.annotation.web.configurers.AbstractHttpConfigurer
disable, getSecurityContextHolderStrategy, withObjectPostProcessor
Methods inherited from class org.springframework.security.config.annotation.SecurityConfigurerAdapter
addObjectPostProcessor, and, getBuilder, postProcess, setBuilder
-
Constructor Details
-
OAuth2AuthorizationServerConfigurer
public OAuth2AuthorizationServerConfigurer()
-
-
Method Details
-
registeredClientRepository
public OAuth2AuthorizationServerConfigurer registeredClientRepository(RegisteredClientRepository registeredClientRepository) Sets the repository of registered clients.- Parameters:
registeredClientRepository
- the repository of registered clients- Returns:
- the
OAuth2AuthorizationServerConfigurer
for further configuration
-
authorizationService
public OAuth2AuthorizationServerConfigurer authorizationService(OAuth2AuthorizationService authorizationService) Sets the authorization service.- Parameters:
authorizationService
- the authorization service- Returns:
- the
OAuth2AuthorizationServerConfigurer
for further configuration
-
authorizationConsentService
public OAuth2AuthorizationServerConfigurer authorizationConsentService(OAuth2AuthorizationConsentService authorizationConsentService) Sets the authorization consent service.- Parameters:
authorizationConsentService
- the authorization consent service- Returns:
- the
OAuth2AuthorizationServerConfigurer
for further configuration
-
authorizationServerSettings
public OAuth2AuthorizationServerConfigurer authorizationServerSettings(AuthorizationServerSettings authorizationServerSettings) Sets the authorization server settings.- Parameters:
authorizationServerSettings
- the authorization server settings- Returns:
- the
OAuth2AuthorizationServerConfigurer
for further configuration
-
tokenGenerator
public OAuth2AuthorizationServerConfigurer tokenGenerator(OAuth2TokenGenerator<? extends org.springframework.security.oauth2.core.OAuth2Token> tokenGenerator) Sets the token generator.- Parameters:
tokenGenerator
- the token generator- Returns:
- the
OAuth2AuthorizationServerConfigurer
for further configuration - Since:
- 0.2.3
-
clientAuthentication
public OAuth2AuthorizationServerConfigurer clientAuthentication(org.springframework.security.config.Customizer<OAuth2ClientAuthenticationConfigurer> clientAuthenticationCustomizer) Configures OAuth 2.0 Client Authentication.- Parameters:
clientAuthenticationCustomizer
- theCustomizer
providing access to theOAuth2ClientAuthenticationConfigurer
- Returns:
- the
OAuth2AuthorizationServerConfigurer
for further configuration
-
authorizationServerMetadataEndpoint
public OAuth2AuthorizationServerConfigurer authorizationServerMetadataEndpoint(org.springframework.security.config.Customizer<OAuth2AuthorizationServerMetadataEndpointConfigurer> authorizationServerMetadataEndpointCustomizer) Configures the OAuth 2.0 Authorization Server Metadata Endpoint.- Parameters:
authorizationServerMetadataEndpointCustomizer
- theCustomizer
providing access to theOAuth2AuthorizationServerMetadataEndpointConfigurer
- Returns:
- the
OAuth2AuthorizationServerConfigurer
for further configuration - Since:
- 0.4.0
-
authorizationEndpoint
public OAuth2AuthorizationServerConfigurer authorizationEndpoint(org.springframework.security.config.Customizer<OAuth2AuthorizationEndpointConfigurer> authorizationEndpointCustomizer) Configures the OAuth 2.0 Authorization Endpoint.- Parameters:
authorizationEndpointCustomizer
- theCustomizer
providing access to theOAuth2AuthorizationEndpointConfigurer
- Returns:
- the
OAuth2AuthorizationServerConfigurer
for further configuration
-
tokenEndpoint
public OAuth2AuthorizationServerConfigurer tokenEndpoint(org.springframework.security.config.Customizer<OAuth2TokenEndpointConfigurer> tokenEndpointCustomizer) Configures the OAuth 2.0 Token Endpoint.- Parameters:
tokenEndpointCustomizer
- theCustomizer
providing access to theOAuth2TokenEndpointConfigurer
- Returns:
- the
OAuth2AuthorizationServerConfigurer
for further configuration
-
tokenIntrospectionEndpoint
public OAuth2AuthorizationServerConfigurer tokenIntrospectionEndpoint(org.springframework.security.config.Customizer<OAuth2TokenIntrospectionEndpointConfigurer> tokenIntrospectionEndpointCustomizer) Configures the OAuth 2.0 Token Introspection Endpoint.- Parameters:
tokenIntrospectionEndpointCustomizer
- theCustomizer
providing access to theOAuth2TokenIntrospectionEndpointConfigurer
- Returns:
- the
OAuth2AuthorizationServerConfigurer
for further configuration - Since:
- 0.2.3
-
tokenRevocationEndpoint
public OAuth2AuthorizationServerConfigurer tokenRevocationEndpoint(org.springframework.security.config.Customizer<OAuth2TokenRevocationEndpointConfigurer> tokenRevocationEndpointCustomizer) Configures the OAuth 2.0 Token Revocation Endpoint.- Parameters:
tokenRevocationEndpointCustomizer
- theCustomizer
providing access to theOAuth2TokenRevocationEndpointConfigurer
- Returns:
- the
OAuth2AuthorizationServerConfigurer
for further configuration - Since:
- 0.2.2
-
oidc
public OAuth2AuthorizationServerConfigurer oidc(org.springframework.security.config.Customizer<OidcConfigurer> oidcCustomizer) Configures OpenID Connect 1.0 support (disabled by default).- Parameters:
oidcCustomizer
- theCustomizer
providing access to theOidcConfigurer
- Returns:
- the
OAuth2AuthorizationServerConfigurer
for further configuration
-
getEndpointsMatcher
public org.springframework.security.web.util.matcher.RequestMatcher getEndpointsMatcher()Returns aRequestMatcher
for the authorization server endpoints.- Returns:
- a
RequestMatcher
for the authorization server endpoints
-
init
public void init(org.springframework.security.config.annotation.web.builders.HttpSecurity httpSecurity) - Specified by:
init
in interfaceorg.springframework.security.config.annotation.SecurityConfigurer<org.springframework.security.web.DefaultSecurityFilterChain,
org.springframework.security.config.annotation.web.builders.HttpSecurity> - Overrides:
init
in classorg.springframework.security.config.annotation.SecurityConfigurerAdapter<org.springframework.security.web.DefaultSecurityFilterChain,
org.springframework.security.config.annotation.web.builders.HttpSecurity>
-
configure
public void configure(org.springframework.security.config.annotation.web.builders.HttpSecurity httpSecurity) - Specified by:
configure
in interfaceorg.springframework.security.config.annotation.SecurityConfigurer<org.springframework.security.web.DefaultSecurityFilterChain,
org.springframework.security.config.annotation.web.builders.HttpSecurity> - Overrides:
configure
in classorg.springframework.security.config.annotation.SecurityConfigurerAdapter<org.springframework.security.web.DefaultSecurityFilterChain,
org.springframework.security.config.annotation.web.builders.HttpSecurity>
-