Class RemoveAuthorizedClientOAuth2AuthorizationFailureHandler
java.lang.Object
org.springframework.security.oauth2.client.RemoveAuthorizedClientOAuth2AuthorizationFailureHandler
- All Implemented Interfaces:
OAuth2AuthorizationFailureHandler
public class RemoveAuthorizedClientOAuth2AuthorizationFailureHandler
extends Object
implements OAuth2AuthorizationFailureHandler
An
OAuth2AuthorizationFailureHandler
that removes an
OAuth2AuthorizedClient
when the OAuth2Error.getErrorCode()
matches one
of the configured OAuth 2.0 error codes
.- Since:
- 5.3
- See Also:
-
Nested Class Summary
Modifier and TypeClassDescriptionstatic interface
Removes anOAuth2AuthorizedClient
from anOAuth2AuthorizedClientRepository
orOAuth2AuthorizedClientService
. -
Field Summary
Modifier and TypeFieldDescriptionThe default OAuth 2.0 error codes that will trigger removal of anOAuth2AuthorizedClient
. -
Constructor Summary
ConstructorDescriptionRemoveAuthorizedClientOAuth2AuthorizationFailureHandler
(RemoveAuthorizedClientOAuth2AuthorizationFailureHandler.OAuth2AuthorizedClientRemover authorizedClientRemover) Constructs aRemoveAuthorizedClientOAuth2AuthorizationFailureHandler
using the provided parameters.RemoveAuthorizedClientOAuth2AuthorizationFailureHandler
(RemoveAuthorizedClientOAuth2AuthorizationFailureHandler.OAuth2AuthorizedClientRemover authorizedClientRemover, Set<String> removeAuthorizedClientErrorCodes) Constructs aRemoveAuthorizedClientOAuth2AuthorizationFailureHandler
using the provided parameters. -
Method Summary
Modifier and TypeMethodDescriptionvoid
onAuthorizationFailure
(OAuth2AuthorizationException authorizationException, Authentication principal, Map<String, Object> attributes) Called when an OAuth 2.0 Client fails to authorize (or re-authorize) via the Authorization Server or Resource Server.
-
Field Details
-
DEFAULT_REMOVE_AUTHORIZED_CLIENT_ERROR_CODES
The default OAuth 2.0 error codes that will trigger removal of anOAuth2AuthorizedClient
.- See Also:
-
-
Constructor Details
-
RemoveAuthorizedClientOAuth2AuthorizationFailureHandler
public RemoveAuthorizedClientOAuth2AuthorizationFailureHandler(RemoveAuthorizedClientOAuth2AuthorizationFailureHandler.OAuth2AuthorizedClientRemover authorizedClientRemover) Constructs aRemoveAuthorizedClientOAuth2AuthorizationFailureHandler
using the provided parameters.- Parameters:
authorizedClientRemover
- theRemoveAuthorizedClientOAuth2AuthorizationFailureHandler.OAuth2AuthorizedClientRemover
used for removing anOAuth2AuthorizedClient
if the error code is one of theDEFAULT_REMOVE_AUTHORIZED_CLIENT_ERROR_CODES
.
-
RemoveAuthorizedClientOAuth2AuthorizationFailureHandler
public RemoveAuthorizedClientOAuth2AuthorizationFailureHandler(RemoveAuthorizedClientOAuth2AuthorizationFailureHandler.OAuth2AuthorizedClientRemover authorizedClientRemover, Set<String> removeAuthorizedClientErrorCodes) Constructs aRemoveAuthorizedClientOAuth2AuthorizationFailureHandler
using the provided parameters.- Parameters:
authorizedClientRemover
- theRemoveAuthorizedClientOAuth2AuthorizationFailureHandler.OAuth2AuthorizedClientRemover
used for removing anOAuth2AuthorizedClient
if the error code is one of theremoveAuthorizedClientErrorCodes
.removeAuthorizedClientErrorCodes
- the OAuth 2.0 error codes which will trigger removal of an authorized client.- See Also:
-
-
Method Details
-
onAuthorizationFailure
public void onAuthorizationFailure(OAuth2AuthorizationException authorizationException, Authentication principal, Map<String, Object> attributes) Description copied from interface:OAuth2AuthorizationFailureHandler
Called when an OAuth 2.0 Client fails to authorize (or re-authorize) via the Authorization Server or Resource Server.- Specified by:
onAuthorizationFailure
in interfaceOAuth2AuthorizationFailureHandler
- Parameters:
authorizationException
- the exception that contains details about what failedprincipal
- thePrincipal
associated with the attempted authorizationattributes
- an immutableMap
of (optional) attributes present under certain conditions. For example, this might contain ajakarta.servlet.http.HttpServletRequest
andjakarta.servlet.http.HttpServletResponse
if the authorization was performed within the context of ajakarta.servlet.ServletContext
.
-