Package org.springframework.security.oauth2.client.oidc.userinfo

Class OidcUserService

java.lang.Object
org.springframework.security.oauth2.client.oidc.userinfo.OidcUserService
All Implemented Interfaces:
OAuth2UserService<OidcUserRequest,OidcUser>
public class OidcUserService extends Object implements OAuth2UserService<OidcUserRequest,OidcUser>
An implementation of an OAuth2UserService that supports OpenID Connect 1.0 Provider's.
Since:
5.0
See Also:

  • Constructor Details

    • OidcUserService

      public OidcUserService()

  • Method Details

    • createDefaultClaimTypeConverters

      public static Map<String,org.springframework.core.convert.converter.Converter<Object,?>> createDefaultClaimTypeConverters()
      Returns the default Converter's used for type conversion of claim values for an OidcUserInfo.
      Returns:
      a Map of Converter's keyed by claim name
      Since:
      5.2

    • loadUser

      public OidcUser loadUser(OidcUserRequest userRequest) throws OAuth2AuthenticationException
      Description copied from interface: OAuth2UserService
      Returns an OAuth2User after obtaining the user attributes of the End-User from the UserInfo Endpoint.
      Specified by:
      loadUser in interface OAuth2UserService<OidcUserRequest,OidcUser>
      Parameters:
      userRequest - the user request
      Returns:
      an OAuth2User
      Throws:
      OAuth2AuthenticationException - if an error occurs while attempting to obtain the user attributes from the UserInfo Endpoint

    • setOauth2UserService

      public final void setOauth2UserService(OAuth2UserService<OAuth2UserRequest,OAuth2User> oauth2UserService)
      Sets the OAuth2UserService used when requesting the user info resource.
      Parameters:
      oauth2UserService - the OAuth2UserService used when requesting the user info resource.
      Since:
      5.1

    • setClaimTypeConverterFactory

      public final void setClaimTypeConverterFactory(Function<ClientRegistration,org.springframework.core.convert.converter.Converter<Map<String,Object>,Map<String,Object>>> claimTypeConverterFactory)
      Sets the factory that provides a Converter used for type conversion of claim values for an OidcUserInfo. The default is ClaimTypeConverter for all clients.
      Parameters:
      claimTypeConverterFactory - the factory that provides a Converter used for type conversion of claim values for a specific client
      Since:
      5.2

    • setAccessibleScopes

      public final void setAccessibleScopes(Set<String> accessibleScopes)
      Sets the scope(s) that allow access to the user info resource. The default is profile, email, address and phone. The scope(s) are checked against the "granted" scope(s) associated to the access token to determine if the user info resource is accessible or not. If there is at least one match, the user info resource will be requested, otherwise it will not.
      Parameters:
      accessibleScopes - the scope(s) that allow access to the user info resource
      Since:
      5.2