Class DefaultOAuth2AuthorizedClientManager
- All Implemented Interfaces:
OAuth2AuthorizedClientManager
OAuth2AuthorizedClientManager
for use within
the context of a HttpServletRequest
.
(When operating outside of the context of a HttpServletRequest
, use
AuthorizedClientServiceOAuth2AuthorizedClientManager
instead.)
Authorized Client Persistence
This manager utilizes an OAuth2AuthorizedClientRepository
to persist
OAuth2AuthorizedClient
s.
By default, when an authorization attempt succeeds, the OAuth2AuthorizedClient
will be saved in the OAuth2AuthorizedClientRepository
. This functionality can
be changed by configuring a custom OAuth2AuthorizationSuccessHandler
via
setAuthorizationSuccessHandler(OAuth2AuthorizationSuccessHandler)
.
By default, when an authorization attempt fails due to an
"invalid_grant" error, the previously saved
OAuth2AuthorizedClient
will be removed from the
OAuth2AuthorizedClientRepository
. (The "invalid_grant"
error can occur when a refresh token that is no longer valid is used to retrieve a new
access token.) This functionality can be changed by configuring a custom
OAuth2AuthorizationFailureHandler
via
setAuthorizationFailureHandler(OAuth2AuthorizationFailureHandler)
.
-
Nested Class Summary
Modifier and TypeClassDescriptionstatic class
The default implementation of thecontextAttributesMapper
. -
Constructor Summary
ConstructorDescriptionDefaultOAuth2AuthorizedClientManager
(ClientRegistrationRepository clientRegistrationRepository, OAuth2AuthorizedClientRepository authorizedClientRepository) Constructs aDefaultOAuth2AuthorizedClientManager
using the provided parameters. -
Method Summary
Modifier and TypeMethodDescriptionauthorize
(OAuth2AuthorizeRequest authorizeRequest) Attempt to authorize or re-authorize (if required) theclient
identified by the providedclientRegistrationId
.void
setAuthorizationFailureHandler
(OAuth2AuthorizationFailureHandler authorizationFailureHandler) Sets theOAuth2AuthorizationFailureHandler
that handles authorization failures.void
setAuthorizationSuccessHandler
(OAuth2AuthorizationSuccessHandler authorizationSuccessHandler) Sets theOAuth2AuthorizationSuccessHandler
that handles successful authorizations.void
setAuthorizedClientProvider
(OAuth2AuthorizedClientProvider authorizedClientProvider) Sets theOAuth2AuthorizedClientProvider
used for authorizing (or re-authorizing) an OAuth 2.0 Client.void
setContextAttributesMapper
(Function<OAuth2AuthorizeRequest, Map<String, Object>> contextAttributesMapper) Sets theFunction
used for mapping attribute(s) from theOAuth2AuthorizeRequest
to aMap
of attributes to be associated to theauthorization context
.
-
Constructor Details
-
DefaultOAuth2AuthorizedClientManager
public DefaultOAuth2AuthorizedClientManager(ClientRegistrationRepository clientRegistrationRepository, OAuth2AuthorizedClientRepository authorizedClientRepository) Constructs aDefaultOAuth2AuthorizedClientManager
using the provided parameters.- Parameters:
clientRegistrationRepository
- the repository of client registrationsauthorizedClientRepository
- the repository of authorized clients
-
-
Method Details
-
authorize
Description copied from interface:OAuth2AuthorizedClientManager
Attempt to authorize or re-authorize (if required) theclient
identified by the providedclientRegistrationId
. Implementations must returnnull
if authorization is not supported for the specified client, e.g. the associatedOAuth2AuthorizedClientProvider
(s) does not support theauthorization grant
type configured for the client.In the case of re-authorization, implementations must return the provided
authorized client
if re-authorization is not supported for the client OR is not required, e.g. arefresh token
is not available OR theaccess token
is not expired.- Specified by:
authorize
in interfaceOAuth2AuthorizedClientManager
- Parameters:
authorizeRequest
- the authorize request- Returns:
- the
OAuth2AuthorizedClient
ornull
if authorization is not supported for the specified client
-
setAuthorizedClientProvider
Sets theOAuth2AuthorizedClientProvider
used for authorizing (or re-authorizing) an OAuth 2.0 Client.- Parameters:
authorizedClientProvider
- theOAuth2AuthorizedClientProvider
used for authorizing (or re-authorizing) an OAuth 2.0 Client
-
setContextAttributesMapper
public void setContextAttributesMapper(Function<OAuth2AuthorizeRequest, Map<String, Object>> contextAttributesMapper) Sets theFunction
used for mapping attribute(s) from theOAuth2AuthorizeRequest
to aMap
of attributes to be associated to theauthorization context
.- Parameters:
contextAttributesMapper
- theFunction
used for supplying theMap
of attributes to theauthorization context
-
setAuthorizationSuccessHandler
public void setAuthorizationSuccessHandler(OAuth2AuthorizationSuccessHandler authorizationSuccessHandler) Sets theOAuth2AuthorizationSuccessHandler
that handles successful authorizations.The default saves
OAuth2AuthorizedClient
s in theOAuth2AuthorizedClientRepository
.- Parameters:
authorizationSuccessHandler
- theOAuth2AuthorizationSuccessHandler
that handles successful authorizations- Since:
- 5.3
-
setAuthorizationFailureHandler
public void setAuthorizationFailureHandler(OAuth2AuthorizationFailureHandler authorizationFailureHandler) Sets theOAuth2AuthorizationFailureHandler
that handles authorization failures.A
RemoveAuthorizedClientOAuth2AuthorizationFailureHandler
is used by default.- Parameters:
authorizationFailureHandler
- theOAuth2AuthorizationFailureHandler
that handles authorization failures- Since:
- 5.3
- See Also:
-