Class AuthorizedClientServiceOAuth2AuthorizedClientManager

java.lang.Object
org.springframework.security.oauth2.client.AuthorizedClientServiceOAuth2AuthorizedClientManager
All Implemented Interfaces:
OAuth2AuthorizedClientManager

public final class AuthorizedClientServiceOAuth2AuthorizedClientManager extends Object implements OAuth2AuthorizedClientManager
An implementation of an OAuth2AuthorizedClientManager that is capable of operating outside of the context of a HttpServletRequest, e.g. in a scheduled/background thread and/or in the service-tier.

(When operating within the context of a HttpServletRequest, use DefaultOAuth2AuthorizedClientManager instead.)

Authorized Client Persistence

This manager utilizes an OAuth2AuthorizedClientService to persist OAuth2AuthorizedClients.

By default, when an authorization attempt succeeds, the OAuth2AuthorizedClient will be saved in the OAuth2AuthorizedClientService. This functionality can be changed by configuring a custom OAuth2AuthorizationSuccessHandler via setAuthorizationSuccessHandler(OAuth2AuthorizationSuccessHandler).

By default, when an authorization attempt fails due to an "invalid_grant" error, the previously saved OAuth2AuthorizedClient will be removed from the OAuth2AuthorizedClientService. (The "invalid_grant" error can occur when a refresh token that is no longer valid is used to retrieve a new access token.) This functionality can be changed by configuring a custom OAuth2AuthorizationFailureHandler via setAuthorizationFailureHandler(OAuth2AuthorizationFailureHandler).

Since:
5.2
See Also: