Class DefaultReactiveOAuth2AuthorizedClientManager
- All Implemented Interfaces:
ReactiveOAuth2AuthorizedClientManager
ReactiveOAuth2AuthorizedClientManager
for use
within the context of a ServerWebExchange
.
(When operating outside of the context of a ServerWebExchange
, use
AuthorizedClientServiceReactiveOAuth2AuthorizedClientManager
instead.)
This is a reactive equivalent of DefaultOAuth2AuthorizedClientManager
.
Authorized Client Persistence
This client manager utilizes a ServerOAuth2AuthorizedClientRepository
to
persist OAuth2AuthorizedClient
s.
By default, when an authorization attempt succeeds, the OAuth2AuthorizedClient
will be saved in the authorized client repository. This functionality can be changed by
configuring a custom ReactiveOAuth2AuthorizationSuccessHandler
via
setAuthorizationSuccessHandler(ReactiveOAuth2AuthorizationSuccessHandler)
.
By default, when an authorization attempt fails due to an
"invalid_grant" error,
the previously saved OAuth2AuthorizedClient
will be removed from the authorized
client repository. (The
"invalid_grant" error
generally occurs when a refresh token that is no longer valid is used to retrieve a new
access token.) This functionality can be changed by configuring a custom
ReactiveOAuth2AuthorizationFailureHandler
via
setAuthorizationFailureHandler(ReactiveOAuth2AuthorizationFailureHandler)
.
-
Nested Class Summary
Modifier and TypeClassDescriptionstatic class
The default implementation of thecontextAttributesMapper
. -
Constructor Summary
ConstructorDescriptionDefaultReactiveOAuth2AuthorizedClientManager
(ReactiveClientRegistrationRepository clientRegistrationRepository, ServerOAuth2AuthorizedClientRepository authorizedClientRepository) Constructs aDefaultReactiveOAuth2AuthorizedClientManager
using the provided parameters. -
Method Summary
Modifier and TypeMethodDescriptionreactor.core.publisher.Mono<OAuth2AuthorizedClient>
authorize
(OAuth2AuthorizeRequest authorizeRequest) Attempt to authorize or re-authorize (if required) theclient
identified by the providedclientRegistrationId
.void
setAuthorizationFailureHandler
(ReactiveOAuth2AuthorizationFailureHandler authorizationFailureHandler) Sets the handler that handles authorization failures.void
setAuthorizationSuccessHandler
(ReactiveOAuth2AuthorizationSuccessHandler authorizationSuccessHandler) Sets the handler that handles successful authorizations.void
setAuthorizedClientProvider
(ReactiveOAuth2AuthorizedClientProvider authorizedClientProvider) Sets theReactiveOAuth2AuthorizedClientProvider
used for authorizing (or re-authorizing) an OAuth 2.0 Client.void
setContextAttributesMapper
(Function<OAuth2AuthorizeRequest, reactor.core.publisher.Mono<Map<String, Object>>> contextAttributesMapper) Sets theFunction
used for mapping attribute(s) from theOAuth2AuthorizeRequest
to aMap
of attributes to be associated to theauthorization context
.
-
Constructor Details
-
DefaultReactiveOAuth2AuthorizedClientManager
public DefaultReactiveOAuth2AuthorizedClientManager(ReactiveClientRegistrationRepository clientRegistrationRepository, ServerOAuth2AuthorizedClientRepository authorizedClientRepository) Constructs aDefaultReactiveOAuth2AuthorizedClientManager
using the provided parameters.- Parameters:
clientRegistrationRepository
- the repository of client registrationsauthorizedClientRepository
- the repository of authorized clients
-
-
Method Details
-
authorize
public reactor.core.publisher.Mono<OAuth2AuthorizedClient> authorize(OAuth2AuthorizeRequest authorizeRequest) Description copied from interface:ReactiveOAuth2AuthorizedClientManager
Attempt to authorize or re-authorize (if required) theclient
identified by the providedclientRegistrationId
. Implementations must return an emptyMono
if authorization is not supported for the specified client, e.g. the associatedReactiveOAuth2AuthorizedClientProvider
(s) does not support theauthorization grant
type configured for the client.In the case of re-authorization, implementations must return the provided
authorized client
if re-authorization is not supported for the client OR is not required, e.g. arefresh token
is not available OR theaccess token
is not expired.- Specified by:
authorize
in interfaceReactiveOAuth2AuthorizedClientManager
- Parameters:
authorizeRequest
- the authorize request- Returns:
- the
OAuth2AuthorizedClient
or an emptyMono
if authorization is not supported for the specified client
-
setAuthorizedClientProvider
public void setAuthorizedClientProvider(ReactiveOAuth2AuthorizedClientProvider authorizedClientProvider) Sets theReactiveOAuth2AuthorizedClientProvider
used for authorizing (or re-authorizing) an OAuth 2.0 Client.- Parameters:
authorizedClientProvider
- theReactiveOAuth2AuthorizedClientProvider
used for authorizing (or re-authorizing) an OAuth 2.0 Client
-
setContextAttributesMapper
public void setContextAttributesMapper(Function<OAuth2AuthorizeRequest, reactor.core.publisher.Mono<Map<String, Object>>> contextAttributesMapper) Sets theFunction
used for mapping attribute(s) from theOAuth2AuthorizeRequest
to aMap
of attributes to be associated to theauthorization context
.- Parameters:
contextAttributesMapper
- theFunction
used for supplying theMap
of attributes to theauthorization context
-
setAuthorizationSuccessHandler
public void setAuthorizationSuccessHandler(ReactiveOAuth2AuthorizationSuccessHandler authorizationSuccessHandler) Sets the handler that handles successful authorizations. The default savesOAuth2AuthorizedClient
s in theServerOAuth2AuthorizedClientRepository
.- Parameters:
authorizationSuccessHandler
- the handler that handles successful authorizations.- Since:
- 5.3
-
setAuthorizationFailureHandler
public void setAuthorizationFailureHandler(ReactiveOAuth2AuthorizationFailureHandler authorizationFailureHandler) Sets the handler that handles authorization failures.A
RemoveAuthorizedClientReactiveOAuth2AuthorizationFailureHandler
is used by default.- Parameters:
authorizationFailureHandler
- the handler that handles authorization failures.- Since:
- 5.3
- See Also:
-