Class AuthorizedClientServiceOAuth2AuthorizedClientManager
- All Implemented Interfaces:
OAuth2AuthorizedClientManager
OAuth2AuthorizedClientManager
that is capable of
operating outside of the context of a HttpServletRequest
, e.g. in a
scheduled/background thread and/or in the service-tier.
(When operating within the context of a HttpServletRequest
, use
DefaultOAuth2AuthorizedClientManager
instead.)
Authorized Client Persistence
This manager utilizes an OAuth2AuthorizedClientService
to persist
OAuth2AuthorizedClient
s.
By default, when an authorization attempt succeeds, the OAuth2AuthorizedClient
will be saved in the OAuth2AuthorizedClientService
. This functionality can be
changed by configuring a custom OAuth2AuthorizationSuccessHandler
via
setAuthorizationSuccessHandler(OAuth2AuthorizationSuccessHandler)
.
By default, when an authorization attempt fails due to an
"invalid_grant" error, the previously saved
OAuth2AuthorizedClient
will be removed from the
OAuth2AuthorizedClientService
. (The "invalid_grant"
error can occur when a refresh token that is no longer valid is used to retrieve a new
access token.) This functionality can be changed by configuring a custom
OAuth2AuthorizationFailureHandler
via
setAuthorizationFailureHandler(OAuth2AuthorizationFailureHandler)
.
-
Nested Class Summary
Modifier and TypeClassDescriptionstatic class
The default implementation of thecontextAttributesMapper
. -
Constructor Summary
ConstructorDescriptionAuthorizedClientServiceOAuth2AuthorizedClientManager
(ClientRegistrationRepository clientRegistrationRepository, OAuth2AuthorizedClientService authorizedClientService) Constructs anAuthorizedClientServiceOAuth2AuthorizedClientManager
using the provided parameters. -
Method Summary
Modifier and TypeMethodDescriptionauthorize
(OAuth2AuthorizeRequest authorizeRequest) Attempt to authorize or re-authorize (if required) theclient
identified by the providedclientRegistrationId
.void
setAuthorizationFailureHandler
(OAuth2AuthorizationFailureHandler authorizationFailureHandler) Sets theOAuth2AuthorizationFailureHandler
that handles authorization failures.void
setAuthorizationSuccessHandler
(OAuth2AuthorizationSuccessHandler authorizationSuccessHandler) Sets theOAuth2AuthorizationSuccessHandler
that handles successful authorizations.void
setAuthorizedClientProvider
(OAuth2AuthorizedClientProvider authorizedClientProvider) Sets theOAuth2AuthorizedClientProvider
used for authorizing (or re-authorizing) an OAuth 2.0 Client.void
setContextAttributesMapper
(Function<OAuth2AuthorizeRequest, Map<String, Object>> contextAttributesMapper) Sets theFunction
used for mapping attribute(s) from theOAuth2AuthorizeRequest
to aMap
of attributes to be associated to theauthorization context
.
-
Constructor Details
-
AuthorizedClientServiceOAuth2AuthorizedClientManager
public AuthorizedClientServiceOAuth2AuthorizedClientManager(ClientRegistrationRepository clientRegistrationRepository, OAuth2AuthorizedClientService authorizedClientService) Constructs anAuthorizedClientServiceOAuth2AuthorizedClientManager
using the provided parameters.- Parameters:
clientRegistrationRepository
- the repository of client registrationsauthorizedClientService
- the authorized client service
-
-
Method Details
-
authorize
Description copied from interface:OAuth2AuthorizedClientManager
Attempt to authorize or re-authorize (if required) theclient
identified by the providedclientRegistrationId
. Implementations must returnnull
if authorization is not supported for the specified client, e.g. the associatedOAuth2AuthorizedClientProvider
(s) does not support theauthorization grant
type configured for the client.In the case of re-authorization, implementations must return the provided
authorized client
if re-authorization is not supported for the client OR is not required, e.g. arefresh token
is not available OR theaccess token
is not expired.- Specified by:
authorize
in interfaceOAuth2AuthorizedClientManager
- Parameters:
authorizeRequest
- the authorize request- Returns:
- the
OAuth2AuthorizedClient
ornull
if authorization is not supported for the specified client
-
setAuthorizedClientProvider
Sets theOAuth2AuthorizedClientProvider
used for authorizing (or re-authorizing) an OAuth 2.0 Client.- Parameters:
authorizedClientProvider
- theOAuth2AuthorizedClientProvider
used for authorizing (or re-authorizing) an OAuth 2.0 Client
-
setContextAttributesMapper
public void setContextAttributesMapper(Function<OAuth2AuthorizeRequest, Map<String, Object>> contextAttributesMapper) Sets theFunction
used for mapping attribute(s) from theOAuth2AuthorizeRequest
to aMap
of attributes to be associated to theauthorization context
.- Parameters:
contextAttributesMapper
- theFunction
used for supplying theMap
of attributes to theauthorization context
-
setAuthorizationSuccessHandler
public void setAuthorizationSuccessHandler(OAuth2AuthorizationSuccessHandler authorizationSuccessHandler) Sets theOAuth2AuthorizationSuccessHandler
that handles successful authorizations.The default saves
OAuth2AuthorizedClient
s in theOAuth2AuthorizedClientService
.- Parameters:
authorizationSuccessHandler
- theOAuth2AuthorizationSuccessHandler
that handles successful authorizations- Since:
- 5.3
-
setAuthorizationFailureHandler
public void setAuthorizationFailureHandler(OAuth2AuthorizationFailureHandler authorizationFailureHandler) Sets theOAuth2AuthorizationFailureHandler
that handles authorization failures.A
RemoveAuthorizedClientOAuth2AuthorizationFailureHandler
is used by default.- Parameters:
authorizationFailureHandler
- theOAuth2AuthorizationFailureHandler
that handles authorization failures- Since:
- 5.3
- See Also:
-