Package org.springframework.security.oauth2.client

Class AuthorizedClientServiceReactiveOAuth2AuthorizedClientManager

java.lang.Object

org.springframework.security.oauth2.client.AuthorizedClientServiceReactiveOAuth2AuthorizedClientManager

All Implemented Interfaces:

ReactiveOAuth2AuthorizedClientManager

public final class AuthorizedClientServiceReactiveOAuth2AuthorizedClientManager
extends Object
implements ReactiveOAuth2AuthorizedClientManager

An implementation of a ReactiveOAuth2AuthorizedClientManager that is capable of operating outside of the context of a ServerWebExchange, e.g. in a scheduled/background thread and/or in the service-tier.

(When operating within the context of a ServerWebExchange, use DefaultReactiveOAuth2AuthorizedClientManager instead.)

This is a reactive equivalent of AuthorizedClientServiceOAuth2AuthorizedClientManager.

Authorized Client Persistence

This client manager utilizes a ReactiveOAuth2AuthorizedClientService to persist OAuth2AuthorizedClients.

By default, when an authorization attempt succeeds, the OAuth2AuthorizedClient will be saved in the authorized client service. This functionality can be changed by configuring a custom ReactiveOAuth2AuthorizationSuccessHandler via setAuthorizationSuccessHandler(ReactiveOAuth2AuthorizationSuccessHandler).

By default, when an authorization attempt fails due to an "invalid_grant" error, the previously saved OAuth2AuthorizedClient will be removed from the authorized client service. (The "invalid_grant" error generally occurs when a refresh token that is no longer valid is used to retrieve a new access token.) This functionality can be changed by configuring a custom ReactiveOAuth2AuthorizationFailureHandler via setAuthorizationFailureHandler(ReactiveOAuth2AuthorizationFailureHandler).

Since:

5.2.2

See Also:

• ReactiveOAuth2AuthorizedClientManager
• ReactiveOAuth2AuthorizedClientProvider
• ReactiveOAuth2AuthorizedClientService
• ReactiveOAuth2AuthorizationSuccessHandler
• ReactiveOAuth2AuthorizationFailureHandler

Nested Class Summary

Nested Classes

Modifier and Type	Class	Description
static class	AuthorizedClientServiceReactiveOAuth2AuthorizedClientManager.DefaultContextAttributesMapper	The default implementation of the contextAttributesMapper.

Constructor Summary

Constructors

Constructor	Description
AuthorizedClientServiceReactiveOAuth2AuthorizedClientManager(ReactiveClientRegistrationRepository clientRegistrationRepository, ReactiveOAuth2AuthorizedClientService authorizedClientService)	Constructs an AuthorizedClientServiceReactiveOAuth2AuthorizedClientManager using the provided parameters.

Method Summary

Modifier and Type	Method	Description
reactor.core.publisher.Mono<OAuth2AuthorizedClient>	authorize(OAuth2AuthorizeRequest authorizeRequest)	Attempt to authorize or re-authorize (if required) the client identified by the provided clientRegistrationId.
void	setAuthorizationFailureHandler(ReactiveOAuth2AuthorizationFailureHandler authorizationFailureHandler)	Sets the handler that handles authorization failures.
void	setAuthorizationSuccessHandler(ReactiveOAuth2AuthorizationSuccessHandler authorizationSuccessHandler)	Sets the handler that handles successful authorizations.
void	setAuthorizedClientProvider(ReactiveOAuth2AuthorizedClientProvider authorizedClientProvider)	Sets the ReactiveOAuth2AuthorizedClientProvider used for authorizing (or re-authorizing) an OAuth 2.0 Client.
void	setContextAttributesMapper(Function<OAuth2AuthorizeRequest,reactor.core.publisher.Mono<Map<String,Object>>> contextAttributesMapper)	Sets the Function used for mapping attribute(s) from the OAuth2AuthorizeRequest to a Map of attributes to be associated to the authorization context.

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Constructor Details

AuthorizedClientServiceReactiveOAuth2AuthorizedClientManager

public AuthorizedClientServiceReactiveOAuth2AuthorizedClientManager(ReactiveClientRegistrationRepository clientRegistrationRepository,
 ReactiveOAuth2AuthorizedClientService authorizedClientService)

Constructs an AuthorizedClientServiceReactiveOAuth2AuthorizedClientManager using the provided parameters.

Parameters:

clientRegistrationRepository - the repository of client registrations

authorizedClientService - the authorized client service

Method Details

authorize

public reactor.core.publisher.Mono<OAuth2AuthorizedClient> authorize(OAuth2AuthorizeRequest authorizeRequest)

Description copied from interface: ReactiveOAuth2AuthorizedClientManager

Attempt to authorize or re-authorize (if required) the client identified by the provided clientRegistrationId. Implementations must return an empty Mono if authorization is not supported for the specified client, e.g. the associated ReactiveOAuth2AuthorizedClientProvider(s) does not support the authorization grant type configured for the client.

In the case of re-authorization, implementations must return the provided authorized client if re-authorization is not supported for the client OR is not required, e.g. a refresh token is not available OR the access token is not expired.

Specified by:

authorize in interface ReactiveOAuth2AuthorizedClientManager

Parameters:

authorizeRequest - the authorize request

Returns:

the OAuth2AuthorizedClient or an empty Mono if authorization is not supported for the specified client

setAuthorizedClientProvider

public void setAuthorizedClientProvider(ReactiveOAuth2AuthorizedClientProvider authorizedClientProvider)

Sets the ReactiveOAuth2AuthorizedClientProvider used for authorizing (or re-authorizing) an OAuth 2.0 Client.

Parameters:

authorizedClientProvider - the ReactiveOAuth2AuthorizedClientProvider used for authorizing (or re-authorizing) an OAuth 2.0 Client

setContextAttributesMapper

public void setContextAttributesMapper(Function<OAuth2AuthorizeRequest,reactor.core.publisher.Mono<Map<String,Object>>> contextAttributesMapper)

Sets the Function used for mapping attribute(s) from the OAuth2AuthorizeRequest to a Map of attributes to be associated to the authorization context.

Parameters:

contextAttributesMapper - the Function used for supplying the Map of attributes to the authorization context

setAuthorizationSuccessHandler

public void setAuthorizationSuccessHandler(ReactiveOAuth2AuthorizationSuccessHandler authorizationSuccessHandler)

Sets the handler that handles successful authorizations. The default saves OAuth2AuthorizedClients in the ReactiveOAuth2AuthorizedClientService.

Parameters:

authorizationSuccessHandler - the handler that handles successful authorizations.

Since:

5.3

setAuthorizationFailureHandler

public void setAuthorizationFailureHandler(ReactiveOAuth2AuthorizationFailureHandler authorizationFailureHandler)

Sets the handler that handles authorization failures.

A RemoveAuthorizedClientReactiveOAuth2AuthorizationFailureHandler is used by default.

Parameters:

authorizationFailureHandler - the handler that handles authorization failures.

Since:

5.3

See Also:

• RemoveAuthorizedClientReactiveOAuth2AuthorizationFailureHandler