Class DefaultOAuth2AuthorizedClientManager

java.lang.Object
org.springframework.security.oauth2.client.web.DefaultOAuth2AuthorizedClientManager
All Implemented Interfaces:
OAuth2AuthorizedClientManager

public final class DefaultOAuth2AuthorizedClientManager extends Object implements OAuth2AuthorizedClientManager
The default implementation of an OAuth2AuthorizedClientManager for use within the context of a HttpServletRequest.

(When operating outside of the context of a HttpServletRequest, use AuthorizedClientServiceOAuth2AuthorizedClientManager instead.)

Authorized Client Persistence

This manager utilizes an OAuth2AuthorizedClientRepository to persist OAuth2AuthorizedClients.

By default, when an authorization attempt succeeds, the OAuth2AuthorizedClient will be saved in the OAuth2AuthorizedClientRepository. This functionality can be changed by configuring a custom OAuth2AuthorizationSuccessHandler via setAuthorizationSuccessHandler(OAuth2AuthorizationSuccessHandler).

By default, when an authorization attempt fails due to an "invalid_grant" error, the previously saved OAuth2AuthorizedClient will be removed from the OAuth2AuthorizedClientRepository. (The "invalid_grant" error can occur when a refresh token that is no longer valid is used to retrieve a new access token.) This functionality can be changed by configuring a custom OAuth2AuthorizationFailureHandler via setAuthorizationFailureHandler(OAuth2AuthorizationFailureHandler).

Since:
5.2
See Also: