org.springframework.security.oauth2.client.filter
Class OAuth2ClientAuthenticationProcessingFilter

java.lang.Object
  org.springframework.web.filter.GenericFilterBean
      org.springframework.security.web.authentication.AbstractAuthenticationProcessingFilter
          org.springframework.security.oauth2.client.filter.OAuth2ClientAuthenticationProcessingFilter

All Implemented Interfaces:

javax.servlet.Filter, org.springframework.beans.factory.Aware, org.springframework.beans.factory.BeanNameAware, org.springframework.beans.factory.DisposableBean, org.springframework.beans.factory.InitializingBean, org.springframework.context.ApplicationEventPublisherAware, org.springframework.context.EnvironmentAware, org.springframework.context.MessageSourceAware, org.springframework.web.context.ServletContextAware

public class OAuth2ClientAuthenticationProcessingFilter
extends org.springframework.security.web.authentication.AbstractAuthenticationProcessingFilter

An OAuth2 client filter that can be used to acquire an OAuth2 access token from an authorization server, and load an authentication object into the SecurityContext

Author:

Vidya Valmikinathan

Field Summary

OAuth2RestOperations

restTemplate

Fields inherited from class org.springframework.security.web.authentication.AbstractAuthenticationProcessingFilter

authenticationDetailsSource, eventPublisher, messages, SPRING_SECURITY_LAST_EXCEPTION_KEY

Fields inherited from class org.springframework.web.filter.GenericFilterBean

logger

Constructor Summary

OAuth2ClientAuthenticationProcessingFilter(String defaultFilterProcessesUrl)

Method Summary

void	afterPropertiesSet()
org.springframework.security.core.Authentication	attemptAuthentication(javax.servlet.http.HttpServletRequest request, javax.servlet.http.HttpServletResponse response)
void	setRestTemplate(OAuth2RestOperations restTemplate) A rest template to be used to obtain an access token.
void	setTokenServices(ResourceServerTokenServices tokenServices) Reference to a CheckTokenServices that can validate an OAuth2AccessToken
protected void	unsuccessfulAuthentication(javax.servlet.http.HttpServletRequest request, javax.servlet.http.HttpServletResponse response, org.springframework.security.core.AuthenticationException failed)

Methods inherited from class org.springframework.security.web.authentication.AbstractAuthenticationProcessingFilter

doFilter, getAllowSessionCreation, getAuthenticationManager, getFailureHandler, getFilterProcessesUrl, getRememberMeServices, getSuccessHandler, requiresAuthentication, setAllowSessionCreation, setApplicationEventPublisher, setAuthenticationDetailsSource, setAuthenticationFailureHandler, setAuthenticationManager, setAuthenticationSuccessHandler, setContinueChainBeforeSuccessfulAuthentication, setFilterProcessesUrl, setMessageSource, setRememberMeServices, setSessionAuthenticationStrategy, successfulAuthentication, successfulAuthentication

Methods inherited from class org.springframework.web.filter.GenericFilterBean

addRequiredProperty, destroy, getFilterConfig, getFilterName, getServletContext, init, initBeanWrapper, initFilterBean, setBeanName, setEnvironment, setServletContext

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Field Detail

restTemplate

public OAuth2RestOperations restTemplate

Constructor Detail

OAuth2ClientAuthenticationProcessingFilter

public OAuth2ClientAuthenticationProcessingFilter(String defaultFilterProcessesUrl)

Method Detail

setTokenServices

public void setTokenServices(ResourceServerTokenServices tokenServices)

Reference to a CheckTokenServices that can validate an OAuth2AccessToken

Parameters:

tokenServices -

setRestTemplate

public void setRestTemplate(OAuth2RestOperations restTemplate)

A rest template to be used to obtain an access token.

Parameters:

restTemplate - a rest template

afterPropertiesSet

public void afterPropertiesSet()

Specified by:

afterPropertiesSet in interface org.springframework.beans.factory.InitializingBean

Overrides:

afterPropertiesSet in class org.springframework.security.web.authentication.AbstractAuthenticationProcessingFilter

attemptAuthentication

public org.springframework.security.core.Authentication attemptAuthentication(javax.servlet.http.HttpServletRequest request,
                                                                              javax.servlet.http.HttpServletResponse response)
                                                                       throws org.springframework.security.core.AuthenticationException,
                                                                              IOException,
                                                                              javax.servlet.ServletException

Specified by:

attemptAuthentication in class org.springframework.security.web.authentication.AbstractAuthenticationProcessingFilter

Throws:

org.springframework.security.core.AuthenticationException

IOException

javax.servlet.ServletException

unsuccessfulAuthentication

protected void unsuccessfulAuthentication(javax.servlet.http.HttpServletRequest request,
                                          javax.servlet.http.HttpServletResponse response,
                                          org.springframework.security.core.AuthenticationException failed)
                                   throws IOException,
                                          javax.servlet.ServletException

Overrides:

unsuccessfulAuthentication in class org.springframework.security.web.authentication.AbstractAuthenticationProcessingFilter

Throws:

IOException

javax.servlet.ServletException