OpaqueTokenAuthenticationProvider (spring-security-oauth2-resource-server 5.2.0.RELEASE API)

Skip navigation links

All Classes

Summary:
Nested |
Field |
Constr |
Method

Detail:
Field |
Constr |
Method

java.lang.Object
- org.springframework.security.oauth2.server.resource.authentication.OpaqueTokenAuthenticationProvider

All Implemented Interfaces:

org.springframework.security.authentication.AuthenticationProvider
```
public final class OpaqueTokenAuthenticationProvider
extends java.lang.Object
implements org.springframework.security.authentication.AuthenticationProvider
```
An AuthenticationProvider implementation for opaque Bearer Tokens, using an OAuth 2.0 Introspection Endpoint to check the token's validity and reveal its attributes.
This AuthenticationProvider is responsible for introspecting and verifying an opaque access token, returning its attributes set as part of the Authentication statement.
Scopes are translated into GrantedAuthoritys according to the following algorithm:
1. If there is a "scope" attribute, then convert to a Collection of Strings.
2. Take the resulting Collection and prepend the "SCOPE_" keyword to each element, adding as GrantedAuthoritys.
Since:

5.2

See Also:

AuthenticationProvider

Constructor Summary

Constructors
Constructor and Description

OpaqueTokenAuthenticationProvider(OpaqueTokenIntrospector introspector)
Creates a OpaqueTokenAuthenticationProvider with the provided parameters

Method Summary

All Methods Instance Methods Concrete Methods
Modifier and Type	Method and Description
`org.springframework.security.core.Authentication`	`authenticate(org.springframework.security.core.Authentication authentication)` Introspect and validate the opaque Bearer Token.
`boolean`	`supports(java.lang.Class<?> authentication)`

Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

- Constructor Detail
  - OpaqueTokenAuthenticationProvider
```
public OpaqueTokenAuthenticationProvider(OpaqueTokenIntrospector introspector)
```
    Creates a OpaqueTokenAuthenticationProvider with the provided parameters
    
    Parameters:
    
    introspector - The OpaqueTokenIntrospector to use
- Method Detail
  - authenticate
```
public org.springframework.security.core.Authentication authenticate(org.springframework.security.core.Authentication authentication)
                                                              throws org.springframework.security.core.AuthenticationException
```
    Introspect and validate the opaque Bearer Token.
    
    Specified by:
    
    authenticate in interface org.springframework.security.authentication.AuthenticationProvider
    
    Parameters:
    
    authentication - the authentication request object.
    
    Returns:
    
    A successful authentication
    
    Throws:
    
    org.springframework.security.core.AuthenticationException - if authentication failed for some reason
  - supports
```
public boolean supports(java.lang.Class<?> authentication)
```
    Specified by:
    
    supports in interface org.springframework.security.authentication.AuthenticationProvider

Skip navigation links

All Classes

Summary:
Nested |
Field |
Constr |
Method

Detail:
Field |
Constr |
Method