Package org.springframework.security.oauth2.client.authentication

Class OAuth2LoginAuthenticationToken

java.lang.Object
org.springframework.security.authentication.AbstractAuthenticationToken
org.springframework.security.oauth2.client.authentication.OAuth2LoginAuthenticationToken
All Implemented Interfaces:
Serializable, Principal, org.springframework.security.core.Authentication, org.springframework.security.core.CredentialsContainer
public class OAuth2LoginAuthenticationToken extends org.springframework.security.authentication.AbstractAuthenticationToken
An AbstractAuthenticationToken for OAuth 2.0 Login, which leverages the OAuth 2.0 Authorization Code Grant Flow.
Since:
5.0
See Also:

  • Nested Class Summary

    Nested classes/interfaces inherited from class org.springframework.security.authentication.AbstractAuthenticationToken

    org.springframework.security.authentication.AbstractAuthenticationToken.AbstractAuthenticationBuilder<B extends org.springframework.security.authentication.AbstractAuthenticationToken.AbstractAuthenticationBuilder<B>>

    Nested classes/interfaces inherited from interface org.springframework.security.core.Authentication

    org.springframework.security.core.Authentication.Builder<B extends org.springframework.security.core.Authentication.Builder<B>>

  • Constructor Summary

    Constructors
    Constructor
    Description
    OAuth2LoginAuthenticationToken(ClientRegistration clientRegistration, org.springframework.security.oauth2.core.endpoint.OAuth2AuthorizationExchange authorizationExchange)
    This constructor should be used when the Authorization Request/Response is complete.
    OAuth2LoginAuthenticationToken(ClientRegistration clientRegistration, org.springframework.security.oauth2.core.endpoint.OAuth2AuthorizationExchange authorizationExchange, org.springframework.security.oauth2.core.user.OAuth2User principal, Collection<? extends org.springframework.security.core.GrantedAuthority> authorities, org.springframework.security.oauth2.core.OAuth2AccessToken accessToken)
    This constructor should be used when the Access Token Request/Response is complete, which indicates that the Authorization Code Grant flow has fully completed and OAuth 2.0 Login has been achieved.
    OAuth2LoginAuthenticationToken(ClientRegistration clientRegistration, org.springframework.security.oauth2.core.endpoint.OAuth2AuthorizationExchange authorizationExchange, org.springframework.security.oauth2.core.user.OAuth2User principal, Collection<? extends org.springframework.security.core.GrantedAuthority> authorities, org.springframework.security.oauth2.core.OAuth2AccessToken accessToken, org.springframework.security.oauth2.core.OAuth2RefreshToken refreshToken)
    This constructor should be used when the Access Token Request/Response is complete, which indicates that the Authorization Code Grant flow has fully completed and OAuth 2.0 Login has been achieved.

  • Method Summary

    Modifier and Type
    Method
    Description
    org.springframework.security.oauth2.core.OAuth2AccessToken
    getAccessToken()
    Returns the access token.
    org.springframework.security.oauth2.core.endpoint.OAuth2AuthorizationExchange
    getAuthorizationExchange()
    Returns the authorization exchange.
    ClientRegistration
    getClientRegistration()
    Returns the client registration.
    Object
    getCredentials()
     
    org.springframework.security.oauth2.core.user.OAuth2User
    getPrincipal()
     
    org.springframework.security.oauth2.core.OAuth2RefreshToken
    getRefreshToken()
    Returns the refresh token.

    Methods inherited from class org.springframework.security.authentication.AbstractAuthenticationToken

    equals, eraseCredentials, getAuthorities, getDetails, getName, hashCode, isAuthenticated, setAuthenticated, setDetails, toString

    Methods inherited from class java.lang.Object

    clone, finalize, getClass, notify, notifyAll, wait, wait, wait

    Methods inherited from interface org.springframework.security.core.Authentication

    toBuilder

    Methods inherited from interface java.security.Principal

    implies

  • Constructor Details

    • OAuth2LoginAuthenticationToken

      public OAuth2LoginAuthenticationToken(ClientRegistration clientRegistration, org.springframework.security.oauth2.core.endpoint.OAuth2AuthorizationExchange authorizationExchange)
      This constructor should be used when the Authorization Request/Response is complete.
      Parameters:
      clientRegistration - the client registration
      authorizationExchange - the authorization exchange

    • OAuth2LoginAuthenticationToken

      public OAuth2LoginAuthenticationToken(ClientRegistration clientRegistration, org.springframework.security.oauth2.core.endpoint.OAuth2AuthorizationExchange authorizationExchange, org.springframework.security.oauth2.core.user.OAuth2User principal, Collection<? extends org.springframework.security.core.GrantedAuthority> authorities, org.springframework.security.oauth2.core.OAuth2AccessToken accessToken)
      This constructor should be used when the Access Token Request/Response is complete, which indicates that the Authorization Code Grant flow has fully completed and OAuth 2.0 Login has been achieved.
      Parameters:
      clientRegistration - the client registration
      authorizationExchange - the authorization exchange
      principal - the user Principal registered with the OAuth 2.0 Provider
      authorities - the authorities granted to the user
      accessToken - the access token credential

    • OAuth2LoginAuthenticationToken

      public OAuth2LoginAuthenticationToken(ClientRegistration clientRegistration, org.springframework.security.oauth2.core.endpoint.OAuth2AuthorizationExchange authorizationExchange, org.springframework.security.oauth2.core.user.OAuth2User principal, Collection<? extends org.springframework.security.core.GrantedAuthority> authorities, org.springframework.security.oauth2.core.OAuth2AccessToken accessToken, @Nullable org.springframework.security.oauth2.core.OAuth2RefreshToken refreshToken)
      This constructor should be used when the Access Token Request/Response is complete, which indicates that the Authorization Code Grant flow has fully completed and OAuth 2.0 Login has been achieved.
      Parameters:
      clientRegistration - the client registration
      authorizationExchange - the authorization exchange
      principal - the user Principal registered with the OAuth 2.0 Provider
      authorities - the authorities granted to the user
      accessToken - the access token credential
      refreshToken - the refresh token credential

  • Method Details

    • getPrincipal

      public org.springframework.security.oauth2.core.user.OAuth2User getPrincipal()

    • getCredentials

      public Object getCredentials()

    • getClientRegistration

      public ClientRegistration getClientRegistration()
      Returns the client registration.
      Returns:
      the ClientRegistration

    • getAuthorizationExchange

      public org.springframework.security.oauth2.core.endpoint.OAuth2AuthorizationExchange getAuthorizationExchange()
      Returns the authorization exchange.
      Returns:
      the OAuth2AuthorizationExchange

    • getAccessToken

      public org.springframework.security.oauth2.core.OAuth2AccessToken getAccessToken()
      Returns the access token.
      Returns:
      the OAuth2AccessToken

    • getRefreshToken

      @Nullable public org.springframework.security.oauth2.core.OAuth2RefreshToken getRefreshToken()
      Returns the refresh token.
      Returns:
      the OAuth2RefreshToken
      Since:
      5.1