Package com.atlassian.connect.spring.internal.request.oauth2

Class OAuth2ClientCredentialsAuthorizedClientProvider

java.lang.Object

com.atlassian.connect.spring.internal.request.oauth2.OAuth2ClientCredentialsAuthorizedClientProvider

All Implemented Interfaces:

org.springframework.security.oauth2.client.OAuth2AuthorizedClientProvider

@Component
public class OAuth2ClientCredentialsAuthorizedClientProvider
extends Object
implements org.springframework.security.oauth2.client.OAuth2AuthorizedClientProvider

Constructor Summary

Constructors

Constructor	Description
OAuth2ClientCredentialsAuthorizedClientProvider(AtlassianConnectSecurityContextHelper securityContextHelper, AtlassianOAuth2ClientCredentialsTokenResponseClient tokenResponseClient)

Method Summary

Modifier and Type	Method	Description
org.springframework.security.oauth2.client.OAuth2AuthorizedClient	authorize(org.springframework.security.oauth2.client.OAuth2AuthorizationContext context)
protected org.springframework.security.oauth2.core.OAuth2AccessToken	getOAuth2AccessToken(AtlassianHost host, org.springframework.security.oauth2.client.registration.ClientRegistration clientRegistration)
boolean	hasTokenExpired(org.springframework.security.oauth2.core.AbstractOAuth2Token token)
void	setAccessTokenResponseClient(AtlassianOAuth2ClientCredentialsTokenResponseClient tokenResponseClient)	Sets the client used when requesting an access token credential at the Token Endpoint.
void	setClock(Clock clock)	Sets the Clock used in Instant.now(Clock) when checking the access token expiry.
void	setClockSkew(Duration clockSkew)	Sets the maximum acceptable clock skew, which is used when checking the access token expiry.

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Constructor Detail

OAuth2ClientCredentialsAuthorizedClientProvider

public OAuth2ClientCredentialsAuthorizedClientProvider(AtlassianConnectSecurityContextHelper securityContextHelper,
                                                       AtlassianOAuth2ClientCredentialsTokenResponseClient tokenResponseClient)

Method Detail

authorize

public org.springframework.security.oauth2.client.OAuth2AuthorizedClient authorize(org.springframework.security.oauth2.client.OAuth2AuthorizationContext context)

Specified by:

authorize in interface org.springframework.security.oauth2.client.OAuth2AuthorizedClientProvider

getOAuth2AccessToken

protected org.springframework.security.oauth2.core.OAuth2AccessToken getOAuth2AccessToken(AtlassianHost host,
                                                                                          org.springframework.security.oauth2.client.registration.ClientRegistration clientRegistration)

setAccessTokenResponseClient

public void setAccessTokenResponseClient(AtlassianOAuth2ClientCredentialsTokenResponseClient tokenResponseClient)

Sets the client used when requesting an access token credential at the Token Endpoint.

Parameters:

tokenResponseClient - the client used when requesting an access token credential at the Token Endpoint

hasTokenExpired

public boolean hasTokenExpired(org.springframework.security.oauth2.core.AbstractOAuth2Token token)

setClockSkew

public void setClockSkew(Duration clockSkew)

Sets the maximum acceptable clock skew, which is used when checking the access token expiry. The default is 60 seconds. An access token is considered expired if it's before Instant.now(this.clock) - clockSkew.

Parameters:

clockSkew - the maximum acceptable clock skew

setClock

public void setClock(Clock clock)

Sets the Clock used in Instant.now(Clock) when checking the access token expiry.

Parameters:

clock - the clock