Class OAuth2JwtAuthorizedClientProvider
java.lang.Object
com.atlassian.connect.spring.internal.request.oauth2.OAuth2JwtAuthorizedClientProvider
- All Implemented Interfaces:
org.springframework.security.oauth2.client.OAuth2AuthorizedClientProvider
@Component
public class OAuth2JwtAuthorizedClientProvider
extends Object
implements org.springframework.security.oauth2.client.OAuth2AuthorizedClientProvider
-
Constructor Summary
ConstructorDescriptionOAuth2JwtAuthorizedClientProvider
(AtlassianConnectSecurityContextHelper securityContextHelper, OAuth2JwtAccessTokenResponseClient accessTokenResponseClient) -
Method Summary
Modifier and TypeMethodDescriptionorg.springframework.security.oauth2.client.OAuth2AuthorizedClient
authorize
(org.springframework.security.oauth2.client.OAuth2AuthorizationContext context) void
setAccessTokenResponseClient
(org.springframework.security.oauth2.client.endpoint.OAuth2AccessTokenResponseClient<OAuth2JwtAssertionAuthorizationGrantRequest> accessTokenResponseClient) Sets the client used when requesting an access token credential at the Token Endpoint.void
Sets theClock
used inInstant.now(Clock)
when checking the access token expiry.void
setClockSkew
(Duration clockSkew) Sets the maximum acceptable clock skew, which is used when checking theaccess token
expiry.boolean
willTokenExpire
(org.springframework.security.oauth2.core.AbstractOAuth2Token token) Indicates if the given token has expired or is likely to expire when it gets to the server.
-
Constructor Details
-
OAuth2JwtAuthorizedClientProvider
public OAuth2JwtAuthorizedClientProvider(AtlassianConnectSecurityContextHelper securityContextHelper, OAuth2JwtAccessTokenResponseClient accessTokenResponseClient)
-
-
Method Details
-
authorize
@Nullable public org.springframework.security.oauth2.client.OAuth2AuthorizedClient authorize(org.springframework.security.oauth2.client.OAuth2AuthorizationContext context) - Specified by:
authorize
in interfaceorg.springframework.security.oauth2.client.OAuth2AuthorizedClientProvider
-
setAccessTokenResponseClient
public void setAccessTokenResponseClient(org.springframework.security.oauth2.client.endpoint.OAuth2AccessTokenResponseClient<OAuth2JwtAssertionAuthorizationGrantRequest> accessTokenResponseClient) Sets the client used when requesting an access token credential at the Token Endpoint.- Parameters:
accessTokenResponseClient
- the client used when requesting an access token credential at the Token Endpoint
-
setClockSkew
Sets the maximum acceptable clock skew, which is used when checking theaccess token
expiry. The default is 60 seconds. An access token is considered expired if it's beforeInstant.now(this.clock) - clockSkew
.- Parameters:
clockSkew
- the maximum acceptable clock skew
-
setClock
Sets theClock
used inInstant.now(Clock)
when checking the access token expiry.- Parameters:
clock
- the clock
-
willTokenExpire
public boolean willTokenExpire(org.springframework.security.oauth2.core.AbstractOAuth2Token token) Indicates if the given token has expired or is likely to expire when it gets to the server. It allows for some clock skew- Parameters:
token
- the token being checked- Returns:
- true if the token has expired or is likely to have expired when it reaches the server
-