Package com.atlassian.connect.spring.internal.request.oauth2

Class OAuth2JwtAuthorizedClientProvider

java.lang.Object

com.atlassian.connect.spring.internal.request.oauth2.OAuth2JwtAuthorizedClientProvider

All Implemented Interfaces:

org.springframework.security.oauth2.client.OAuth2AuthorizedClientProvider

@Component
public class OAuth2JwtAuthorizedClientProvider
extends Object
implements org.springframework.security.oauth2.client.OAuth2AuthorizedClientProvider

Constructor Summary

Constructors

Constructor	Description
OAuth2JwtAuthorizedClientProvider(AtlassianConnectSecurityContextHelper securityContextHelper, OAuth2JwtAccessTokenResponseClient accessTokenResponseClient)

Method Summary

Modifier and Type	Method	Description
org.springframework.security.oauth2.client.OAuth2AuthorizedClient	authorize(org.springframework.security.oauth2.client.OAuth2AuthorizationContext context)
void	setAccessTokenResponseClient(org.springframework.security.oauth2.client.endpoint.OAuth2AccessTokenResponseClient<OAuth2JwtAssertionAuthorizationGrantRequest> accessTokenResponseClient)	Sets the client used when requesting an access token credential at the Token Endpoint.
void	setClock(Clock clock)	Sets the Clock used in Instant.now(Clock) when checking the access token expiry.
void	setClockSkew(Duration clockSkew)	Sets the maximum acceptable clock skew, which is used when checking the access token expiry.
boolean	willTokenExpire(org.springframework.security.oauth2.core.AbstractOAuth2Token token)	Indicates if the given token has expired or is likely to expire when it gets to the server.

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Constructor Details

OAuth2JwtAuthorizedClientProvider

public OAuth2JwtAuthorizedClientProvider(AtlassianConnectSecurityContextHelper securityContextHelper,
 OAuth2JwtAccessTokenResponseClient accessTokenResponseClient)

Method Details

authorize

@Nullable
public org.springframework.security.oauth2.client.OAuth2AuthorizedClient authorize(org.springframework.security.oauth2.client.OAuth2AuthorizationContext context)

Specified by:

authorize in interface org.springframework.security.oauth2.client.OAuth2AuthorizedClientProvider

setAccessTokenResponseClient

public void setAccessTokenResponseClient(org.springframework.security.oauth2.client.endpoint.OAuth2AccessTokenResponseClient<OAuth2JwtAssertionAuthorizationGrantRequest> accessTokenResponseClient)

Sets the client used when requesting an access token credential at the Token Endpoint.

Parameters:

accessTokenResponseClient - the client used when requesting an access token credential at the Token Endpoint

setClockSkew

public void setClockSkew(Duration clockSkew)

Sets the maximum acceptable clock skew, which is used when checking the access token expiry. The default is 60 seconds. An access token is considered expired if it's before Instant.now(this.clock) - clockSkew.

Parameters:

clockSkew - the maximum acceptable clock skew

setClock

public void setClock(Clock clock)

Sets the Clock used in Instant.now(Clock) when checking the access token expiry.

Parameters:

clock - the clock

willTokenExpire

public boolean willTokenExpire(org.springframework.security.oauth2.core.AbstractOAuth2Token token)

Indicates if the given token has expired or is likely to expire when it gets to the server. It allows for some clock skew

Parameters:

token - the token being checked

Returns:

true if the token has expired or is likely to have expired when it reaches the server