Class ResourceServerTokenRelayAutoConfiguration
- java.lang.Object
-
- org.springframework.cloud.commons.security.ResourceServerTokenRelayAutoConfiguration
-
@Configuration(proxyBeanMethods=false) @AutoConfigureAfter(org.springframework.boot.autoconfigure.security.oauth2.OAuth2AutoConfiguration.class) @ConditionalOnOAuth2ClientInResourceServer @ConditionalOnClass(org.springframework.security.oauth2.config.annotation.web.configuration.ResourceServerConfiguration.class) @ConditionalOnWebApplication @ConditionalOnProperty(value="spring.cloud.mvc.token-relay.enabled", matchIfMissing=true) public class ResourceServerTokenRelayAutoConfiguration extends Object
Adds an MVC interceptor for relaying OAuth2 access tokens into the client context (if there is one). In this way an incoming request to a resource server can be relayed downstream just be using@EnableOAuth2Client
and anOAuth2RestTemplate
. An MVC interceptor is used so as to have a minimal impact on the call stack. If you are not using MVC you could use a custom filter or AOP interceptor wrapping the same call to anAccessTokenContextRelay
.
N.B. an app that is usingUserInfoTokenServices
generally doesn't need this interceptor, but it doesn't hurt to include it.- Author:
- Dave Syer
-
-
Nested Class Summary
Nested Classes Modifier and Type Class Description static class
ResourceServerTokenRelayAutoConfiguration.ResourceServerTokenRelayRegistrationAutoConfiguration
AWebMvcConfigurer
for the access token interceptor.
-
Constructor Summary
Constructors Constructor Description ResourceServerTokenRelayAutoConfiguration()
-
Method Summary
All Methods Instance Methods Concrete Methods Modifier and Type Method Description AccessTokenContextRelay
accessTokenContextRelay(org.springframework.security.oauth2.client.OAuth2ClientContext context)
-
-
-
Method Detail
-
accessTokenContextRelay
@Bean public AccessTokenContextRelay accessTokenContextRelay(org.springframework.security.oauth2.client.OAuth2ClientContext context)
-
-