Class OAuth2LoginConfigurer<B extends HttpSecurityBuilder<B>>
- java.lang.Object
-
- org.springframework.security.config.annotation.SecurityConfigurerAdapter<org.springframework.security.web.DefaultSecurityFilterChain,B>
-
- org.springframework.security.config.annotation.web.configurers.AbstractHttpConfigurer<T,B>
-
- org.springframework.security.config.annotation.web.configurers.AbstractAuthenticationFilterConfigurer<B,OAuth2LoginConfigurer<B>,org.springframework.security.oauth2.client.web.OAuth2LoginAuthenticationFilter>
-
- org.springframework.security.config.annotation.web.configurers.oauth2.client.OAuth2LoginConfigurer<B>
-
- All Implemented Interfaces:
SecurityConfigurer<org.springframework.security.web.DefaultSecurityFilterChain,B>
public final class OAuth2LoginConfigurer<B extends HttpSecurityBuilder<B>> extends AbstractAuthenticationFilterConfigurer<B,OAuth2LoginConfigurer<B>,org.springframework.security.oauth2.client.web.OAuth2LoginAuthenticationFilter>
AnAbstractHttpConfigurerfor OAuth 2.0 Login, which leverages the OAuth 2.0 Authorization Code Grant Flow.OAuth 2.0 Login provides an application with the capability to have users log in by using their existing account at an OAuth 2.0 or OpenID Connect 1.0 Provider.
Defaults are provided for all configuration options with the only required configuration being
clientRegistrationRepository(ClientRegistrationRepository). Alternatively, aClientRegistrationRepository@Beanmay be registered instead.Security Filters
The followingFilter's are populated:OAuth2AuthorizationRequestRedirectFilterOAuth2LoginAuthenticationFilter
Shared Objects Created
The following shared objects are populated:ClientRegistrationRepository(required)OAuth2AuthorizedClientRepository(optional)GrantedAuthoritiesMapper(optional)
Shared Objects Used
The following shared objects are used:ClientRegistrationRepositoryOAuth2AuthorizedClientRepositoryGrantedAuthoritiesMapperDefaultLoginPageGeneratingFilter- ifloginPage(String)is not configured andDefaultLoginPageGeneratingFilteris available, then a default login page will be made available
- Since:
- 5.0
- See Also:
HttpSecurity.oauth2Login(),OAuth2AuthorizationRequestRedirectFilter,OAuth2LoginAuthenticationFilter,ClientRegistrationRepository,OAuth2AuthorizedClientRepository,AbstractAuthenticationFilterConfigurer
-
-
Nested Class Summary
Nested Classes Modifier and Type Class Description classOAuth2LoginConfigurer.AuthorizationEndpointConfigConfiguration options for the Authorization Server's Authorization Endpoint.classOAuth2LoginConfigurer.RedirectionEndpointConfigConfiguration options for the Client's Redirection Endpoint.classOAuth2LoginConfigurer.TokenEndpointConfigConfiguration options for the Authorization Server's Token Endpoint.classOAuth2LoginConfigurer.UserInfoEndpointConfigConfiguration options for the Authorization Server's UserInfo Endpoint.
-
Constructor Summary
Constructors Constructor Description OAuth2LoginConfigurer()
-
Method Summary
All Methods Instance Methods Concrete Methods Modifier and Type Method Description OAuth2LoginConfigurer.AuthorizationEndpointConfigauthorizationEndpoint()Returns theOAuth2LoginConfigurer.AuthorizationEndpointConfigfor configuring the Authorization Server's Authorization Endpoint.OAuth2LoginConfigurer<B>authorizationEndpoint(Customizer<OAuth2LoginConfigurer.AuthorizationEndpointConfig> authorizationEndpointCustomizer)Configures the Authorization Server's Authorization Endpoint.OAuth2LoginConfigurer<B>authorizedClientRepository(org.springframework.security.oauth2.client.web.OAuth2AuthorizedClientRepository authorizedClientRepository)Sets the repository for authorized client(s).OAuth2LoginConfigurer<B>authorizedClientService(org.springframework.security.oauth2.client.OAuth2AuthorizedClientService authorizedClientService)Sets the service for authorized client(s).OAuth2LoginConfigurer<B>clientRegistrationRepository(org.springframework.security.oauth2.client.registration.ClientRegistrationRepository clientRegistrationRepository)Sets the repository of client registrations.voidconfigure(B http)Configure theSecurityBuilderby setting the necessary properties on theSecurityBuilder.protected org.springframework.security.web.util.matcher.RequestMatchercreateLoginProcessingUrlMatcher(java.lang.String loginProcessingUrl)Create theRequestMatchergiven a loginProcessingUrlvoidinit(B http)Initialize theSecurityBuilder.OAuth2LoginConfigurer<B>loginPage(java.lang.String loginPage)Specifies the URL to send users to if login is required.OAuth2LoginConfigurer<B>loginProcessingUrl(java.lang.String loginProcessingUrl)Specifies the URL to validate the credentials.OAuth2LoginConfigurer.RedirectionEndpointConfigredirectionEndpoint()Returns theOAuth2LoginConfigurer.RedirectionEndpointConfigfor configuring the Client's Redirection Endpoint.OAuth2LoginConfigurer<B>redirectionEndpoint(Customizer<OAuth2LoginConfigurer.RedirectionEndpointConfig> redirectionEndpointCustomizer)Configures the Client's Redirection Endpoint.OAuth2LoginConfigurer.TokenEndpointConfigtokenEndpoint()Returns theOAuth2LoginConfigurer.TokenEndpointConfigfor configuring the Authorization Server's Token Endpoint.OAuth2LoginConfigurer<B>tokenEndpoint(Customizer<OAuth2LoginConfigurer.TokenEndpointConfig> tokenEndpointCustomizer)Configures the Authorization Server's Token Endpoint.OAuth2LoginConfigurer.UserInfoEndpointConfiguserInfoEndpoint()Returns theOAuth2LoginConfigurer.UserInfoEndpointConfigfor configuring the Authorization Server's UserInfo Endpoint.OAuth2LoginConfigurer<B>userInfoEndpoint(Customizer<OAuth2LoginConfigurer.UserInfoEndpointConfig> userInfoEndpointCustomizer)Configures the Authorization Server's UserInfo Endpoint.-
Methods inherited from class org.springframework.security.config.annotation.web.configurers.AbstractAuthenticationFilterConfigurer
authenticationDetailsSource, defaultSuccessUrl, defaultSuccessUrl, failureHandler, failureUrl, getAuthenticationEntryPoint, getAuthenticationEntryPointMatcher, getAuthenticationFilter, getFailureUrl, getLoginPage, getLoginProcessingUrl, isCustomLoginPage, permitAll, permitAll, registerAuthenticationEntryPoint, registerDefaultAuthenticationEntryPoint, setAuthenticationFilter, successHandler, updateAccessDefaults, updateAuthenticationDefaults
-
Methods inherited from class org.springframework.security.config.annotation.web.configurers.AbstractHttpConfigurer
disable, withObjectPostProcessor
-
Methods inherited from class org.springframework.security.config.annotation.SecurityConfigurerAdapter
addObjectPostProcessor, and, getBuilder, postProcess, setBuilder
-
-
-
-
Method Detail
-
clientRegistrationRepository
public OAuth2LoginConfigurer<B> clientRegistrationRepository(org.springframework.security.oauth2.client.registration.ClientRegistrationRepository clientRegistrationRepository)
Sets the repository of client registrations.- Parameters:
clientRegistrationRepository- the repository of client registrations- Returns:
- the
OAuth2LoginConfigurerfor further configuration
-
authorizedClientRepository
public OAuth2LoginConfigurer<B> authorizedClientRepository(org.springframework.security.oauth2.client.web.OAuth2AuthorizedClientRepository authorizedClientRepository)
Sets the repository for authorized client(s).- Parameters:
authorizedClientRepository- the authorized client repository- Returns:
- the
OAuth2LoginConfigurerfor further configuration - Since:
- 5.1
-
authorizedClientService
public OAuth2LoginConfigurer<B> authorizedClientService(org.springframework.security.oauth2.client.OAuth2AuthorizedClientService authorizedClientService)
Sets the service for authorized client(s).- Parameters:
authorizedClientService- the authorized client service- Returns:
- the
OAuth2LoginConfigurerfor further configuration
-
loginPage
public OAuth2LoginConfigurer<B> loginPage(java.lang.String loginPage)
Description copied from class:AbstractAuthenticationFilterConfigurerSpecifies the URL to send users to if login is required. If used with
WebSecurityConfigurerAdaptera default login page will be generated when this attribute is not specified.If a URL is specified or this is not being used in conjunction with
WebSecurityConfigurerAdapter, users are required to process the specified URL to generate a login page.- Overrides:
loginPagein classAbstractAuthenticationFilterConfigurer<B extends HttpSecurityBuilder<B>,OAuth2LoginConfigurer<B extends HttpSecurityBuilder<B>>,org.springframework.security.oauth2.client.web.OAuth2LoginAuthenticationFilter>
-
loginProcessingUrl
public OAuth2LoginConfigurer<B> loginProcessingUrl(java.lang.String loginProcessingUrl)
Description copied from class:AbstractAuthenticationFilterConfigurerSpecifies the URL to validate the credentials.- Overrides:
loginProcessingUrlin classAbstractAuthenticationFilterConfigurer<B extends HttpSecurityBuilder<B>,OAuth2LoginConfigurer<B extends HttpSecurityBuilder<B>>,org.springframework.security.oauth2.client.web.OAuth2LoginAuthenticationFilter>- Parameters:
loginProcessingUrl- the URL to validate username and password- Returns:
- the
FormLoginConfigurerfor additional customization
-
authorizationEndpoint
public OAuth2LoginConfigurer.AuthorizationEndpointConfig authorizationEndpoint()
Returns theOAuth2LoginConfigurer.AuthorizationEndpointConfigfor configuring the Authorization Server's Authorization Endpoint.- Returns:
- the
OAuth2LoginConfigurer.AuthorizationEndpointConfig
-
authorizationEndpoint
public OAuth2LoginConfigurer<B> authorizationEndpoint(Customizer<OAuth2LoginConfigurer.AuthorizationEndpointConfig> authorizationEndpointCustomizer)
Configures the Authorization Server's Authorization Endpoint.- Parameters:
authorizationEndpointCustomizer- theCustomizerto provide more options for theOAuth2LoginConfigurer.AuthorizationEndpointConfig- Returns:
- the
OAuth2LoginConfigurerfor further customizations
-
tokenEndpoint
public OAuth2LoginConfigurer.TokenEndpointConfig tokenEndpoint()
Returns theOAuth2LoginConfigurer.TokenEndpointConfigfor configuring the Authorization Server's Token Endpoint.- Returns:
- the
OAuth2LoginConfigurer.TokenEndpointConfig
-
tokenEndpoint
public OAuth2LoginConfigurer<B> tokenEndpoint(Customizer<OAuth2LoginConfigurer.TokenEndpointConfig> tokenEndpointCustomizer)
Configures the Authorization Server's Token Endpoint.- Parameters:
tokenEndpointCustomizer- theCustomizerto provide more options for theOAuth2LoginConfigurer.TokenEndpointConfig- Returns:
- the
OAuth2LoginConfigurerfor further customizations - Throws:
java.lang.Exception
-
redirectionEndpoint
public OAuth2LoginConfigurer.RedirectionEndpointConfig redirectionEndpoint()
Returns theOAuth2LoginConfigurer.RedirectionEndpointConfigfor configuring the Client's Redirection Endpoint.- Returns:
- the
OAuth2LoginConfigurer.RedirectionEndpointConfig
-
redirectionEndpoint
public OAuth2LoginConfigurer<B> redirectionEndpoint(Customizer<OAuth2LoginConfigurer.RedirectionEndpointConfig> redirectionEndpointCustomizer)
Configures the Client's Redirection Endpoint.- Parameters:
redirectionEndpointCustomizer- theCustomizerto provide more options for theOAuth2LoginConfigurer.RedirectionEndpointConfig- Returns:
- the
OAuth2LoginConfigurerfor further customizations
-
userInfoEndpoint
public OAuth2LoginConfigurer.UserInfoEndpointConfig userInfoEndpoint()
Returns theOAuth2LoginConfigurer.UserInfoEndpointConfigfor configuring the Authorization Server's UserInfo Endpoint.- Returns:
- the
OAuth2LoginConfigurer.UserInfoEndpointConfig
-
userInfoEndpoint
public OAuth2LoginConfigurer<B> userInfoEndpoint(Customizer<OAuth2LoginConfigurer.UserInfoEndpointConfig> userInfoEndpointCustomizer)
Configures the Authorization Server's UserInfo Endpoint.- Parameters:
userInfoEndpointCustomizer- theCustomizerto provide more options for theOAuth2LoginConfigurer.UserInfoEndpointConfig- Returns:
- the
OAuth2LoginConfigurerfor further customizations
-
init
public void init(B http) throws java.lang.Exception
Description copied from interface:SecurityConfigurerInitialize theSecurityBuilder. Here only shared state should be created and modified, but not properties on theSecurityBuilderused for building the object. This ensures that theSecurityConfigurer.configure(SecurityBuilder)method uses the correct shared objects when building. Configurers should be applied here.- Specified by:
initin interfaceSecurityConfigurer<org.springframework.security.web.DefaultSecurityFilterChain,B extends HttpSecurityBuilder<B>>- Overrides:
initin classAbstractAuthenticationFilterConfigurer<B extends HttpSecurityBuilder<B>,OAuth2LoginConfigurer<B extends HttpSecurityBuilder<B>>,org.springframework.security.oauth2.client.web.OAuth2LoginAuthenticationFilter>- Throws:
java.lang.Exception
-
configure
public void configure(B http) throws java.lang.Exception
Description copied from interface:SecurityConfigurerConfigure theSecurityBuilderby setting the necessary properties on theSecurityBuilder.- Specified by:
configurein interfaceSecurityConfigurer<org.springframework.security.web.DefaultSecurityFilterChain,B extends HttpSecurityBuilder<B>>- Overrides:
configurein classAbstractAuthenticationFilterConfigurer<B extends HttpSecurityBuilder<B>,OAuth2LoginConfigurer<B extends HttpSecurityBuilder<B>>,org.springframework.security.oauth2.client.web.OAuth2LoginAuthenticationFilter>- Throws:
java.lang.Exception
-
createLoginProcessingUrlMatcher
protected org.springframework.security.web.util.matcher.RequestMatcher createLoginProcessingUrlMatcher(java.lang.String loginProcessingUrl)
Description copied from class:AbstractAuthenticationFilterConfigurerCreate theRequestMatchergiven a loginProcessingUrl- Specified by:
createLoginProcessingUrlMatcherin classAbstractAuthenticationFilterConfigurer<B extends HttpSecurityBuilder<B>,OAuth2LoginConfigurer<B extends HttpSecurityBuilder<B>>,org.springframework.security.oauth2.client.web.OAuth2LoginAuthenticationFilter>- Parameters:
loginProcessingUrl- creates theRequestMatcherbased upon the loginProcessingUrl- Returns:
- the
RequestMatcherto use based upon the loginProcessingUrl
-
-