All Classes and Interfaces
Class
Description
Base implementation of an OAuth 2.0 Authorization Grant request that holds an
authorization grant credential and is used when initiating a request to the
Authorization Server's Token Endpoint.
AbstractWebClientReactiveOAuth2AccessTokenResponseClient<T extends AbstractOAuth2AuthorizationGrantRequest>
Abstract base class for all of the
WebClientReactive*TokenResponseClients that
communicate to the Authorization Server's Token Endpoint.An implementation of an
OAuth2AuthorizedClientRepository that delegates to the
provided OAuth2AuthorizedClientService if the current Principal is
authenticated, otherwise, to the default (or provided)
OAuth2AuthorizedClientRepository if the current request is unauthenticated (or
anonymous).An implementation of an
ServerOAuth2AuthorizedClientRepository that delegates
to the provided ServerOAuth2AuthorizedClientRepository if the current
Principal is authenticated, otherwise, to the default (or provided)
ServerOAuth2AuthorizedClientRepository if the current request is
unauthenticated (or anonymous).An implementation of an
OAuth2AuthorizedClientProvider for the
authorization_code grant.An implementation of a
ReactiveOAuth2AuthorizedClientProvider for the
authorization_code grant.AuthorizationRequestRepository<T extends org.springframework.security.oauth2.core.endpoint.OAuth2AuthorizationRequest>
Implementations of this interface are responsible for the persistence of
OAuth2AuthorizationRequest between requests.An implementation of an
OAuth2AuthorizedClientManager that is capable of
operating outside of the context of a HttpServletRequest, e.g.The default implementation of the
contextAttributesMapper.An implementation of a
ReactiveOAuth2AuthorizedClientManager that is capable of
operating outside of the context of a ServerWebExchange, e.g.The default implementation of the
contextAttributesMapper.This exception is thrown on the client side when an attempt to authenticate or
authorize an OAuth 2.0 client fails.
This exception is thrown when an OAuth 2.0 Client is required to obtain authorization
from the Resource Owner.
An implementation of an
OAuth2AuthorizedClientProvider for the
client_credentials grant.An implementation of a
ReactiveOAuth2AuthorizedClientProvider for the
client_credentials grant.A representation of a client registration with an OAuth 2.0 or OpenID Connect 1.0
Provider.
A builder for
ClientRegistration.A repository for OAuth 2.0 / OpenID Connect 1.0
ClientRegistration(s).Allows creating a
ClientRegistration.Builder from an OpenID
Provider Configuration or
Authorization Server
Metadata based on provided issuer.The default implementation of an
OAuth2AccessTokenResponseClient for the
authorization_code grant.The default implementation of an
OAuth2AccessTokenResponseClient for the
client_credentials grant.The default implementation of an
OAuth2AccessTokenResponseClient for the
jwt-bearer grant.An implementation of an
OAuth2AuthorizationRequestResolver that attempts to
resolve an OAuth2AuthorizationRequest from the provided
HttpServletRequest using the default request URI pattern
/oauth2/authorization/{registrationId}.The default implementation of an
OAuth2AuthorizedClientManager for use within
the context of a HttpServletRequest.The default implementation of the
contextAttributesMapper.An implementation of an
OAuth2UserService that supports standard OAuth 2.0
Provider's.Deprecated.
The latest OAuth 2.0 Security Best Current Practice disallows the use of
the Resource Owner Password Credentials grant.
The default implementation of a
ReactiveOAuth2AuthorizedClientManager for use
within the context of a ServerWebExchange.The default implementation of the
contextAttributesMapper.An implementation of an
ReactiveOAuth2UserService that supports standard OAuth
2.0 Provider's.The default implementation of an
OAuth2AccessTokenResponseClient for the
refresh_token grant.The default implementation of
ServerOAuth2AuthorizationRequestResolver.An implementation of an
OAuth2AuthorizedClientProvider that simply delegates to
it's internal List of OAuth2AuthorizedClientProvider(s).DelegatingOAuth2UserService<R extends OAuth2UserRequest,U extends org.springframework.security.oauth2.core.user.OAuth2User>
An implementation of an
OAuth2UserService that simply delegates to it's
internal List of OAuth2UserService(s).An implementation of a
ReactiveOAuth2AuthorizedClientProvider that simply
delegates to it's internal List of
ReactiveOAuth2AuthorizedClientProvider(s).An implementation of an
AuthorizationRequestRepository that stores
OAuth2AuthorizationRequest in the HttpSession.An implementation of an
OAuth2AuthorizedClientRepository that stores
OAuth2AuthorizedClient's in the HttpSession.A
ClientRegistrationRepository that stores ClientRegistration(s)
in-memory.An
OAuth2AuthorizedClientService that stores Authorized Client(s) in-memory.A Reactive
ClientRegistrationRepository that stores
ClientRegistration(s) in-memory.An
OAuth2AuthorizedClientService that stores Authorized Client(s) in-memory.A JDBC implementation of an
OAuth2AuthorizedClientService that uses a
JdbcOperations for OAuth2AuthorizedClient persistence.A holder for an
OAuth2AuthorizedClient and End-User Authentication
(Resource Owner).The default
Function that maps JdbcOAuth2AuthorizedClientService.OAuth2AuthorizedClientHolder to a
List of SqlParameterValue.A JWT Bearer Grant request that holds a
Jwt assertion.An implementation of an
AbstractOAuth2AuthorizationGrantRequestEntityConverter
that converts the provided JwtBearerGrantRequest to a RequestEntity
representation of an OAuth 2.0 Access Token Request for the JWT Bearer Grant.An implementation of an
OAuth2AuthorizedClientProvider for the
jwt-bearer grant.An implementation of an
ReactiveOAuth2AuthorizedClientProvider for the
jwt-bearer grant.A
Converter that customizes the OAuth 2.0 Access Token Request parameters by
adding a signed JSON Web Token (JWS) to be used for client authentication at the
Authorization Server's Token Endpoint.NimbusJwtClientAuthenticationParametersConverter.JwtClientAuthenticationContext<T extends AbstractOAuth2AuthorizationGrantRequest>
A context that holds client authentication-specific state and is used by
NimbusJwtClientAuthenticationParametersConverter when attempting to
customize the JSON Web Token (JWS) client assertion.A strategy for "exchanging" an authorization grant credential (e.g.
An implementation of an
AbstractAuthenticationToken that represents an OAuth
2.0 Authentication.An implementation of an
AuthenticationProvider for the OAuth 2.0 Authorization
Code Grant.An
AbstractAuthenticationToken for the OAuth 2.0 Authorization Code Grant.A
Filter for the OAuth 2.0 Authorization Code Grant, which handles the
processing of the OAuth 2.0 Authorization Response.An OAuth 2.0 Authorization Code Grant request that holds an Authorization Code
credential, which was granted by the Resource Owner to the
Client.An implementation of an
AbstractOAuth2AuthorizationGrantRequestEntityConverter
that converts the provided OAuth2AuthorizationCodeGrantRequest to a
RequestEntity representation of an OAuth 2.0 Access Token Request for the
Authorization Code Grant.A
Filter for the OAuth 2.0 Authorization Code Grant, which handles the
processing of the OAuth 2.0 Authorization Response.An implementation of an
AuthenticationProvider for OAuth
2.0 Login, which leverages the OAuth 2.0 Authorization Code Grant Flow.A context that holds authorization-specific state and is used by an
OAuth2AuthorizedClientProvider when attempting to authorize (or re-authorize)
an OAuth 2.0 Client.A builder for
OAuth2AuthorizationContext.Handles when an OAuth 2.0 Client fails to authorize (or re-authorize) via the
Authorization Server or Resource Server.
A factory of customizers that customize the
OAuth 2.0
Authorization Request via the OAuth2AuthorizationRequest.Builder.This
Filter initiates the authorization code grant flow by redirecting the
End-User's user-agent to the Authorization Server's Authorization Endpoint.This
WebFilter initiates the authorization code grant flow by redirecting the
End-User's user-agent to the Authorization Server's Authorization Endpoint.Implementations of this interface are capable of resolving an
OAuth2AuthorizationRequest from the provided HttpServletRequest.Handles when an OAuth 2.0 Client has been successfully authorized (or re-authorized)
via the Authorization Server.
A representation of an OAuth 2.0 "Authorized Client".
An implementation of a
HandlerMethodArgumentResolver that is capable of
resolving a method parameter to an argument value of type
OAuth2AuthorizedClient.An implementation of a
HandlerMethodArgumentResolver that is capable of
resolving a method parameter to an argument value of type
OAuth2AuthorizedClient.The identifier for
OAuth2AuthorizedClient.Implementations of this interface are responsible for the overall management of
Authorized Client(s).A strategy for authorizing (or re-authorizing) an OAuth 2.0 Client.
A builder that builds a
DelegatingOAuth2AuthorizedClientProvider composed of
one or more OAuth2AuthorizedClientProvider(s) that implement specific
authorization grants.Implementations of this interface are responsible for the persistence of
Authorized Client(s) between requests.Implementations of this interface are responsible for the management of
Authorized Client(s), which provide the purpose of
associating an Access Token credential
to a Client and Resource Owner,
who is the Principal that originally
granted the authorization.Represents a request the
OAuth2AuthorizedClientManager uses to
authorize (or
re-authorize) the client identified by the provided
clientRegistrationId.A builder for
OAuth2AuthorizeRequest.An OAuth 2.0 Client Credentials Grant request that holds the client's credentials in
AbstractOAuth2AuthorizationGrantRequest.getClientRegistration().An implementation of an
AbstractOAuth2AuthorizationGrantRequestEntityConverter
that converts the provided OAuth2ClientCredentialsGrantRequest to a
RequestEntity representation of an OAuth 2.0 Access Token Request for the
Client Credentials Grant.Jackson
Module for spring-security-oauth2-client, that registers the
following mix-in annotations:
OAuth2AuthorizationRequestMixin
ClientRegistrationMixin
OAuth2AccessTokenMixin
OAuth2RefreshTokenMixin
OAuth2AuthorizedClientMixin
OAuth2UserAuthorityMixin
DefaultOAuth2UserMixin
OidcIdTokenMixin
OidcUserInfoMixin
OidcUserAuthorityMixin
DefaultOidcUserMixin
OAuth2AuthenticationTokenMixin
OAuth2AuthenticationExceptionMixin
OAuth2ErrorMixin
If not already enabled, default typing will be automatically enabled as type info is
required to properly serialize/deserialize objects.A
ResponseErrorHandler that handles an OAuth 2.0 Error.An implementation of an
AbstractAuthenticationProcessingFilter for OAuth 2.0
Login.An implementation of an
AuthenticationProvider for OAuth 2.0 Login, which
leverages the OAuth 2.0 Authorization Code Grant Flow.An
AbstractAuthenticationToken for OAuth 2.0 Login, which leverages the OAuth
2.0 Authorization Code Grant Flow.A specialized
AuthenticationWebFilter that converts from an
OAuth2LoginAuthenticationToken to an OAuth2AuthenticationToken and
saves the OAuth2AuthorizedClientAn implementation of an
AuthenticationProvider for OAuth
2.0 Login, which leverages the OAuth 2.0 Authorization Code Grant Flow.Deprecated.
The latest OAuth 2.0 Security Best Current Practice disallows the use of
the Resource Owner Password Credentials grant.
An implementation of an
AbstractOAuth2AuthorizationGrantRequestEntityConverter
that converts the provided OAuth2PasswordGrantRequest to a
RequestEntity representation of an OAuth 2.0 Access Token Request for the
Resource Owner Password Credentials Grant.An OAuth 2.0 Refresh Token Grant request that holds the
refresh token credential granted to the client.An implementation of an
AbstractOAuth2AuthorizationGrantRequestEntityConverter
that converts the provided OAuth2RefreshTokenGrantRequest to a
RequestEntity representation of an OAuth 2.0 Access Token Request for the
Refresh Token Grant.Represents a request the
OAuth2UserService uses when initiating a request to
the UserInfo Endpoint.A
Converter that converts the provided OAuth2UserRequest to a
RequestEntity representation of a request for the UserInfo Endpoint.OAuth2UserService<R extends OAuth2UserRequest,U extends org.springframework.security.oauth2.core.user.OAuth2User>
Implementations of this interface are responsible for obtaining the user attributes of
the End-User (Resource Owner) from the UserInfo Endpoint using the
Access Token granted to the
Client and returning an
AuthenticatedPrincipal in the form of an OAuth2User.An implementation of an
AuthenticationProvider for the OpenID Connect Core 1.0
Authorization Code Grant Flow.An implementation of an
AuthenticationProvider for OAuth
2.0 Login, which leverages the OAuth 2.0 Authorization Code Grant Flow.A logout success handler for initiating OIDC logout through the user agent.
A reactive logout success handler for initiating OIDC logout through the user agent.
A
factory that provides a JwtDecoder used for
OidcIdToken signature verification.An
OAuth2TokenValidator responsible for validating the claims in an
ID Token.An implementation of an
ReactiveOAuth2UserService that supports OpenID Connect
1.0 Provider's.Represents a request the
OidcUserService uses when initiating a request to the
UserInfo Endpoint.An implementation of an
OAuth2UserService that supports OpenID Connect 1.0
Provider's.Deprecated.
The latest OAuth 2.0 Security Best Current Practice disallows the use of
the Resource Owner Password Credentials grant.
Deprecated.
The latest OAuth 2.0 Security Best Current Practice disallows the use of
the Resource Owner Password Credentials grant.
A R2DBC implementation of
ReactiveOAuth2AuthorizedClientService that uses a
DatabaseClient for OAuth2AuthorizedClient persistence.A holder for
OAuth2AuthorizedClient data and End-User
Authentication (Resource Owner).The default
Function that maps R2dbcReactiveOAuth2AuthorizedClientService.OAuth2AuthorizedClientHolder to a
Map of String and Parameter.The default
BiFunction that maps the current io.r2dbc.spi.Row to a
R2dbcReactiveOAuth2AuthorizedClientService.OAuth2AuthorizedClientHolder.A reactive repository for OAuth 2.0 / OpenID Connect 1.0
ClientRegistration(s).A reactive strategy for "exchanging" an authorization grant credential (e.g.
Handles when an OAuth 2.0 Client fails to authorize (or re-authorize) via the
authorization server or resource server.
Handles when an OAuth 2.0 Client has been successfully authorized (or re-authorized)
via the authorization server.
Implementations of this interface are responsible for the overall management of
Authorized Client(s).A strategy for authorizing (or re-authorizing) an OAuth 2.0 Client.
A builder that builds a
DelegatingReactiveOAuth2AuthorizedClientProvider
composed of one or more ReactiveOAuth2AuthorizedClientProvider(s) that
implement specific authorization grants.Implementations of this interface are responsible for the management of
Authorized Client(s), which provide the purpose of
associating an Access Token credential
to a Client and Resource Owner,
who is the Principal that originally
granted the authorization.ReactiveOAuth2UserService<R extends OAuth2UserRequest,U extends org.springframework.security.oauth2.core.user.OAuth2User>
Implementations of this interface are responsible for obtaining the user attributes of
the End-User (Resource Owner) from the UserInfo Endpoint using the
Access Token granted to the
Client and returning an
AuthenticatedPrincipal in the form of an OAuth2User.A
factory that provides a ReactiveJwtDecoder
used for OidcIdToken signature verification.An implementation of an
OAuth2AuthorizedClientProvider for the
refresh_token grant.An implementation of a
ReactiveOAuth2AuthorizedClientProvider for the
refresh_token grant.This annotation may be used to resolve a method parameter to an argument value of type
OAuth2AuthorizedClient.An
OAuth2AuthorizationFailureHandler that removes an
OAuth2AuthorizedClient when the OAuth2Error.getErrorCode() matches one
of the configured OAuth 2.0 error codes.Removes an
OAuth2AuthorizedClient from an
OAuth2AuthorizedClientRepository or OAuth2AuthorizedClientService.A
ReactiveOAuth2AuthorizationFailureHandler that removes an
OAuth2AuthorizedClient when the OAuth2Error.getErrorCode() matches one
of the configured OAuth 2.0 error codes.ServerAuthorizationRequestRepository<T extends org.springframework.security.oauth2.core.endpoint.OAuth2AuthorizationRequest>
Implementations of this interface are responsible for the persistence of
OAuth2AuthorizationRequest between requests.Converts from a
ServerWebExchange to an
OAuth2AuthorizationCodeAuthenticationToken that can be authenticated.Implementations of this interface are capable of resolving an
OAuth2AuthorizationRequest from the provided ServerWebExchange.Provides an easy mechanism for using an
OAuth2AuthorizedClient to make OAuth2
requests by including the token as a Bearer Token.Implementations of this interface are responsible for the persistence of
Authorized Client(s) between requests.Provides an easy mechanism for using an
OAuth2AuthorizedClient to make OAuth
2.0 requests by including the access
token as a bearer token.An implementation of a
ReactiveOAuth2AccessTokenResponseClient that
"exchanges" an authorization code credential for an access token credential
at the Authorization Server's Token Endpoint.An implementation of a
ReactiveOAuth2AccessTokenResponseClient that
"exchanges" a client credential for an access token credential at the
Authorization Server's Token Endpoint.The default implementation of an
ReactiveOAuth2AccessTokenResponseClient for
the jwt-bearer grant.Deprecated.
The latest OAuth 2.0 Security Best Current Practice disallows the use of
the Resource Owner Password Credentials grant.
An implementation of a
ReactiveOAuth2AccessTokenResponseClient for the
refresh_token grant.An implementation of an
ServerAuthorizationRequestRepository that stores
OAuth2AuthorizationRequest in the WebSession.An implementation of an
OAuth2AuthorizedClientRepository that stores
OAuth2AuthorizedClient's in the HttpSession.