Package org.springframework.security.oauth2.server.authorization.oidc.authentication

Class OidcLogoutAuthenticationToken

java.lang.Object
org.springframework.security.authentication.AbstractAuthenticationToken
org.springframework.security.oauth2.server.authorization.oidc.authentication.OidcLogoutAuthenticationToken
All Implemented Interfaces:
Serializable, Principal, Authentication, CredentialsContainer
public class OidcLogoutAuthenticationToken extends AbstractAuthenticationToken
An Authentication implementation used for OpenID Connect 1.0 RP-Initiated Logout Endpoint.
Since:
7.0
See Also:

  • Constructor Details

    • OidcLogoutAuthenticationToken

      public OidcLogoutAuthenticationToken(String idTokenHint, Authentication principal, @Nullable String sessionId, @Nullable String clientId, @Nullable String postLogoutRedirectUri, @Nullable String state)
      Constructs an OidcLogoutAuthenticationToken using the provided parameters.
      Parameters:
      idTokenHint - the ID Token previously issued by the Provider to the Client and used as a hint about the End-User's current authenticated session with the Client
      principal - the authenticated principal representing the End-User
      sessionId - the End-User's current authenticated session identifier with the Provider
      clientId - the client identifier the ID Token was issued to
      postLogoutRedirectUri - the URI which the Client is requesting that the End-User's User Agent be redirected to after a logout has been performed
      state - the opaque value used by the Client to maintain state between the logout request and the callback to the postLogoutRedirectUri

    • OidcLogoutAuthenticationToken

      public OidcLogoutAuthenticationToken(OidcIdToken idToken, Authentication principal, @Nullable String sessionId, @Nullable String clientId, @Nullable String postLogoutRedirectUri, @Nullable String state)
      Constructs an OidcLogoutAuthenticationToken using the provided parameters.
      Parameters:
      idToken - the ID Token previously issued by the Provider to the Client
      principal - the authenticated principal representing the End-User
      sessionId - the End-User's current authenticated session identifier with the Provider
      clientId - the client identifier the ID Token was issued to
      postLogoutRedirectUri - the URI which the Client is requesting that the End-User's User Agent be redirected to after a logout has been performed
      state - the opaque value used by the Client to maintain state between the logout request and the callback to the postLogoutRedirectUri

  • Method Details

    • getPrincipal

      public Object getPrincipal()
      Returns the authenticated principal representing the End-User.
      Returns:
      the authenticated principal representing the End-User

    • isPrincipalAuthenticated

      public boolean isPrincipalAuthenticated()
      Returns true if getPrincipal() is authenticated, false otherwise.
      Returns:
      true if getPrincipal() is authenticated, false otherwise

    • getCredentials

      public Object getCredentials()
      Description copied from interface: Authentication
      The credentials that prove the principal is correct. This is usually a password, but could be anything relevant to the AuthenticationManager. Callers are expected to populate the credentials.
      Returns:
      the credentials that prove the identity of the Principal

    • getIdTokenHint

      public String getIdTokenHint()
      Returns the ID Token previously issued by the Provider to the Client and used as a hint about the End-User's current authenticated session with the Client.
      Returns:
      the ID Token previously issued by the Provider to the Client

    • getIdToken

      @Nullable public OidcIdToken getIdToken()
      Returns the ID Token previously issued by the Provider to the Client.
      Returns:
      the ID Token previously issued by the Provider to the Client

    • getSessionId

      @Nullable public String getSessionId()
      Returns the End-User's current authenticated session identifier with the Provider.
      Returns:
      the End-User's current authenticated session identifier with the Provider

    • getClientId

      @Nullable public String getClientId()
      Returns the client identifier the ID Token was issued to.
      Returns:
      the client identifier

    • getPostLogoutRedirectUri

      @Nullable public String getPostLogoutRedirectUri()
      Returns the URI which the Client is requesting that the End-User's User Agent be redirected to after a logout has been performed.
      Returns:
      the URI which the Client is requesting that the End-User's User Agent be redirected to after a logout has been performed

    • getState

      @Nullable public String getState()
      Returns the opaque value used by the Client to maintain state between the logout request and the callback to the getPostLogoutRedirectUri().
      Returns:
      the opaque value used by the Client to maintain state between the logout request and the callback to the getPostLogoutRedirectUri()