Package org.springframework.security.config.annotation.web.configurers.oauth2.server.authorization

Class OAuth2AuthorizationServerConfigurer

java.lang.Object

org.springframework.security.config.annotation.SecurityConfigurerAdapter<DefaultSecurityFilterChain,B>

org.springframework.security.config.annotation.web.configurers.AbstractHttpConfigurer<OAuth2AuthorizationServerConfigurer,HttpSecurity>

org.springframework.security.config.annotation.web.configurers.oauth2.server.authorization.OAuth2AuthorizationServerConfigurer

All Implemented Interfaces:

SecurityConfigurer<DefaultSecurityFilterChain,HttpSecurity>

public final class OAuth2AuthorizationServerConfigurer
extends AbstractHttpConfigurer<OAuth2AuthorizationServerConfigurer,HttpSecurity>

An AbstractHttpConfigurer for OAuth 2.1 Authorization Server support.

Since:

7.0

See Also:

• AbstractHttpConfigurer
• OAuth2ClientAuthenticationConfigurer
• OAuth2AuthorizationServerMetadataEndpointConfigurer
• OAuth2AuthorizationEndpointConfigurer
• OAuth2PushedAuthorizationRequestEndpointConfigurer
• OAuth2TokenEndpointConfigurer
• OAuth2TokenIntrospectionEndpointConfigurer
• OAuth2TokenRevocationEndpointConfigurer
• OAuth2DeviceAuthorizationEndpointConfigurer
• OAuth2DeviceVerificationEndpointConfigurer
• OidcConfigurer
• RegisteredClientRepository
• OAuth2AuthorizationService
• OAuth2AuthorizationConsentService
• NimbusJwkSetEndpointFilter

Constructor Summary

Constructors

Constructor	Description
OAuth2AuthorizationServerConfigurer()

Method Summary

Modifier and Type	Method	Description
OAuth2AuthorizationServerConfigurer	authorizationConsentService(OAuth2AuthorizationConsentService authorizationConsentService)	Sets the authorization consent service.
OAuth2AuthorizationServerConfigurer	authorizationEndpoint(Customizer<OAuth2AuthorizationEndpointConfigurer> authorizationEndpointCustomizer)	Configures the OAuth 2.0 Authorization Endpoint.
OAuth2AuthorizationServerConfigurer	authorizationServerMetadataEndpoint(Customizer<OAuth2AuthorizationServerMetadataEndpointConfigurer> authorizationServerMetadataEndpointCustomizer)	Configures the OAuth 2.0 Authorization Server Metadata Endpoint.
OAuth2AuthorizationServerConfigurer	authorizationServerSettings(AuthorizationServerSettings authorizationServerSettings)	Sets the authorization server settings.
OAuth2AuthorizationServerConfigurer	authorizationService(OAuth2AuthorizationService authorizationService)	Sets the authorization service.
OAuth2AuthorizationServerConfigurer	clientAuthentication(Customizer<OAuth2ClientAuthenticationConfigurer> clientAuthenticationCustomizer)	Configures OAuth 2.0 Client Authentication.
void	configure(HttpSecurity httpSecurity)	Configure the SecurityBuilder by setting the necessary properties on the SecurityBuilder.
OAuth2AuthorizationServerConfigurer	deviceAuthorizationEndpoint(Customizer<OAuth2DeviceAuthorizationEndpointConfigurer> deviceAuthorizationEndpointCustomizer)	Configures the OAuth 2.0 Device Authorization Endpoint.
OAuth2AuthorizationServerConfigurer	deviceVerificationEndpoint(Customizer<OAuth2DeviceVerificationEndpointConfigurer> deviceVerificationEndpointCustomizer)	Configures the OAuth 2.0 Device Verification Endpoint.
RequestMatcher	getEndpointsMatcher()	Returns a RequestMatcher for the authorization server endpoints.
void	init(HttpSecurity httpSecurity)	Initialize the SecurityBuilder.
OAuth2AuthorizationServerConfigurer	oidc(Customizer<OidcConfigurer> oidcCustomizer)	Configures OpenID Connect 1.0 support (disabled by default).
OAuth2AuthorizationServerConfigurer	pushedAuthorizationRequestEndpoint(Customizer<OAuth2PushedAuthorizationRequestEndpointConfigurer> pushedAuthorizationRequestEndpointCustomizer)	Configures the OAuth 2.0 Pushed Authorization Request Endpoint.
OAuth2AuthorizationServerConfigurer	registeredClientRepository(RegisteredClientRepository registeredClientRepository)	Sets the repository of registered clients.
OAuth2AuthorizationServerConfigurer	tokenEndpoint(Customizer<OAuth2TokenEndpointConfigurer> tokenEndpointCustomizer)	Configures the OAuth 2.0 Token Endpoint.
OAuth2AuthorizationServerConfigurer	tokenGenerator(OAuth2TokenGenerator<? extends OAuth2Token> tokenGenerator)	Sets the token generator.
OAuth2AuthorizationServerConfigurer	tokenIntrospectionEndpoint(Customizer<OAuth2TokenIntrospectionEndpointConfigurer> tokenIntrospectionEndpointCustomizer)	Configures the OAuth 2.0 Token Introspection Endpoint.
OAuth2AuthorizationServerConfigurer	tokenRevocationEndpoint(Customizer<OAuth2TokenRevocationEndpointConfigurer> tokenRevocationEndpointCustomizer)	Configures the OAuth 2.0 Token Revocation Endpoint.

Methods inherited from class org.springframework.security.config.annotation.web.configurers.AbstractHttpConfigurer

disable, getRequestMatcherBuilder, getSecurityContextHolderStrategy, withObjectPostProcessor

Methods inherited from class org.springframework.security.config.annotation.SecurityConfigurerAdapter

addObjectPostProcessor, getBuilder, postProcess, setBuilder

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Constructor Details

OAuth2AuthorizationServerConfigurer

public OAuth2AuthorizationServerConfigurer()

Method Details

registeredClientRepository

public OAuth2AuthorizationServerConfigurer registeredClientRepository(RegisteredClientRepository registeredClientRepository)

Sets the repository of registered clients.

Parameters:

registeredClientRepository - the repository of registered clients

Returns:

the OAuth2AuthorizationServerConfigurer for further configuration

authorizationService

public OAuth2AuthorizationServerConfigurer authorizationService(OAuth2AuthorizationService authorizationService)

Sets the authorization service.

Parameters:

authorizationService - the authorization service

Returns:

the OAuth2AuthorizationServerConfigurer for further configuration

authorizationConsentService

public OAuth2AuthorizationServerConfigurer authorizationConsentService(OAuth2AuthorizationConsentService authorizationConsentService)

Sets the authorization consent service.

Parameters:

authorizationConsentService - the authorization consent service

Returns:

the OAuth2AuthorizationServerConfigurer for further configuration

authorizationServerSettings

public OAuth2AuthorizationServerConfigurer authorizationServerSettings(AuthorizationServerSettings authorizationServerSettings)

Sets the authorization server settings.

Parameters:

authorizationServerSettings - the authorization server settings

Returns:

the OAuth2AuthorizationServerConfigurer for further configuration

tokenGenerator

public OAuth2AuthorizationServerConfigurer tokenGenerator(OAuth2TokenGenerator<? extends OAuth2Token> tokenGenerator)

Sets the token generator.

Parameters:

tokenGenerator - the token generator

Returns:

the OAuth2AuthorizationServerConfigurer for further configuration

clientAuthentication

public OAuth2AuthorizationServerConfigurer clientAuthentication(Customizer<OAuth2ClientAuthenticationConfigurer> clientAuthenticationCustomizer)

Configures OAuth 2.0 Client Authentication.

Parameters:

clientAuthenticationCustomizer - the Customizer providing access to the OAuth2ClientAuthenticationConfigurer

Returns:

the OAuth2AuthorizationServerConfigurer for further configuration

authorizationServerMetadataEndpoint

public OAuth2AuthorizationServerConfigurer authorizationServerMetadataEndpoint(Customizer<OAuth2AuthorizationServerMetadataEndpointConfigurer> authorizationServerMetadataEndpointCustomizer)

Configures the OAuth 2.0 Authorization Server Metadata Endpoint.

Parameters:

authorizationServerMetadataEndpointCustomizer - the Customizer providing access to the OAuth2AuthorizationServerMetadataEndpointConfigurer

Returns:

the OAuth2AuthorizationServerConfigurer for further configuration

authorizationEndpoint

public OAuth2AuthorizationServerConfigurer authorizationEndpoint(Customizer<OAuth2AuthorizationEndpointConfigurer> authorizationEndpointCustomizer)

Configures the OAuth 2.0 Authorization Endpoint.

Parameters:

authorizationEndpointCustomizer - the Customizer providing access to the OAuth2AuthorizationEndpointConfigurer

Returns:

the OAuth2AuthorizationServerConfigurer for further configuration

pushedAuthorizationRequestEndpoint

public OAuth2AuthorizationServerConfigurer pushedAuthorizationRequestEndpoint(Customizer<OAuth2PushedAuthorizationRequestEndpointConfigurer> pushedAuthorizationRequestEndpointCustomizer)

Configures the OAuth 2.0 Pushed Authorization Request Endpoint.

Parameters:

pushedAuthorizationRequestEndpointCustomizer - the Customizer providing access to the OAuth2PushedAuthorizationRequestEndpointConfigurer

Returns:

the OAuth2AuthorizationServerConfigurer for further configuration

tokenEndpoint

public OAuth2AuthorizationServerConfigurer tokenEndpoint(Customizer<OAuth2TokenEndpointConfigurer> tokenEndpointCustomizer)

Configures the OAuth 2.0 Token Endpoint.

Parameters:

tokenEndpointCustomizer - the Customizer providing access to the OAuth2TokenEndpointConfigurer

Returns:

the OAuth2AuthorizationServerConfigurer for further configuration

tokenIntrospectionEndpoint

public OAuth2AuthorizationServerConfigurer tokenIntrospectionEndpoint(Customizer<OAuth2TokenIntrospectionEndpointConfigurer> tokenIntrospectionEndpointCustomizer)

Configures the OAuth 2.0 Token Introspection Endpoint.

Parameters:

tokenIntrospectionEndpointCustomizer - the Customizer providing access to the OAuth2TokenIntrospectionEndpointConfigurer

Returns:

the OAuth2AuthorizationServerConfigurer for further configuration

tokenRevocationEndpoint

public OAuth2AuthorizationServerConfigurer tokenRevocationEndpoint(Customizer<OAuth2TokenRevocationEndpointConfigurer> tokenRevocationEndpointCustomizer)

Configures the OAuth 2.0 Token Revocation Endpoint.

Parameters:

tokenRevocationEndpointCustomizer - the Customizer providing access to the OAuth2TokenRevocationEndpointConfigurer

Returns:

the OAuth2AuthorizationServerConfigurer for further configuration

deviceAuthorizationEndpoint

public OAuth2AuthorizationServerConfigurer deviceAuthorizationEndpoint(Customizer<OAuth2DeviceAuthorizationEndpointConfigurer> deviceAuthorizationEndpointCustomizer)

Configures the OAuth 2.0 Device Authorization Endpoint.

Parameters:

deviceAuthorizationEndpointCustomizer - the Customizer providing access to the OAuth2DeviceAuthorizationEndpointConfigurer

Returns:

the OAuth2AuthorizationServerConfigurer for further configuration

deviceVerificationEndpoint

public OAuth2AuthorizationServerConfigurer deviceVerificationEndpoint(Customizer<OAuth2DeviceVerificationEndpointConfigurer> deviceVerificationEndpointCustomizer)

Configures the OAuth 2.0 Device Verification Endpoint.

Parameters:

deviceVerificationEndpointCustomizer - the Customizer providing access to the OAuth2DeviceVerificationEndpointConfigurer

Returns:

the OAuth2AuthorizationServerConfigurer for further configuration

oidc

public OAuth2AuthorizationServerConfigurer oidc(Customizer<OidcConfigurer> oidcCustomizer)

Configures OpenID Connect 1.0 support (disabled by default).

Parameters:

oidcCustomizer - the Customizer providing access to the OidcConfigurer

Returns:

the OAuth2AuthorizationServerConfigurer for further configuration

getEndpointsMatcher

public RequestMatcher getEndpointsMatcher()

Returns a RequestMatcher for the authorization server endpoints.

Returns:

a RequestMatcher for the authorization server endpoints

init

public void init(HttpSecurity httpSecurity)
          throws Exception

Description copied from interface: SecurityConfigurer

Initialize the SecurityBuilder. Here only shared state should be created and modified, but not properties on the SecurityBuilder used for building the object. This ensures that the SecurityConfigurer.configure(SecurityBuilder) method uses the correct shared objects when building. Configurers should be applied here.

Specified by:

init in interface SecurityConfigurer<DefaultSecurityFilterChain,HttpSecurity>

Overrides:

init in class SecurityConfigurerAdapter<DefaultSecurityFilterChain,HttpSecurity>

Throws:

Exception

configure

public void configure(HttpSecurity httpSecurity)

Description copied from interface: SecurityConfigurer

Configure the SecurityBuilder by setting the necessary properties on the SecurityBuilder.

Specified by:

configure in interface SecurityConfigurer<DefaultSecurityFilterChain,HttpSecurity>

Overrides:

configure in class SecurityConfigurerAdapter<DefaultSecurityFilterChain,HttpSecurity>