Package org.springframework.security.oauth2.server.authorization.authentication

Class OAuth2AccessTokenAuthenticationToken

java.lang.Object
org.springframework.security.authentication.AbstractAuthenticationToken
org.springframework.security.oauth2.server.authorization.authentication.OAuth2AccessTokenAuthenticationToken
All Implemented Interfaces:
Serializable, Principal, Authentication, CredentialsContainer
public class OAuth2AccessTokenAuthenticationToken extends AbstractAuthenticationToken
An Authentication implementation used when issuing an OAuth 2.0 Access Token and (optional) Refresh Token.
Since:
7.0
See Also:

  • Constructor Details

    • OAuth2AccessTokenAuthenticationToken

      public OAuth2AccessTokenAuthenticationToken(RegisteredClient registeredClient, Authentication clientPrincipal, OAuth2AccessToken accessToken)
      Constructs an OAuth2AccessTokenAuthenticationToken using the provided parameters.
      Parameters:
      registeredClient - the registered client
      clientPrincipal - the authenticated client principal
      accessToken - the access token

    • OAuth2AccessTokenAuthenticationToken

      public OAuth2AccessTokenAuthenticationToken(RegisteredClient registeredClient, Authentication clientPrincipal, OAuth2AccessToken accessToken, @Nullable OAuth2RefreshToken refreshToken)
      Constructs an OAuth2AccessTokenAuthenticationToken using the provided parameters.
      Parameters:
      registeredClient - the registered client
      clientPrincipal - the authenticated client principal
      accessToken - the access token
      refreshToken - the refresh token

    • OAuth2AccessTokenAuthenticationToken

      public OAuth2AccessTokenAuthenticationToken(RegisteredClient registeredClient, Authentication clientPrincipal, OAuth2AccessToken accessToken, @Nullable OAuth2RefreshToken refreshToken, Map<String,Object> additionalParameters)
      Constructs an OAuth2AccessTokenAuthenticationToken using the provided parameters.
      Parameters:
      registeredClient - the registered client
      clientPrincipal - the authenticated client principal
      accessToken - the access token
      refreshToken - the refresh token
      additionalParameters - the additional parameters

  • Method Details

    • getPrincipal

      public Object getPrincipal()
      Description copied from interface: Authentication
      The identity of the principal being authenticated. In the case of an authentication request with username and password, this would be the username. Callers are expected to populate the principal for an authentication request.

      The AuthenticationManager implementation will often return an Authentication containing richer information as the principal for use by the application. Many of the authentication providers will create a UserDetails object as the principal.

      Returns:
      the Principal being authenticated or the authenticated principal after authentication.

    • getCredentials

      public Object getCredentials()
      Description copied from interface: Authentication
      The credentials that prove the principal is correct. This is usually a password, but could be anything relevant to the AuthenticationManager. Callers are expected to populate the credentials.
      Returns:
      the credentials that prove the identity of the Principal

    • getRegisteredClient

      public RegisteredClient getRegisteredClient()
      Returns the registered client.
      Returns:
      the RegisteredClient

    • getAccessToken

      public OAuth2AccessToken getAccessToken()
      Returns the access token.
      Returns:
      the OAuth2AccessToken

    • getRefreshToken

      @Nullable public OAuth2RefreshToken getRefreshToken()
      Returns the refresh token.
      Returns:
      the OAuth2RefreshToken or null if not available

    • getAdditionalParameters

      public Map<String,Object> getAdditionalParameters()
      Returns the additional parameters.
      Returns:
      a Map of the additional parameters, may be empty