Class OidcLogoutAuthenticationProvider
java.lang.Object
org.springframework.security.oauth2.server.authorization.oidc.authentication.OidcLogoutAuthenticationProvider
- All Implemented Interfaces:
AuthenticationProvider
public final class OidcLogoutAuthenticationProvider
extends Object
implements AuthenticationProvider
An
AuthenticationProvider implementation for OpenID Connect 1.0 RP-Initiated
Logout Endpoint.- Since:
- 7.0
- See Also:
-
Constructor Summary
ConstructorsConstructorDescriptionOidcLogoutAuthenticationProvider(RegisteredClientRepository registeredClientRepository, OAuth2AuthorizationService authorizationService, SessionRegistry sessionRegistry) Constructs anOidcLogoutAuthenticationProviderusing the provided parameters. -
Method Summary
Modifier and TypeMethodDescriptionauthenticate(Authentication authentication) Performs authentication with the same contract asAuthenticationManager.authenticate(Authentication).voidsetAuthenticationValidator(Consumer<OidcLogoutAuthenticationContext> authenticationValidator) Sets theConsumerproviding access to theOidcLogoutAuthenticationContextand is responsible for validating specific OpenID Connect RP-Initiated Logout Request parameters associated in theOidcLogoutAuthenticationToken.booleanReturnstrueif thisAuthenticationProvidersupports the indicatedAuthenticationobject.
-
Constructor Details
-
OidcLogoutAuthenticationProvider
public OidcLogoutAuthenticationProvider(RegisteredClientRepository registeredClientRepository, OAuth2AuthorizationService authorizationService, SessionRegistry sessionRegistry) Constructs anOidcLogoutAuthenticationProviderusing the provided parameters.- Parameters:
registeredClientRepository- the repository of registered clientsauthorizationService- the authorization servicesessionRegistry- theSessionRegistryused to track OpenID Connect sessions
-
-
Method Details
-
authenticate
Description copied from interface:AuthenticationProviderPerforms authentication with the same contract asAuthenticationManager.authenticate(Authentication).- Specified by:
authenticatein interfaceAuthenticationProvider- Parameters:
authentication- the authentication request object.- Returns:
- a fully authenticated object including credentials. May return
nullif theAuthenticationProvideris unable to support authentication of the passedAuthenticationobject. In such a case, the nextAuthenticationProviderthat supports the presentedAuthenticationclass will be tried. - Throws:
AuthenticationException- if authentication fails.
-
supports
Description copied from interface:AuthenticationProviderReturnstrueif thisAuthenticationProvidersupports the indicatedAuthenticationobject.Returning
truedoes not guarantee anAuthenticationProviderwill be able to authenticate the presentedAuthenticationobject. It simply indicates it can support closer evaluation of it. AnAuthenticationProvidercan still returnnullfrom theAuthenticationProvider.authenticate(Authentication)method to indicate anotherAuthenticationProvidershould be tried.Selection of an
AuthenticationProvidercapable of performing authentication is conducted at runtime theProviderManager.- Specified by:
supportsin interfaceAuthenticationProvider- Returns:
trueif the implementation can more closely evaluate theAuthenticationclass presented
-
setAuthenticationValidator
public void setAuthenticationValidator(Consumer<OidcLogoutAuthenticationContext> authenticationValidator) Sets theConsumerproviding access to theOidcLogoutAuthenticationContextand is responsible for validating specific OpenID Connect RP-Initiated Logout Request parameters associated in theOidcLogoutAuthenticationToken. The default authentication validator isOidcLogoutAuthenticationValidator.NOTE: The authentication validator MUST throw
OAuth2AuthenticationExceptionif validation fails.- Parameters:
authenticationValidator- theConsumerproviding access to theOidcLogoutAuthenticationContextand is responsible for validating specific OpenID Connect RP-Initiated Logout Request parameters
-