Class OidcUserInfoAuthenticationProvider
java.lang.Object
org.springframework.security.oauth2.server.authorization.oidc.authentication.OidcUserInfoAuthenticationProvider
- All Implemented Interfaces:
AuthenticationProvider
public final class OidcUserInfoAuthenticationProvider
extends Object
implements AuthenticationProvider
An
AuthenticationProvider implementation for OpenID Connect 1.0 UserInfo
Endpoint.- Since:
- 7.0
- See Also:
-
Constructor Summary
ConstructorsConstructorDescriptionOidcUserInfoAuthenticationProvider(OAuth2AuthorizationService authorizationService) Constructs anOidcUserInfoAuthenticationProviderusing the provided parameters. -
Method Summary
Modifier and TypeMethodDescriptionauthenticate(Authentication authentication) Performs authentication with the same contract asAuthenticationManager.authenticate(Authentication).voidsetUserInfoMapper(Function<OidcUserInfoAuthenticationContext, OidcUserInfo> userInfoMapper) Sets theFunctionused to extract claims fromOidcUserInfoAuthenticationContextto an instance ofOidcUserInfofor the UserInfo response.booleanReturnstrueif thisAuthenticationProvidersupports the indicatedAuthenticationobject.
-
Constructor Details
-
OidcUserInfoAuthenticationProvider
Constructs anOidcUserInfoAuthenticationProviderusing the provided parameters.- Parameters:
authorizationService- the authorization service
-
-
Method Details
-
authenticate
Description copied from interface:AuthenticationProviderPerforms authentication with the same contract asAuthenticationManager.authenticate(Authentication).- Specified by:
authenticatein interfaceAuthenticationProvider- Parameters:
authentication- the authentication request object.- Returns:
- a fully authenticated object including credentials. May return
nullif theAuthenticationProvideris unable to support authentication of the passedAuthenticationobject. In such a case, the nextAuthenticationProviderthat supports the presentedAuthenticationclass will be tried. - Throws:
AuthenticationException- if authentication fails.
-
supports
Description copied from interface:AuthenticationProviderReturnstrueif thisAuthenticationProvidersupports the indicatedAuthenticationobject.Returning
truedoes not guarantee anAuthenticationProviderwill be able to authenticate the presentedAuthenticationobject. It simply indicates it can support closer evaluation of it. AnAuthenticationProvidercan still returnnullfrom theAuthenticationProvider.authenticate(Authentication)method to indicate anotherAuthenticationProvidershould be tried.Selection of an
AuthenticationProvidercapable of performing authentication is conducted at runtime by theProviderManager.- Specified by:
supportsin interfaceAuthenticationProvider- Returns:
trueif the implementation can more closely evaluate theAuthenticationclass presented
-
setUserInfoMapper
public void setUserInfoMapper(Function<OidcUserInfoAuthenticationContext, OidcUserInfo> userInfoMapper) Sets theFunctionused to extract claims fromOidcUserInfoAuthenticationContextto an instance ofOidcUserInfofor the UserInfo response.The
OidcUserInfoAuthenticationContextgives the mapper access to theOidcUserInfoAuthenticationToken, as well as, the following context attributes:OidcUserInfoAuthenticationContext.getAccessToken()containing the bearer token used to make the request.OidcUserInfoAuthenticationContext.getAuthorization()containing theOidcIdTokenandOAuth2AccessTokenassociated with the bearer token used to make the request.
- Parameters:
userInfoMapper- theFunctionused to extract claims fromOidcUserInfoAuthenticationContextto an instance ofOidcUserInfo
-