Package org.springframework.security.oauth2.server.authorization.oidc.authentication

Class OidcClientRegistrationAuthenticationProvider

java.lang.Object
org.springframework.security.oauth2.server.authorization.oidc.authentication.OidcClientRegistrationAuthenticationProvider
All Implemented Interfaces:
org.springframework.security.authentication.AuthenticationProvider
public final class OidcClientRegistrationAuthenticationProvider extends Object implements org.springframework.security.authentication.AuthenticationProvider
An AuthenticationProvider implementation for OpenID Connect 1.0 Dynamic Client Registration Endpoint.
Since:
0.1.1
See Also:

  • Constructor Details

    • OidcClientRegistrationAuthenticationProvider

      public OidcClientRegistrationAuthenticationProvider(RegisteredClientRepository registeredClientRepository, OAuth2AuthorizationService authorizationService, OAuth2TokenGenerator<? extends org.springframework.security.oauth2.core.OAuth2Token> tokenGenerator)
      Constructs an OidcClientRegistrationAuthenticationProvider using the provided parameters.
      Parameters:
      registeredClientRepository - the repository of registered clients
      authorizationService - the authorization service
      tokenGenerator - the token generator
      Since:
      0.2.3

  • Method Details

    • authenticate

      public org.springframework.security.core.Authentication authenticate(org.springframework.security.core.Authentication authentication) throws org.springframework.security.core.AuthenticationException
      Specified by:
      authenticate in interface org.springframework.security.authentication.AuthenticationProvider
      Throws:
      org.springframework.security.core.AuthenticationException

    • supports

      public boolean supports(Class<?> authentication)
      Specified by:
      supports in interface org.springframework.security.authentication.AuthenticationProvider

    • setRegisteredClientConverter

      public void setRegisteredClientConverter(org.springframework.core.convert.converter.Converter<OidcClientRegistration,RegisteredClient> registeredClientConverter)
      Sets the Converter used for converting an OidcClientRegistration to a RegisteredClient.
      Parameters:
      registeredClientConverter - the Converter used for converting an OidcClientRegistration to a RegisteredClient
      Since:
      0.4.0

    • setClientRegistrationConverter

      public void setClientRegistrationConverter(org.springframework.core.convert.converter.Converter<RegisteredClient,OidcClientRegistration> clientRegistrationConverter)
      Sets the Converter used for converting a RegisteredClient to an OidcClientRegistration.
      Parameters:
      clientRegistrationConverter - the Converter used for converting a RegisteredClient to an OidcClientRegistration
      Since:
      1.2.0

    • setPasswordEncoder

      public void setPasswordEncoder(org.springframework.security.crypto.password.PasswordEncoder passwordEncoder)
      Sets the PasswordEncoder used to encode the client secret. If not set, the client secret will be encoded using PasswordEncoderFactories.createDelegatingPasswordEncoder().
      Parameters:
      passwordEncoder - the PasswordEncoder used to encode the client secret
      Since:
      1.1.0

    • setAuthenticationValidator

      public void setAuthenticationValidator(Consumer<OidcClientRegistrationAuthenticationContext> authenticationValidator)
      Sets the Consumer providing access to the OidcClientRegistrationAuthenticationContext and is responsible for validating specific OpenID Connect 1.0 Client Registration Request parameters associated in the OidcClientRegistrationAuthenticationToken. The default authentication validator is OidcClientRegistrationAuthenticationValidator.

      NOTE: The authentication validator MUST throw OAuth2AuthenticationException if validation fails.

      Parameters:
      authenticationValidator - the Consumer providing access to the OidcClientRegistrationAuthenticationContext and is responsible for validating specific OpenID Connect 1.0 Client Registration Request parameters
      Since:
      1.5.7