Package org.springframework.security.oauth2.server.authorization.authentication

Class OAuth2ClientRegistrationAuthenticationProvider

java.lang.Object

org.springframework.security.oauth2.server.authorization.authentication.OAuth2ClientRegistrationAuthenticationProvider

All Implemented Interfaces:

org.springframework.security.authentication.AuthenticationProvider

public final class OAuth2ClientRegistrationAuthenticationProvider
extends Object
implements org.springframework.security.authentication.AuthenticationProvider

An AuthenticationProvider implementation for the OAuth 2.0 Dynamic Client Registration Endpoint.

Since:

7.0

See Also:

• RegisteredClientRepository
• OAuth2AuthorizationService
• OAuth2ClientRegistrationAuthenticationToken
• PasswordEncoder
• 3. Client Registration Endpoint

Constructor Summary

Constructors

Constructor	Description
OAuth2ClientRegistrationAuthenticationProvider(RegisteredClientRepository registeredClientRepository, OAuth2AuthorizationService authorizationService)	Constructs an OAuth2ClientRegistrationAuthenticationProvider using the provided parameters.

Method Summary

Modifier and Type	Method	Description
org.springframework.security.core.Authentication	authenticate(org.springframework.security.core.Authentication authentication)
void	setAuthenticationValidator(Consumer<OAuth2ClientRegistrationAuthenticationContext> authenticationValidator)	Sets the Consumer providing access to the OAuth2ClientRegistrationAuthenticationContext and is responsible for validating specific OAuth 2.0 Client Registration Request parameters associated in the OAuth2ClientRegistrationAuthenticationToken.
void	setClientRegistrationConverter(org.springframework.core.convert.converter.Converter<RegisteredClient,OAuth2ClientRegistration> clientRegistrationConverter)	Sets the Converter used for converting a RegisteredClient to an OAuth2ClientRegistration.
void	setOpenRegistrationAllowed(boolean openRegistrationAllowed)	Set to true if open client registration (with no initial access token) is allowed.
void	setPasswordEncoder(org.springframework.security.crypto.password.PasswordEncoder passwordEncoder)	Sets the PasswordEncoder used to encode the client secret.
void	setRegisteredClientConverter(org.springframework.core.convert.converter.Converter<OAuth2ClientRegistration,RegisteredClient> registeredClientConverter)	Sets the Converter used for converting an OAuth2ClientRegistration to a RegisteredClient.
boolean	supports(Class<?> authentication)

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Constructor Details

OAuth2ClientRegistrationAuthenticationProvider

public OAuth2ClientRegistrationAuthenticationProvider(RegisteredClientRepository registeredClientRepository,
 OAuth2AuthorizationService authorizationService)

Constructs an OAuth2ClientRegistrationAuthenticationProvider using the provided parameters.

Parameters:

registeredClientRepository - the repository of registered clients

Method Details

authenticate

public org.springframework.security.core.Authentication authenticate(org.springframework.security.core.Authentication authentication)
                                                              throws org.springframework.security.core.AuthenticationException

Specified by:

authenticate in interface org.springframework.security.authentication.AuthenticationProvider

Throws:

org.springframework.security.core.AuthenticationException

supports

public boolean supports(Class<?> authentication)

Specified by:

supports in interface org.springframework.security.authentication.AuthenticationProvider

setRegisteredClientConverter

public void setRegisteredClientConverter(org.springframework.core.convert.converter.Converter<OAuth2ClientRegistration,RegisteredClient> registeredClientConverter)

Sets the Converter used for converting an OAuth2ClientRegistration to a RegisteredClient.

Parameters:

registeredClientConverter - the Converter used for converting an OAuth2ClientRegistration to a RegisteredClient

setClientRegistrationConverter

public void setClientRegistrationConverter(org.springframework.core.convert.converter.Converter<RegisteredClient,OAuth2ClientRegistration> clientRegistrationConverter)

Sets the Converter used for converting a RegisteredClient to an OAuth2ClientRegistration.

Parameters:

clientRegistrationConverter - the Converter used for converting a RegisteredClient to an OAuth2ClientRegistration

setPasswordEncoder

public void setPasswordEncoder(org.springframework.security.crypto.password.PasswordEncoder passwordEncoder)

Sets the PasswordEncoder used to encode the client secret. If not set, the client secret will be encoded using PasswordEncoderFactories.createDelegatingPasswordEncoder().

Parameters:

passwordEncoder - the PasswordEncoder used to encode the client secret

setOpenRegistrationAllowed

public void setOpenRegistrationAllowed(boolean openRegistrationAllowed)

Set to true if open client registration (with no initial access token) is allowed. The default is false.

Parameters:

openRegistrationAllowed - true if open client registration is allowed, false otherwise

setAuthenticationValidator

public void setAuthenticationValidator(Consumer<OAuth2ClientRegistrationAuthenticationContext> authenticationValidator)

Sets the Consumer providing access to the OAuth2ClientRegistrationAuthenticationContext and is responsible for validating specific OAuth 2.0 Client Registration Request parameters associated in the OAuth2ClientRegistrationAuthenticationToken. The default authentication validator is OAuth2ClientRegistrationAuthenticationValidator.

NOTE: The authentication validator MUST throw OAuth2AuthenticationException if validation fails.

Parameters:

authenticationValidator - the Consumer providing access to the OAuth2ClientRegistrationAuthenticationContext and is responsible for validating specific OAuth 2.0 Client Registration Request parameters

Since:

7.0.5