Class RestClientOpaqueTokenIntrospector

java.lang.Object

org.springframework.security.oauth2.server.resource.introspection.RestClientOpaqueTokenIntrospector

All Implemented Interfaces:

OpaqueTokenIntrospector

public final class RestClientOpaqueTokenIntrospector
extends Object
implements OpaqueTokenIntrospector

A Spring implementation of OpaqueTokenIntrospector that verifies and introspects a token using the configured OAuth 2.0 Introspection Endpoint, using RestClient for HTTP communication.

Since:

7.1

Nested Class Summary

Nested Classes

Modifier and Type	Class	Description
static final class	RestClientOpaqueTokenIntrospector.Builder	Used to build RestClientOpaqueTokenIntrospector.

Constructor Summary

Constructors

Constructor	Description
RestClientOpaqueTokenIntrospector(String introspectionUri, org.springframework.web.client.RestClient restClient)	Creates a OpaqueTokenAuthenticationProvider with the provided parameters The given RestClient should perform its own client authentication against the introspection endpoint.

Method Summary

Modifier and Type	Method	Description
org.springframework.security.oauth2.core.OAuth2AuthenticatedPrincipal	introspect(String token)	Introspect and verify the given token, returning its attributes.
void	setAuthenticationConverter(org.springframework.core.convert.converter.Converter<org.springframework.security.oauth2.core.OAuth2TokenIntrospectionClaimAccessor, ? extends org.springframework.security.oauth2.core.OAuth2AuthenticatedPrincipal> authenticationConverter)	Sets the Converter<OAuth2TokenIntrospectionClaimAccessor, OAuth2AuthenticatedPrincipal> to use.
static RestClientOpaqueTokenIntrospector.Builder	withIntrospectionUri(String introspectionUri)	Creates a RestClientOpaqueTokenIntrospector.Builder with the given introspection endpoint uri

Methods inherited from class Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Constructor Details

RestClientOpaqueTokenIntrospector

public RestClientOpaqueTokenIntrospector(String introspectionUri,
 org.springframework.web.client.RestClient restClient)

Creates a OpaqueTokenAuthenticationProvider with the provided parameters The given RestClient should perform its own client authentication against the introspection endpoint.

Parameters:

introspectionUri - The introspection endpoint uri

restClient - The client for performing the introspection request

Method Details

introspect

public org.springframework.security.oauth2.core.OAuth2AuthenticatedPrincipal introspect(String token)

Description copied from interface: OpaqueTokenIntrospector

Introspect and verify the given token, returning its attributes. Returning a OAuth2AuthenticatedPrincipal is indicative that the token is valid.

Specified by:

introspect in interface OpaqueTokenIntrospector

Parameters:

token - the token to introspect

Returns:

the token's attributes

setAuthenticationConverter

public void setAuthenticationConverter(org.springframework.core.convert.converter.Converter<org.springframework.security.oauth2.core.OAuth2TokenIntrospectionClaimAccessor, ? extends org.springframework.security.oauth2.core.OAuth2AuthenticatedPrincipal> authenticationConverter)

Sets the Converter<OAuth2TokenIntrospectionClaimAccessor, OAuth2AuthenticatedPrincipal> to use. Defaults to defaultAuthenticationConverter(OAuth2TokenIntrospectionClaimAccessor).

Use if you need a custom mapping of OAuth 2.0 token claims to the authenticated principal.

Parameters:

authenticationConverter - the converter

withIntrospectionUri

public static RestClientOpaqueTokenIntrospector.Builder withIntrospectionUri(String introspectionUri)

Creates a RestClientOpaqueTokenIntrospector.Builder with the given introspection endpoint uri

Parameters:

introspectionUri - The introspection endpoint uri

Returns:

the RestClientOpaqueTokenIntrospector.Builder