Package no.nav.security.token.support.client.spring.oauth2

Class OAuth2ClientRequestInterceptor

  • All Implemented Interfaces:
    org.springframework.http.client.ClientHttpRequestInterceptor 
    
public final class OAuth2ClientRequestInterceptor
 implements ClientHttpRequestInterceptor

    Interceptor that exchanges a token using the OAuth2AccessTokenService and sets the Authorization header to this new token, where the aud claim is set to the destination app. The configuration fo this app is retrieved through a configurable matcher implementing ClientConfigurationPropertiesMatcher. If no configuration is found, the interceptor is NOOP. The same applies if there is no Authorization header present, as there will be nothing to exchange in that case. This again means that the interceptor can be safely registered on clients used for unauthenticated calls, such as pings/healthchecks. This intercptor must be registered by the applications themselves, there is no automatic bean registration.

    • Nested Class Summary

      Nested Classes 
      Modifier and Type Class Description

    • Field Summary

      Fields 
      Modifier and Type Field Description

    • Enum Constant Summary

      Enum Constants 
      Enum Constant Description

    • Method Summary

      Modifier and Type Method Description
      ClientHttpResponse intercept(HttpRequest req, ByteArray body, ClientHttpRequestExecution execution)
      String toString()

      • Methods inherited from class java.lang.Object

        clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait