top.dcenter.ums.security.core.oauth.filter.redirect

类 Auth2DefaultRequestRedirectFilter

java.lang.Object

org.springframework.web.filter.GenericFilterBean

org.springframework.web.filter.OncePerRequestFilter

top.dcenter.ums.security.core.oauth.filter.redirect.Auth2DefaultRequestRedirectFilter

所有已实现的接口:

javax.servlet.Filter, org.springframework.beans.factory.Aware, org.springframework.beans.factory.BeanNameAware, org.springframework.beans.factory.DisposableBean, org.springframework.beans.factory.InitializingBean, org.springframework.context.EnvironmentAware, org.springframework.core.env.EnvironmentCapable, org.springframework.web.context.ServletContextAware

public class Auth2DefaultRequestRedirectFilter
extends org.springframework.web.filter.OncePerRequestFilter

This Filter initiates the authorization code grant or implicit grant flow by redirecting the End-User's user-agent to the Authorization Server's Authorization Endpoint.

It builds the OAuth 2.0 Authorization Request, which is used as the redirect URI to the Authorization Endpoint. The redirect URI will include the client identifier, requested scope(s), state, response type, and a redirection URI which the authorization server will send the user-agent back to once access is granted (or denied) by the End-User (Resource Owner).

By default, this Filter responds to authorization requests at the URI /auth2/authorization/{registrationId} using the default Auth2DefaultRequestResolver. The URI template variable {registrationId} represents the registration identifier of the client that is used for initiating the OAuth 2.0 Authorization Request.

The default base URI /auth2/authorization may be overridden via the constructor Auth2DefaultRequestRedirectFilter(String, Auth2StateCoder, TenantContextHolder, SimpleUrlAuthenticationFailureHandler), or alternatively, an Auth2DefaultRequestResolver may be provided to the constructor Auth2DefaultRequestRedirectFilter(Auth2DefaultRequestResolver, Auth2StateCoder, TenantContextHolder, SimpleUrlAuthenticationFailureHandler)} to override the resolving of authorization requests.

从以下版本开始:

5.0

作者:

Joe Grandja, Rob Winch, YongWu zheng

另请参阅:

OAuth2AuthorizationRequest, Auth2DefaultRequestResolver, AuthorizationRequestRepository, ClientRegistration, ClientRegistrationRepository, Section 4.1 Authorization Code Grant, Section 4.1.1 Authorization Request (Authorization Code), Section 4.2 Implicit Grant, Section 4.2.1 Authorization Request (Implicit)

字段概要

从类继承的字段 org.springframework.web.filter.OncePerRequestFilter

ALREADY_FILTERED_SUFFIX

从类继承的字段 org.springframework.web.filter.GenericFilterBean

logger

构造器概要

构造器

构造器和说明
Auth2DefaultRequestRedirectFilter(Auth2DefaultRequestResolver authorizationRequestResolver, Auth2StateCoder auth2StateCoder, TenantContextHolder tenantContextHolder, org.springframework.security.web.authentication.SimpleUrlAuthenticationFailureHandler authenticationFailureHandler) Constructs an Auth2DefaultRequestRedirectFilter using the provided parameters.
Auth2DefaultRequestRedirectFilter(String authorizationRequestBaseUri, Auth2StateCoder auth2StateCoder, TenantContextHolder tenantContextHolder, org.springframework.security.web.authentication.SimpleUrlAuthenticationFailureHandler authenticationFailureHandler) Constructs an Auth2DefaultRequestRedirectFilter using the provided parameters.

方法概要

限定符和类型	方法和说明
protected void	doFilterInternal(javax.servlet.http.HttpServletRequest request, javax.servlet.http.HttpServletResponse response, javax.servlet.FilterChain filterChain)
void	setRequestCache(org.springframework.security.web.savedrequest.RequestCache requestCache) Sets the RequestCache used for storing the current request before redirecting the OAuth 2.0 Authorization Request.

从类继承的方法 org.springframework.web.filter.OncePerRequestFilter

doFilter, doFilterNestedErrorDispatch, getAlreadyFilteredAttributeName, isAsyncDispatch, isAsyncStarted, shouldNotFilter, shouldNotFilterAsyncDispatch, shouldNotFilterErrorDispatch

从类继承的方法 org.springframework.web.filter.GenericFilterBean

addRequiredProperty, afterPropertiesSet, createEnvironment, destroy, getEnvironment, getFilterConfig, getFilterName, getServletContext, init, initBeanWrapper, initFilterBean, setBeanName, setEnvironment, setServletContext

从类继承的方法 java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

构造器详细资料

Auth2DefaultRequestRedirectFilter

public Auth2DefaultRequestRedirectFilter(@NonNull
                                         String authorizationRequestBaseUri,
                                         @Nullable
                                         Auth2StateCoder auth2StateCoder,
                                         @Nullable
                                         TenantContextHolder tenantContextHolder,
                                         @NonNull
                                         org.springframework.security.web.authentication.SimpleUrlAuthenticationFailureHandler authenticationFailureHandler)

Constructs an Auth2DefaultRequestRedirectFilter using the provided parameters.

参数:

authorizationRequestBaseUri - the base URI used for authorization requests

auth2StateCoder - state 的编解码器

tenantContextHolder - 多租户处理器

authenticationFailureHandler - 失败处理器

Auth2DefaultRequestRedirectFilter

public Auth2DefaultRequestRedirectFilter(@NonNull
                                         Auth2DefaultRequestResolver authorizationRequestResolver,
                                         @Nullable
                                         Auth2StateCoder auth2StateCoder,
                                         @Nullable
                                         TenantContextHolder tenantContextHolder,
                                         @NonNull
                                         org.springframework.security.web.authentication.SimpleUrlAuthenticationFailureHandler authenticationFailureHandler)

Constructs an Auth2DefaultRequestRedirectFilter using the provided parameters.

参数:

authorizationRequestResolver - the resolver used for resolving authorization requests

auth2StateCoder - state 的编解码器

tenantContextHolder - 多租户处理器

authenticationFailureHandler - 失败处理器

从以下版本开始:

5.1

方法详细资料

setRequestCache

public final void setRequestCache(org.springframework.security.web.savedrequest.RequestCache requestCache)

Sets the RequestCache used for storing the current request before redirecting the OAuth 2.0 Authorization Request.

参数:

requestCache - the cache used for storing the current request

doFilterInternal

protected void doFilterInternal(@NonNull
                                javax.servlet.http.HttpServletRequest request,
                                @NonNull
                                javax.servlet.http.HttpServletResponse response,
                                @NonNull
                                javax.servlet.FilterChain filterChain)
                         throws javax.servlet.ServletException,
                                IOException

指定者:

doFilterInternal 在类中 org.springframework.web.filter.OncePerRequestFilter

抛出:

javax.servlet.ServletException

IOException