public class Auth2LoginAuthenticationProvider extends Object implements org.springframework.security.authentication.AuthenticationProvider
AuthenticationProvider for OAuth 2.0 Login, which
leverages the OAuth 2.0 Authorization Code Grant Flow.
This AuthenticationProvider is responsible for authenticating an Authorization
Code credential with the Authorization Server's Token Endpoint and if valid, exchanging
it for an Access Token credential.
It will also obtain the user attributes of the End-User (Resource Owner) from the
UserInfo Endpoint using an Auth2UserService, which will create a
Principal in the form of an AuthUser. The AuthUser is then
associated to the Auth2LoginAuthenticationToken to complete the
authentication.
UsersConnectionRepository,
Auth2AuthenticationToken,
Auth2UserService,
Section
4.1 Authorization Code Grant Flow,
Section 4.1.3 Access Token
Request,
Section 4.1.4 Access Token
Response| 限定符和类型 | 字段和说明 |
|---|---|
protected org.springframework.context.support.MessageSourceAccessor |
messages |
| 构造器和说明 |
|---|
Auth2LoginAuthenticationProvider(Auth2UserService userService,
ConnectionService connectionService,
UmsUserDetailsService umsUserDetailsService,
ExecutorService updateConnectionTaskExecutor,
Boolean autoSignUp,
GenerateClaimsSetService generateClaimsSetService,
String temporaryUserAuthorities,
String temporaryUserPassword,
AuthenticationToUserDetailsConverter authenticationToUserDetailsConverter)
Constructs an
Auth2LoginAuthenticationProvider using the provided
parameters. |
| 限定符和类型 | 方法和说明 |
|---|---|
protected void |
additionalAuthenticationChecks(org.springframework.security.core.userdetails.UserDetails userDetails,
Auth2LoginAuthenticationToken authentication)
Allows subclasses to perform any additional checks of a returned (or cached)
UserDetails for a given authentication request. |
org.springframework.security.core.Authentication |
authenticate(org.springframework.security.core.Authentication authentication) |
protected org.springframework.security.core.userdetails.UserDetailsChecker |
getPostAuthenticationChecks() |
protected org.springframework.security.core.userdetails.UserDetailsChecker |
getPreAuthenticationChecks() |
void |
setPostAuthenticationChecks(org.springframework.security.core.userdetails.UserDetailsChecker postAuthenticationChecks) |
void |
setPreAuthenticationChecks(org.springframework.security.core.userdetails.UserDetailsChecker preAuthenticationChecks)
Sets the policy will be used to verify the status of the loaded
UserDetails before validation of the credentials takes place.
|
void |
setUserCache(org.springframework.security.core.userdetails.UserCache userCache) |
boolean |
supports(Class<?> authentication) |
public Auth2LoginAuthenticationProvider(Auth2UserService userService, ConnectionService connectionService, UmsUserDetailsService umsUserDetailsService, ExecutorService updateConnectionTaskExecutor, Boolean autoSignUp, @Nullable GenerateClaimsSetService generateClaimsSetService, String temporaryUserAuthorities, String temporaryUserPassword, @Autowired(required=false) AuthenticationToUserDetailsConverter authenticationToUserDetailsConverter)
Auth2LoginAuthenticationProvider using the provided
parameters.userService - the service used for obtaining the user attributes of the
End-User from the UserInfo EndpointconnectionService - 第三方登录成功后自动注册服务umsUserDetailsService - this service used for local user serviceupdateConnectionTaskExecutor - update connection task executorautoSignUp - 第三方登录是否自动注册generateClaimsSetService - GenerateClaimsSetServicetemporaryUserAuthorities - 临时权限temporaryUserPassword - 临时密码authenticationToUserDetailsConverter - authentication to user details converterpublic org.springframework.security.core.Authentication authenticate(org.springframework.security.core.Authentication authentication)
throws org.springframework.security.core.AuthenticationException
authenticate 在接口中 org.springframework.security.authentication.AuthenticationProviderorg.springframework.security.core.AuthenticationExceptionprotected void additionalAuthenticationChecks(org.springframework.security.core.userdetails.UserDetails userDetails,
Auth2LoginAuthenticationToken authentication)
throws org.springframework.security.core.AuthenticationException
UserDetails for a given authentication request. If custom logic is needed to compare additional
properties of UserDetails and/or
Auth2LoginAuthenticationToken, these should also appear in this
method.userDetails - as retrieved from the
ConnectionService.signUp(AuthUser, String, String)} or
UserCache or UmsUserDetailsService.loadUserByUserId(String)authentication - the current request that needs to be authenticatedorg.springframework.security.core.AuthenticationException - AuthenticationException if the userDetails could
not be validated (generally an AuthenticationServiceException)public void setUserCache(org.springframework.security.core.userdetails.UserCache userCache)
protected org.springframework.security.core.userdetails.UserDetailsChecker getPreAuthenticationChecks()
public void setPreAuthenticationChecks(org.springframework.security.core.userdetails.UserDetailsChecker preAuthenticationChecks)
preAuthenticationChecks - strategy to be invoked prior to authentication.protected org.springframework.security.core.userdetails.UserDetailsChecker getPostAuthenticationChecks()
public void setPostAuthenticationChecks(org.springframework.security.core.userdetails.UserDetailsChecker postAuthenticationChecks)
public boolean supports(Class<?> authentication)
supports 在接口中 org.springframework.security.authentication.AuthenticationProviderCopyright © 2021. All rights reserved.