Package com.broadleafcommerce.auth.user.session

Class AuthorizationCodeWithPkceTokenGranter

java.lang.Object
org.springframework.security.oauth2.provider.token.AbstractTokenGranter
com.broadleafcommerce.auth.user.session.AuthorizationCodeWithPkceTokenGranter
All Implemented Interfaces:
org.springframework.security.oauth2.provider.TokenGranter
public class AuthorizationCodeWithPkceTokenGranter extends org.springframework.security.oauth2.provider.token.AbstractTokenGranter
This is a customized version of AuthorizationCodeTokenGranter that helps support the Proof-Key-for-Code-Exchange enhancement to the Authorization Code Grant flow. Similar to how the original will "consume" an authorization code, this extension will also verify a code_verifier param. This is done according to the (RFC).
Author:
Nathan Moore (nathandmoore)

  • Field Summary

    Fields inherited from class org.springframework.security.oauth2.provider.token.AbstractTokenGranter

    logger

  • Constructor Summary

    Constructors
    Modifier
    Constructor
    Description
     
    AuthorizationCodeWithPkceTokenGranter(org.springframework.security.oauth2.provider.token.AuthorizationServerTokenServices tokenServices, org.springframework.security.oauth2.provider.code.AuthorizationCodeServices authorizationCodeServices, org.springframework.security.oauth2.provider.ClientDetailsService clientDetailsService, org.springframework.security.oauth2.provider.OAuth2RequestFactory requestFactory)
     
    protected
    AuthorizationCodeWithPkceTokenGranter(org.springframework.security.oauth2.provider.token.AuthorizationServerTokenServices tokenServices, org.springframework.security.oauth2.provider.code.AuthorizationCodeServices authorizationCodeServices, org.springframework.security.oauth2.provider.ClientDetailsService clientDetailsService, org.springframework.security.oauth2.provider.OAuth2RequestFactory requestFactory, String grantType)
     

  • Method Summary

    Modifier and Type
    Method
    Description
    protected org.springframework.security.oauth2.provider.code.AuthorizationCodeServices
    getAuthorizationCodeServices()
     
    protected org.springframework.security.oauth2.provider.OAuth2Authentication
    getOAuth2Authentication(org.springframework.security.oauth2.provider.ClientDetails client, org.springframework.security.oauth2.provider.TokenRequest tokenRequest)
    Overriding method to call DefaultAuthorizationCodeServices.consumeAuthorizationCode(String, String) in support of PKCE.

    Methods inherited from class org.springframework.security.oauth2.provider.token.AbstractTokenGranter

    getAccessToken, getRequestFactory, getTokenServices, grant, validateGrantType

    Methods inherited from class java.lang.Object

    clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

  • Constructor Details

    • AuthorizationCodeWithPkceTokenGranter

      public AuthorizationCodeWithPkceTokenGranter(org.springframework.security.oauth2.provider.token.AuthorizationServerTokenServices tokenServices, org.springframework.security.oauth2.provider.code.AuthorizationCodeServices authorizationCodeServices, org.springframework.security.oauth2.provider.ClientDetailsService clientDetailsService, org.springframework.security.oauth2.provider.OAuth2RequestFactory requestFactory)

    • AuthorizationCodeWithPkceTokenGranter

      protected AuthorizationCodeWithPkceTokenGranter(org.springframework.security.oauth2.provider.token.AuthorizationServerTokenServices tokenServices, org.springframework.security.oauth2.provider.code.AuthorizationCodeServices authorizationCodeServices, org.springframework.security.oauth2.provider.ClientDetailsService clientDetailsService, org.springframework.security.oauth2.provider.OAuth2RequestFactory requestFactory, String grantType)

  • Method Details

    • getOAuth2Authentication

      protected org.springframework.security.oauth2.provider.OAuth2Authentication getOAuth2Authentication(org.springframework.security.oauth2.provider.ClientDetails client, org.springframework.security.oauth2.provider.TokenRequest tokenRequest)
      Overriding method to call DefaultAuthorizationCodeServices.consumeAuthorizationCode(String, String) in support of PKCE. Otherwise, this is the same as AuthorizationCodeTokenGranter.getOAuth2Authentication(ClientDetails, TokenRequest).
      Overrides:
      getOAuth2Authentication in class org.springframework.security.oauth2.provider.token.AbstractTokenGranter

    • getAuthorizationCodeServices

      protected org.springframework.security.oauth2.provider.code.AuthorizationCodeServices getAuthorizationCodeServices()