Class OIDAwareOAuth2RefreshTokenAuthenticationProvider
java.lang.Object
com.broadleafcommerce.auth.authorization.security.spring.OIDAwareOAuth2RefreshTokenAuthenticationProvider
- All Implemented Interfaces:
org.springframework.security.authentication.AuthenticationProvider
public final class OIDAwareOAuth2RefreshTokenAuthenticationProvider
extends Object
implements org.springframework.security.authentication.AuthenticationProvider
An
AuthenticationProvider
implementation for the OAuth 2.0 Refresh Token Grant. This is a
customized version of the original Spring class
(OAuth2RefreshTokenAuthenticationProvider
). The difference here is that we maintain and
OID value in metadata for all refresh tokens. The OID value represents the token value of the
original refresh token issued in a token family. A token family represents all the iterations of
refresh token rotation since the original refresh token was issued.-
Constructor Summary
ConstructorDescriptionOIDAwareOAuth2RefreshTokenAuthenticationProvider
(org.springframework.security.oauth2.server.authorization.OAuth2AuthorizationService authorizationService, org.springframework.security.oauth2.server.authorization.token.OAuth2TokenGenerator<? extends org.springframework.security.oauth2.core.OAuth2Token> tokenGenerator, TokenProperties tokenProperties) Constructs anOAuth2RefreshTokenAuthenticationProvider
using the provided parameters. -
Method Summary
Modifier and TypeMethodDescriptionorg.springframework.security.core.Authentication
authenticate
(org.springframework.security.core.Authentication authentication) boolean
-
Constructor Details
-
OIDAwareOAuth2RefreshTokenAuthenticationProvider
public OIDAwareOAuth2RefreshTokenAuthenticationProvider(org.springframework.security.oauth2.server.authorization.OAuth2AuthorizationService authorizationService, org.springframework.security.oauth2.server.authorization.token.OAuth2TokenGenerator<? extends org.springframework.security.oauth2.core.OAuth2Token> tokenGenerator, TokenProperties tokenProperties) Constructs anOAuth2RefreshTokenAuthenticationProvider
using the provided parameters.- Parameters:
authorizationService
- the authorization servicetokenGenerator
- the token generator- Since:
- 0.2.3
-
-
Method Details
-
authenticate
public org.springframework.security.core.Authentication authenticate(org.springframework.security.core.Authentication authentication) throws org.springframework.security.core.AuthenticationException - Specified by:
authenticate
in interfaceorg.springframework.security.authentication.AuthenticationProvider
- Throws:
org.springframework.security.core.AuthenticationException
-
supports
- Specified by:
supports
in interfaceorg.springframework.security.authentication.AuthenticationProvider
-