Class PublicRefreshCodeVerifierAuthenticator
java.lang.Object
com.broadleafcommerce.auth.authorization.security.spring.PublicRefreshCodeVerifierAuthenticator
An authenticator used for OAuth 2.0 Client Authentication, which authenticates the
PkceParameterNames#CODE_VERIFIER code_verifier
parameter. This is a customized version of
the original Spring class (CodeVerifierAuthenticator
). The difference here is that we
allow public clients to also authenticate with a valid refresh token and redirect uri for
refresh_token
grant flows.- See Also:
-
Constructor Summary
ConstructorDescriptionPublicRefreshCodeVerifierAuthenticator
(org.springframework.security.oauth2.server.authorization.OAuth2AuthorizationService authorizationService, TokenProperties tokenProperties) -
Method Summary
Modifier and TypeMethodDescriptionvoid
authenticateIfAvailable
(org.springframework.security.oauth2.server.authorization.authentication.OAuth2ClientAuthenticationToken clientAuthentication, org.springframework.security.oauth2.server.authorization.client.RegisteredClient registeredClient) void
authenticateRequired
(org.springframework.security.oauth2.server.authorization.authentication.OAuth2ClientAuthenticationToken clientAuthentication, org.springframework.security.oauth2.server.authorization.client.RegisteredClient registeredClient)
-
Constructor Details
-
PublicRefreshCodeVerifierAuthenticator
public PublicRefreshCodeVerifierAuthenticator(org.springframework.security.oauth2.server.authorization.OAuth2AuthorizationService authorizationService, TokenProperties tokenProperties)
-
-
Method Details
-
authenticateRequired
public void authenticateRequired(org.springframework.security.oauth2.server.authorization.authentication.OAuth2ClientAuthenticationToken clientAuthentication, org.springframework.security.oauth2.server.authorization.client.RegisteredClient registeredClient) -
authenticateIfAvailable
public void authenticateIfAvailable(org.springframework.security.oauth2.server.authorization.authentication.OAuth2ClientAuthenticationToken clientAuthentication, org.springframework.security.oauth2.server.authorization.client.RegisteredClient registeredClient)
-