Class PublicRefreshPublicClientAuthenticationProvider
java.lang.Object
com.broadleafcommerce.auth.authorization.security.spring.PublicRefreshPublicClientAuthenticationProvider
- All Implemented Interfaces:
org.springframework.security.authentication.AuthenticationProvider
public final class PublicRefreshPublicClientAuthenticationProvider
extends Object
implements org.springframework.security.authentication.AuthenticationProvider
An
AuthenticationProvider
implementation used for OAuth 2.0 Public Client Authentication,
which authenticates the PkceParameterNames#CODE_VERIFIER code_verifier
parameter, or the
refresh_token
and redirect_uri
parameters. This is a customized version of the
original Spring class (PublicClientAuthenticationProvider
). The difference here is that
we allow public clients to also authenticate with a valid refresh token and redirect uri for
refresh_token
grant flows.- See Also:
-
Constructor Summary
ConstructorDescriptionPublicRefreshPublicClientAuthenticationProvider
(org.springframework.security.oauth2.server.authorization.client.RegisteredClientRepository registeredClientRepository, org.springframework.security.oauth2.server.authorization.OAuth2AuthorizationService authorizationService, TokenProperties tokenProperties) Constructs aPublicClientAuthenticationProvider
using the provided parameters. -
Method Summary
Modifier and TypeMethodDescriptionorg.springframework.security.core.Authentication
authenticate
(org.springframework.security.core.Authentication authentication) boolean
-
Constructor Details
-
PublicRefreshPublicClientAuthenticationProvider
public PublicRefreshPublicClientAuthenticationProvider(org.springframework.security.oauth2.server.authorization.client.RegisteredClientRepository registeredClientRepository, org.springframework.security.oauth2.server.authorization.OAuth2AuthorizationService authorizationService, TokenProperties tokenProperties) Constructs aPublicClientAuthenticationProvider
using the provided parameters.- Parameters:
registeredClientRepository
- the repository of registered clientsauthorizationService
- the authorization service
-
-
Method Details
-
authenticate
public org.springframework.security.core.Authentication authenticate(org.springframework.security.core.Authentication authentication) throws org.springframework.security.core.AuthenticationException - Specified by:
authenticate
in interfaceorg.springframework.security.authentication.AuthenticationProvider
- Throws:
org.springframework.security.core.AuthenticationException
-
supports
- Specified by:
supports
in interfaceorg.springframework.security.authentication.AuthenticationProvider
-