Package com.broadleafcommerce.auth.authorization.security.spring

Class PublicRefreshPublicClientAuthenticationProvider

java.lang.Object
com.broadleafcommerce.auth.authorization.security.spring.PublicRefreshPublicClientAuthenticationProvider
All Implemented Interfaces:
org.springframework.security.authentication.AuthenticationProvider
public final class PublicRefreshPublicClientAuthenticationProvider extends Object implements org.springframework.security.authentication.AuthenticationProvider
An AuthenticationProvider implementation used for OAuth 2.0 Public Client Authentication, which authenticates the PkceParameterNames#CODE_VERIFIER code_verifier parameter, or the refresh_token and redirect_uri parameters. This is a customized version of the original Spring class (PublicClientAuthenticationProvider). The difference here is that we allow public clients to also authenticate with a valid refresh token and redirect uri for refresh_token grant flows.
See Also:

  • Constructor Summary

    Constructors
    Constructor
    Description
    PublicRefreshPublicClientAuthenticationProvider(org.springframework.security.oauth2.server.authorization.client.RegisteredClientRepository registeredClientRepository, org.springframework.security.oauth2.server.authorization.OAuth2AuthorizationService authorizationService, TokenProperties tokenProperties)
    Constructs a PublicClientAuthenticationProvider using the provided parameters.

  • Method Summary

    Modifier and Type
    Method
    Description
    org.springframework.security.core.Authentication
    authenticate(org.springframework.security.core.Authentication authentication)
     
    boolean
    supports(Class<?> authentication)
     

    Methods inherited from class java.lang.Object

    clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

  • Constructor Details

    • PublicRefreshPublicClientAuthenticationProvider

      public PublicRefreshPublicClientAuthenticationProvider(org.springframework.security.oauth2.server.authorization.client.RegisteredClientRepository registeredClientRepository, org.springframework.security.oauth2.server.authorization.OAuth2AuthorizationService authorizationService, TokenProperties tokenProperties)
      Constructs a PublicClientAuthenticationProvider using the provided parameters.
      Parameters:
      registeredClientRepository - the repository of registered clients
      authorizationService - the authorization service

  • Method Details

    • authenticate

      public org.springframework.security.core.Authentication authenticate(org.springframework.security.core.Authentication authentication) throws org.springframework.security.core.AuthenticationException
      Specified by:
      authenticate in interface org.springframework.security.authentication.AuthenticationProvider
      Throws:
      org.springframework.security.core.AuthenticationException

    • supports

      public boolean supports(Class<?> authentication)
      Specified by:
      supports in interface org.springframework.security.authentication.AuthenticationProvider