Interface AuthorizedClientService<P extends AuthorizedClient>

Type Parameters:
P - Generally AuthorizedClient
All Known Implementing Classes:
DefaultAuthorizedClientService

public interface AuthorizedClientService<P extends AuthorizedClient>
Service interface for managing AuthorizedClient.
  • Method Details

    • findAll

      org.springframework.data.domain.Page<P> findAll(org.springframework.data.domain.Pageable pageable)
      Find all authorized clients.
      Parameters:
      pageable - the pageable
      Returns:
      a page of authorized client
    • findAllByServerId

      org.springframework.data.domain.Page<P> findAllByServerId(String serverId, org.springframework.data.domain.Pageable pageable)
      Finds all authorized clients within an authorization server.
      Parameters:
      serverId - the server ID
      pageable - the pageable
      Returns:
      a page of authorized client
    • findAdminClient

      Optional<P> findAdminClient(@Nullable String tenantId)
      Finds the authorized client for the admin within the given context.
      Parameters:
      tenantId -
      Returns:
      an optional of authorized client
    • findApplicationClient

      Optional<P> findApplicationClient(String applicationId, String tenantId)
      Finds the authorized client for the application within the given context.
      Parameters:
      applicationId -
      tenantId -
      Returns:
      an optional of authorized client
    • findApplicationClient

      Optional<P> findApplicationClient(String applicationId)
      Finds the authorized client for the application within the given context.
      Parameters:
      applicationId -
      Returns:
      an optional of authorized client
    • existsById

      boolean existsById(String id)
      Check if an authorized client exists by its ID.
      Parameters:
      id - the authorized client ID
      Returns:
      whether or the not the authorized client exists
    • findById

      Optional<P> findById(String id)
      Find an authorized client by its ID.
      Parameters:
      id - the authorized client ID
      Returns:
      an optional of authorized client
    • findByClientId

      Optional<P> findByClientId(String clientId)
      Find an authorized client by its client ID.
      Parameters:
      clientId - the client ID of the authorization client
      Returns:
      an optional of authorized client
    • create

      P create(P authorizedClient)
      Create a new authorized client. AuthorizedClient.getServerId() must not be null.
      Parameters:
      authorizedClient - the authorized client to create
      Returns:
      the created authorized client
    • save

      P save(P authorizedClient)
      Save an authorized client.
      Parameters:
      authorizedClient - the authorized client to save
      Returns:
      the saved authorized client
    • replace

      P replace(String id, P authorizedClient)
      Replace an authorized client.
      Parameters:
      id - the authorized client ID to replace
      authorizedClient - the authorized client replacement
      Returns:
      the created authorized client
    • delete

      void delete(P authorizedClient)
      Delete an authorized client.
      Parameters:
      authorizedClient - the authorized client to delete
    • deleteById

      void deleteById(String id)
      Delete an authorized client by ID.
      Parameters:
      id - the ID of the authorized client to delete
    • preProcessAndConvertToRegisteredClient

      org.springframework.security.oauth2.server.authorization.client.RegisteredClient preProcessAndConvertToRegisteredClient(AuthorizedClient authorizedClient)
      Pre-processes and subsequently converts the given instance into a RegisteredClient.

      This is the preferred mechanism to convert an AuthorizedClient into a RegisteredClient (so long as the mutation semantics are acceptable), as opposed to directly invoking AuthorizedClient.toRegisteredClient().

      Parameters:
      authorizedClient - the instance to mutate and convert to a RegisteredClient
      Returns:
      the RegisteredClient representation of the input
    • resolveAbsolutePathsForRelativeDefaultRedirectUri

      Optional<String> resolveAbsolutePathsForRelativeDefaultRedirectUri(AuthorizedClient client)
      Resolves the absolute path for the default redirect uri on the provided AuthorizedClient
      Parameters:
      client - The AuthorizedClient to resolve the default redirect uri for
      Returns:
      The absolute path for the default redirect uri on the provided AuthorizedClient if one is resolved else an empty Optional
    • resolveAbsolutePathsForRelativeRedirectUris

      Set<String> resolveAbsolutePathsForRelativeRedirectUris(AuthorizedClient client)
      Resolves the absolute path for the redirect uris on the provided AuthorizedClient

      If this client has any relative URLs in its AuthorizedClient.getRedirectUris(), this method will get the base URL for the client's tenant or application. Each relative redirect URI will then be added to the path of the resolved base URL, and this new absolute URL will replace the original relative value.

      If resolution of the base URL fails, or if the value is not absolute even after being appended to the base, the relative URL will be omitted from the result. This ensures the OAuth specification's requirement of absolute redirect URIs is preserved for security.

      Parameters:
      client - The AuthorizedClient to resolve the redirect uris for
      Returns:
      The absolute paths for the redirect uris on the provided AuthorizedClient that could be resolved
    • resolveAbsolutePathsForUris

      Set<String> resolveAbsolutePathsForUris(Set<String> uris, AuthorizedClient client)
      Resolves the absolute path for the string uris provided
      Parameters:
      uris - The uris to resolve absolute paths for
      client - The AuthorizedClient to use for finding the domain, host, etc.
      Returns:
      The uris that could be resolved to absolute paths
    • resolveAbsolutePathForUri

      Optional<String> resolveAbsolutePathForUri(String uri, AuthorizedClient client)
      Resolves the absolute path for the string uri provided
      Parameters:
      uri - The uri to resolve the absolute path for
      client - The AuthorizedClient to use for finding the domain, host, etc.
      Returns:
      The uri resolved to an absolute path if possible else an empty Optional
    • getClientSecretHashValueFromEnvironment

      @Nullable String getClientSecretHashValueFromEnvironment(String clientId)
      AuthorizedClient.getClientSecret() may not be persisted in the datastore and instead come from an application property.

      This serves as a convenient utility method to get the value of that property from the environment for a particular client ID.

      Note that the other methods in this class such as findById(String) almost always return the AuthorizedClient with this value already populated in AuthorizedClient.getClientSecret() (if present).

      Parameters:
      clientId - the AuthorizedClient.getClientId() of the client whose client secret hash property value should be looked up
      Returns:
      the client secret hash value if found in the environment, else null