Interface AuthorizedClientService<P extends AuthorizedClient>
- Type Parameters:
P
- GenerallyAuthorizedClient
- All Known Implementing Classes:
DefaultAuthorizedClientService
AuthorizedClient
.-
Method Summary
Modifier and TypeMethodDescriptionCreate a new authorized client.void
Delete an authorized client.void
deleteById
(String id) Delete an authorized client by ID.boolean
existsById
(String id) Check if an authorized client exists by its ID.findAdminClient
(String tenantId) Finds the authorized client for the admin within the given context.org.springframework.data.domain.Page<P>
findAll
(org.springframework.data.domain.Pageable pageable) Find all authorized clients.org.springframework.data.domain.Page<P>
findAllByServerId
(String serverId, org.springframework.data.domain.Pageable pageable) Finds all authorized clients within an authorization server.findApplicationClient
(String applicationId) Finds the authorized client for the application within the given context.findApplicationClient
(String applicationId, String tenantId) Finds the authorized client for the application within the given context.findByClientId
(String clientId) Find an authorized client by its client ID.Find an authorized client by its ID.AuthorizedClient.getClientSecret()
may not be persisted in the datastore and instead come from an application property.org.springframework.security.oauth2.server.authorization.client.RegisteredClient
preProcessAndConvertToRegisteredClient
(AuthorizedClient authorizedClient) Pre-processes and subsequently converts the given instance into aRegisteredClient
.Replace an authorized client.resolveAbsolutePathForUri
(String uri, AuthorizedClient client) Resolves the absolute path for the string uri providedResolves the absolute path for the default redirect uri on the providedAuthorizedClient
Resolves the absolute path for the redirect uris on the providedAuthorizedClient
resolveAbsolutePathsForUris
(Set<String> uris, AuthorizedClient client) Resolves the absolute path for the string uris providedSave an authorized client.
-
Method Details
-
findAll
Find all authorized clients.- Parameters:
pageable
- the pageable- Returns:
- a page of authorized client
-
findAllByServerId
org.springframework.data.domain.Page<P> findAllByServerId(String serverId, org.springframework.data.domain.Pageable pageable) Finds all authorized clients within an authorization server.- Parameters:
serverId
- the server IDpageable
- the pageable- Returns:
- a page of authorized client
-
findAdminClient
Finds the authorized client for the admin within the given context.- Parameters:
tenantId
-- Returns:
- an optional of authorized client
-
findApplicationClient
Finds the authorized client for the application within the given context.- Parameters:
applicationId
-tenantId
-- Returns:
- an optional of authorized client
-
findApplicationClient
Finds the authorized client for the application within the given context.- Parameters:
applicationId
-- Returns:
- an optional of authorized client
-
existsById
Check if an authorized client exists by its ID.- Parameters:
id
- the authorized client ID- Returns:
- whether or the not the authorized client exists
-
findById
Find an authorized client by its ID.- Parameters:
id
- the authorized client ID- Returns:
- an optional of authorized client
-
findByClientId
Find an authorized client by its client ID.- Parameters:
clientId
- the client ID of the authorization client- Returns:
- an optional of authorized client
-
create
Create a new authorized client.AuthorizedClient.getServerId()
must not be null.- Parameters:
authorizedClient
- the authorized client to create- Returns:
- the created authorized client
-
save
Save an authorized client.- Parameters:
authorizedClient
- the authorized client to save- Returns:
- the saved authorized client
-
replace
Replace an authorized client.- Parameters:
id
- the authorized client ID to replaceauthorizedClient
- the authorized client replacement- Returns:
- the created authorized client
-
delete
Delete an authorized client.- Parameters:
authorizedClient
- the authorized client to delete
-
deleteById
Delete an authorized client by ID.- Parameters:
id
- the ID of the authorized client to delete
-
preProcessAndConvertToRegisteredClient
org.springframework.security.oauth2.server.authorization.client.RegisteredClient preProcessAndConvertToRegisteredClient(AuthorizedClient authorizedClient) Pre-processes and subsequently converts the given instance into aRegisteredClient
.This is the preferred mechanism to convert an
AuthorizedClient
into aRegisteredClient
(so long as the mutation semantics are acceptable), as opposed to directly invokingAuthorizedClient.toRegisteredClient()
.- Parameters:
authorizedClient
- the instance to mutate and convert to aRegisteredClient
- Returns:
- the
RegisteredClient
representation of the input
-
resolveAbsolutePathsForRelativeDefaultRedirectUri
Resolves the absolute path for the default redirect uri on the providedAuthorizedClient
- Parameters:
client
- TheAuthorizedClient
to resolve the default redirect uri for- Returns:
- The absolute path for the default redirect uri on the provided
AuthorizedClient
if one is resolved else an emptyOptional
-
resolveAbsolutePathsForRelativeRedirectUris
Resolves the absolute path for the redirect uris on the providedAuthorizedClient
If this client has any relative URLs in its
AuthorizedClient.getRedirectUris()
, this method will get the base URL for the client's tenant or application. Each relative redirect URI will then be added to the path of the resolved base URL, and this new absolute URL will replace the original relative value.If resolution of the base URL fails, or if the value is not absolute even after being appended to the base, the relative URL will be omitted from the result. This ensures the OAuth specification's requirement of absolute redirect URIs is preserved for security.
- Parameters:
client
- TheAuthorizedClient
to resolve the redirect uris for- Returns:
- The absolute paths for the redirect uris on the provided
AuthorizedClient
that could be resolved
-
resolveAbsolutePathsForUris
Resolves the absolute path for the string uris provided- Parameters:
uris
- The uris to resolve absolute paths forclient
- TheAuthorizedClient
to use for finding the domain, host, etc.- Returns:
- The uris that could be resolved to absolute paths
-
resolveAbsolutePathForUri
Resolves the absolute path for the string uri provided- Parameters:
uri
- The uri to resolve the absolute path forclient
- TheAuthorizedClient
to use for finding the domain, host, etc.- Returns:
- The uri resolved to an absolute path if possible else an empty
Optional
-
getClientSecretHashValueFromEnvironment
AuthorizedClient.getClientSecret()
may not be persisted in the datastore and instead come from an application property.This serves as a convenient utility method to get the value of that property from the environment for a particular client ID.
Note that the other methods in this class such as
findById(String)
almost always return theAuthorizedClient
with this value already populated inAuthorizedClient.getClientSecret()
(if present).- Parameters:
clientId
- theAuthorizedClient.getClientId()
of the client whose client secret hash property value should be looked up- Returns:
- the client secret hash value if found in the environment, else null
-