Package com.azure.spring.cloud.autoconfigure.aad

Class AadWebSecurityConfigurerAdapter

  • All Implemented Interfaces:
    org.springframework.security.config.annotation.SecurityConfigurer<javax.servlet.Filter,​org.springframework.security.config.annotation.web.builders.WebSecurity>, org.springframework.security.config.annotation.web.WebSecurityConfigurer<org.springframework.security.config.annotation.web.builders.WebSecurity>
    Direct Known Subclasses:
    AadWebApplicationConfiguration.DefaultAadWebSecurityConfigurerAdapter
    public abstract class AadWebSecurityConfigurerAdapter
extends org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter
    Abstract configuration class, used to make AzureClientRegistrationRepository and AuthzCodeGrantRequestEntityConverter take effect.
    See Also:
    WebSecurityConfigurerAdapter

    • Field Summary

      Fields 
      Modifier and Type Field Description
      protected org.springframework.security.oauth2.client.userinfo.OAuth2UserService<org.springframework.security.oauth2.client.oidc.userinfo.OidcUserRequest,​org.springframework.security.oauth2.core.oidc.user.OidcUser> oidcUserService  
      protected AadAuthenticationProperties properties
      AAD authentication properties
      protected org.springframework.security.oauth2.client.registration.ClientRegistrationRepository repo  

    • Method Summary

      All Methods Instance Methods Concrete Methods 
      Modifier and Type Method Description
      protected org.springframework.security.oauth2.client.endpoint.OAuth2AccessTokenResponseClient<org.springframework.security.oauth2.client.endpoint.OAuth2AuthorizationCodeGrantRequest> accessTokenResponseClient()
      Gets the access token response client.
      protected javax.servlet.Filter conditionalAccessFilter()
      Return the filter to handle conditional access exception.
      protected void configure​(org.springframework.security.config.annotation.web.builders.HttpSecurity http)
      configure
      protected org.springframework.security.web.authentication.logout.LogoutSuccessHandler oidcLogoutSuccessHandler()
      Gets the OIDC logout success handler.
      protected org.springframework.security.oauth2.client.web.OAuth2AuthorizationRequestResolver requestResolver()
      Gets the request resolver.

      • Methods inherited from class org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter

        authenticationManager, authenticationManagerBean, configure, configure, getApplicationContext, getHttp, init, setApplicationContext, setAuthenticationConfiguration, setContentNegotationStrategy, setObjectPostProcessor, setTrustResolver, userDetailsService, userDetailsServiceBean

    • Field Detail

      • repo

        @Autowired
protected org.springframework.security.oauth2.client.registration.ClientRegistrationRepository repo

      • oidcUserService

        @Autowired
protected org.springframework.security.oauth2.client.userinfo.OAuth2UserService<org.springframework.security.oauth2.client.oidc.userinfo.OidcUserRequest,​org.springframework.security.oauth2.core.oidc.user.OidcUser> oidcUserService

    • Constructor Detail

      • AadWebSecurityConfigurerAdapter

        public AadWebSecurityConfigurerAdapter()

    • Method Detail

      • configure

        protected void configure​(org.springframework.security.config.annotation.web.builders.HttpSecurity http)
                  throws Exception
        configure
        Overrides:
        configure in class org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter
        Parameters:
        http - the HttpSecurity to use
        Throws:
        Exception - Configuration failed

      • conditionalAccessFilter

        protected javax.servlet.Filter conditionalAccessFilter()
        Return the filter to handle conditional access exception. No conditional access filter is provided by default.
        Returns:
        a filter that handles conditional access exception.
        See Also:
        Sample for AAD conditional access filter, reference doc

      • oidcLogoutSuccessHandler

        protected org.springframework.security.web.authentication.logout.LogoutSuccessHandler oidcLogoutSuccessHandler()
        Gets the OIDC logout success handler.
        Returns:
        the OIDC logout success handler

      • accessTokenResponseClient

        protected org.springframework.security.oauth2.client.endpoint.OAuth2AccessTokenResponseClient<org.springframework.security.oauth2.client.endpoint.OAuth2AuthorizationCodeGrantRequest> accessTokenResponseClient()
        Gets the access token response client.
        Returns:
        the access token response client

      • requestResolver

        protected org.springframework.security.oauth2.client.web.OAuth2AuthorizationRequestResolver requestResolver()
        Gets the request resolver.
        Returns:
        the request resolver