Package com.c4_soft.springaddons.security.oidc.starter.reactive.client

Class ReactiveSpringAddonsOidcClientWithLoginBeans

java.lang.Object

com.c4_soft.springaddons.security.oidc.starter.reactive.client.ReactiveSpringAddonsOidcClientWithLoginBeans

@Conditional({IsClientWithLoginCondition.class,IsNotServlet.class})
@EnableWebFluxSecurity
@AutoConfiguration
@ImportAutoConfiguration(ReactiveSpringAddonsOidcBeans.class)
public class ReactiveSpringAddonsOidcClientWithLoginBeans
extends Object

The following @ConditionalOnMissingBeans are auto-configured

• springAddonsClientFilterChain: a SecurityWebFilterChain. Instantiated only if "com.c4-soft.springaddons.oidc.client.security-matchers" property has at least one entry. If defined, it is with a high precedence, to ensure that all routes defined in this security matcher property are intercepted by this filter-chain.
• logoutRequestUriBuilder: builder for RP-Initiated Logout queries, taking configuration from properties for OIDC providers which do not strictly comply with the spec: logout URI not provided by OIDC conf or non standard parameter names (Auth0 and Cognito are samples of such OPs)
• logoutSuccessHandler: a ServerLogoutSuccessHandler. Default instance is a SpringAddonsServerLogoutSuccessHandler which logs a user out from the last authorization server he logged on
• authoritiesConverter: an ClaimSetAuthoritiesConverter. Default instance is a ConfigurableClaimSetAuthoritiesConverter which reads spring-addons SpringAddonsOidcProperties
• csrfCookieWebFilter: a WebFilter to set the CSRF cookie if "com.c4-soft.springaddons.oidc.client.csrf" is set to cookie
• clientAuthorizePostProcessor: a ClientAuthorizeExchangeSpecPostProcessor post processor to fine tune access control from java configuration. It applies to all routes not listed in "permit-all" property configuration. Default requires users to be authenticated.
• clientHttpPostProcessor: a ClientReactiveHttpSecurityPostProcessor to override anything from above auto-configuration. It is called just before the security filter-chain is returned. Default is a no-op.
• authorizationRequestResolver: a ServerOAuth2AuthorizationRequestResolver to add custom parameters (from application properties) to authorization code request

Author:

Jerome Wacongne ch4mp@c4-soft.com

Nested Class Summary

Nested Classes

Modifier and Type	Class	Description
static interface	ReactiveSpringAddonsOidcClientWithLoginBeans.PreAuthorizationCodeServerRedirectStrategy
static class	ReactiveSpringAddonsOidcClientWithLoginBeans.SpringAddonsPreAuthorizationCodeServerRedirectStrategy

Constructor Summary

Constructors

Constructor	Description
ReactiveSpringAddonsOidcClientWithLoginBeans()

Method Summary

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Constructor Details

ReactiveSpringAddonsOidcClientWithLoginBeans

public ReactiveSpringAddonsOidcClientWithLoginBeans()