Package com.c4_soft.springaddons.security.oidc.starter.synchronised.client

Class SpringAddonsOAuth2AuthorizationRequestResolver

java.lang.Object

com.c4_soft.springaddons.security.oidc.starter.synchronised.client.SpringAddonsOAuth2AuthorizationRequestResolver

All Implemented Interfaces:

org.springframework.security.oauth2.client.web.OAuth2AuthorizationRequestResolver

public class SpringAddonsOAuth2AuthorizationRequestResolver
extends Object
implements org.springframework.security.oauth2.client.web.OAuth2AuthorizationRequestResolver

Support three features:

• Use the SpringAddonsOidcClientProperties#client-uri to set the base URI of authorization-code callback (of interest for instance when using an ingress or another gateway in front of the OAuth2 client with oauth2Login)
• Defining authorization request additional parameters from properties (like audience for Auth0)
• Save in session post-login URIs provided as header (SpringAddonsOidcClientProperties.POST_AUTHENTICATION_SUCCESS_URI_HEADER and SpringAddonsOidcClientProperties.POST_AUTHENTICATION_FAILURE_URI_HEADER) or request param (SpringAddonsOidcClientProperties.POST_AUTHENTICATION_SUCCESS_URI_PARAM and SpringAddonsOidcClientProperties.POST_AUTHENTICATION_FAILURE_URI_PARAM). If both are provided, header wins. The key used in session are SpringAddonsOidcClientProperties.POST_AUTHENTICATION_SUCCESS_URI_SESSION_ATTRIBUTE and SpringAddonsOidcClientProperties.POST_AUTHENTICATION_FAILURE_URI_SESSION_ATTRIBUTE

The post-login URIs are used by the default AuthenticationSuccessHandler and AuthenticationFailureHandler

When needing fancy request customizers (for instance to add parameters with name or value computed at runtime), you may extend this class and override getOAuth2AuthorizationRequestCustomizer(HttpServletRequest, String)

Author:

Jerome Wacongne ch4mp@c4-soft.com

See Also:

• for header and request parameter constants definitions
• SpringAddonsOauth2AuthenticationSuccessHandler
• SpringAddonsOauth2AuthenticationFailureHandler

Constructor Summary

Constructors

Constructor	Description
SpringAddonsOAuth2AuthorizationRequestResolver(org.springframework.boot.autoconfigure.security.oauth2.client.OAuth2ClientProperties bootClientProperties, org.springframework.security.oauth2.client.registration.ClientRegistrationRepository clientRegistrationRepository, SpringAddonsOidcClientProperties addonsClientProperties)

Method Summary

Modifier and Type	Method	Description
protected CompositeOAuth2AuthorizationRequestCustomizer	getCompositeOAuth2AuthorizationRequestCustomizer(String clientRegistrationId)
protected Consumer<org.springframework.security.oauth2.core.endpoint.OAuth2AuthorizationRequest.Builder>	getOAuth2AuthorizationRequestCustomizer(jakarta.servlet.http.HttpServletRequest request, String clientRegistrationId)	Override this to use a "dynamic" request customizer.
protected org.springframework.security.oauth2.client.web.OAuth2AuthorizationRequestResolver	getRequestResolver(jakarta.servlet.http.HttpServletRequest request, String clientRegistrationId)	You probably don't need to override this.
org.springframework.security.oauth2.core.endpoint.OAuth2AuthorizationRequest	resolve(jakarta.servlet.http.HttpServletRequest request)
org.springframework.security.oauth2.core.endpoint.OAuth2AuthorizationRequest	resolve(jakarta.servlet.http.HttpServletRequest request, String clientRegistrationId)

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Constructor Details

SpringAddonsOAuth2AuthorizationRequestResolver

public SpringAddonsOAuth2AuthorizationRequestResolver(org.springframework.boot.autoconfigure.security.oauth2.client.OAuth2ClientProperties bootClientProperties,
 org.springframework.security.oauth2.client.registration.ClientRegistrationRepository clientRegistrationRepository,
 SpringAddonsOidcClientProperties addonsClientProperties)

Method Details

resolve

public org.springframework.security.oauth2.core.endpoint.OAuth2AuthorizationRequest resolve(jakarta.servlet.http.HttpServletRequest request)

Specified by:

resolve in interface org.springframework.security.oauth2.client.web.OAuth2AuthorizationRequestResolver

resolve

public org.springframework.security.oauth2.core.endpoint.OAuth2AuthorizationRequest resolve(jakarta.servlet.http.HttpServletRequest request,
 String clientRegistrationId)

Specified by:

resolve in interface org.springframework.security.oauth2.client.web.OAuth2AuthorizationRequestResolver

getRequestResolver

protected org.springframework.security.oauth2.client.web.OAuth2AuthorizationRequestResolver getRequestResolver(jakarta.servlet.http.HttpServletRequest request,
 String clientRegistrationId)

You probably don't need to override this. See getOAuth2AuthorizationRequestCustomizer to add advanced request customizer(s)

Parameters:

request -

clientRegistrationId -

Returns:

getOAuth2AuthorizationRequestCustomizer

protected Consumer<org.springframework.security.oauth2.core.endpoint.OAuth2AuthorizationRequest.Builder> getOAuth2AuthorizationRequestCustomizer(jakarta.servlet.http.HttpServletRequest request,
 String clientRegistrationId)

Override this to use a "dynamic" request customizer. Something like:

 return new CompositeOAuth2AuthorizationRequestCustomizer(getCompositeOAuth2AuthorizationRequestCustomizer(clientRegistrationId), new MyDynamicCustomizer(request), ...);
 

Returns:

getCompositeOAuth2AuthorizationRequestCustomizer

protected CompositeOAuth2AuthorizationRequestCustomizer getCompositeOAuth2AuthorizationRequestCustomizer(String clientRegistrationId)

Returns:

a request customizer adding PKCE token (if activated) and "static" parameters defined in spring-addons properties