Package com.c4_soft.springaddons.security.oauth2.config.synchronised

Class SpringAddonsOAuth2ClientBeans

java.lang.Object

com.c4_soft.springaddons.security.oauth2.config.synchronised.SpringAddonsOAuth2ClientBeans

@ConditionalOnProperty(matchIfMissing=true,
                       prefix="com.c4-soft.springaddons.security.client",
                       name="enabled")
@EnableWebSecurity
@AutoConfiguration
@Import(com.c4_soft.springaddons.security.oauth2.config.SpringAddonsOAuth2ClientProperties.class)
public class SpringAddonsOAuth2ClientBeans
extends Object

The following @ConditionalOnMissingBeans are auto-configured

• springAddonsClientFilterChain: a SecurityFilterChain. Instantiated only if "com.c4-soft.springaddons.security.client.security-matchers" property has at least one entry. If defined, it is with highest precedence, to ensure that all routes defined in this security matcher property are intercepted by this filter-chain.
• oAuth2AuthorizationRequestResolver: a OAuth2AuthorizationRequestResolver. Default instance is a SpringAddonsOAuth2AuthorizationRequestResolver which sets the client hostname in the redirect URI with SpringAddonsOAuth2ClientProperties#client-uri
• logoutRequestUriBuilder: builder for RP-Initiated Logout queries, taking configuration from properties for OIDC providers which do not strictly comply with the spec: logout URI not provided by OIDC conf or non standard parameter names (Auth0 and Cognito are samples of such OPs)
• logoutSuccessHandler: a LogoutSuccessHandler. Default instance is a SpringAddonsOAuth2LogoutSuccessHandler which logs a user out from the last authorization server he logged on.
• authoritiesConverter: an OAuth2AuthoritiesConverter. Default instance is a ConfigurableClaimSet2AuthoritiesConverter which reads spring-addons SpringAddonsSecurityProperties
• grantedAuthoritiesMapper: a GrantedAuthoritiesMapper using the already configured OAuth2AuthoritiesConverter
• oAuth2AuthorizedClientRepository: a SpringAddonsOAuth2AuthorizedClientRepository (which is also a session listener) capable of handling multi-tenancy and back-channel logout.
• clientAuthorizePostProcessor: a ClientExpressionInterceptUrlRegistryPostProcessor post processor to fine tune access control from java configuration. It applies to all routes not listed in "permit-all" property configuration. Default requires users to be authenticated.
• clientHttpPostProcessor: a ClientHttpSecurityPostProcessor to override anything from above auto-configuration. It is called just before the security filter-chain is returned. Default is a no-op.

Author:

Jerome Wacongne ch4mp@c4-soft.com

Constructor Summary

Constructors

Constructor	Description
SpringAddonsOAuth2ClientBeans()

Method Summary

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Constructor Details

SpringAddonsOAuth2ClientBeans

public SpringAddonsOAuth2ClientBeans()