nl.nn.adapterframework.lifecycle.servlets

Class OAuth2Authenticator

java.lang.Object

nl.nn.adapterframework.lifecycle.servlets.ServletAuthenticatorBase

nl.nn.adapterframework.lifecycle.servlets.OAuth2Authenticator

All Implemented Interfaces:

IAuthenticator, org.springframework.beans.factory.Aware, org.springframework.context.ApplicationContextAware

public class OAuth2Authenticator
extends ServletAuthenticatorBase

OAuth2 Authentication provider which contains 4 defaults (Google, GitHub, Facebook and Okta), as well as a custom setting which allows users to use their own IDP.

Default redirect url is as follows:

 {baseUrl}/-servlet-name-/oauth2/code/{registrationId}
 

The redirect url has been modified to match the servlet path and is deduced from the default OAuth2LoginAuthenticationFilter.DEFAULT_FILTER_PROCESSES_URI. Authentication base URL: -servlet-name-

Author:

Niels Meijer

Field Summary

Fields inherited from class nl.nn.adapterframework.lifecycle.servlets.ServletAuthenticatorBase

ALLOW_OPTIONS_REQUESTS_KEY, DEFAULT_IBIS_ROLES, log

Constructor Summary

Constructors

Constructor and Description
OAuth2Authenticator()

Method Summary

Modifier and Type	Method and Description
org.springframework.security.web.SecurityFilterChain	configure(org.springframework.security.config.annotation.web.builders.HttpSecurity http) Before building, configure the FilterChain.
org.springframework.security.oauth2.client.registration.ClientRegistrationRepository	createClientRegistrationRepository()
org.springframework.security.oauth2.client.registration.ClientRegistration.Builder	createCustomBuilder(String name, String registrationId)
void	setAuthorizationUri(String authorizationUri) eg.
void	setClientId(String clientId)
void	setClientSecret(String clientSecret)
void	setIssuerUri(String issuerUri) eg.
void	setJwkSetUri(String jwkSetUri) eg.
void	setProvider(String provider) Google, GitHub, Facebook, Okta, Custom
void	setRoleMappingFile(String roleMappingFile)
void	setScopes(String scopes) eg.
void	setTokenUri(String tokenUri) eg.
void	setUserInfoUri(String userInfoUri) eg.
void	setUserNameAttributeName(String userNameAttributeName) eg.

Methods inherited from class nl.nn.adapterframework.lifecycle.servlets.ServletAuthenticatorBase

authorizationRequestMatcher, build, configureHttpSecurity, getApplicationContext, getEnvironmentProperties, getPrivateEndpoints, getSecurityRoles, registerServlet, setApplicationContext

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Constructor Detail

OAuth2Authenticator

public OAuth2Authenticator()

Method Detail

configure

public org.springframework.security.web.SecurityFilterChain configure(org.springframework.security.config.annotation.web.builders.HttpSecurity http)
                                                               throws Exception

Description copied from class: ServletAuthenticatorBase

Before building, configure the FilterChain.

Specified by:

configure in class ServletAuthenticatorBase

Throws:

Exception

createClientRegistrationRepository

public org.springframework.security.oauth2.client.registration.ClientRegistrationRepository createClientRegistrationRepository()

createCustomBuilder

public org.springframework.security.oauth2.client.registration.ClientRegistration.Builder createCustomBuilder(String name,
                                                                                                              String registrationId)

setScopes

public void setScopes(String scopes)

eg. openid, profile, email

setAuthorizationUri

public void setAuthorizationUri(String authorizationUri)

eg. https://accounts.google.com/o/oauth2/v2/auth

setTokenUri

public void setTokenUri(String tokenUri)

eg. https://www.googleapis.com/oauth2/v4/token

setJwkSetUri

public void setJwkSetUri(String jwkSetUri)

eg. https://www.googleapis.com/oauth2/v3/certs

setIssuerUri

public void setIssuerUri(String issuerUri)

eg. https://accounts.google.com

setUserInfoUri

public void setUserInfoUri(String userInfoUri)

eg. https://www.googleapis.com/oauth2/v3/userinfo

setUserNameAttributeName

public void setUserNameAttributeName(String userNameAttributeName)

eg.

setClientId

public void setClientId(String clientId)

setClientSecret

public void setClientSecret(String clientSecret)

setProvider

public void setProvider(String provider)

Google, GitHub, Facebook, Okta, Custom

setRoleMappingFile

public void setRoleMappingFile(String roleMappingFile)