Package org.frankframework.lifecycle.servlets

Class OAuth2Authenticator

java.lang.Object

org.frankframework.lifecycle.servlets.AbstractServletAuthenticator

org.frankframework.lifecycle.servlets.OAuth2Authenticator

All Implemented Interfaces:

IAuthenticator, org.springframework.beans.factory.Aware, org.springframework.context.ApplicationContextAware

public class OAuth2Authenticator
extends AbstractServletAuthenticator

OAuth2 Authentication provider which contains 4 defaults (Google, GitHub, Facebook and Okta), as well as a custom setting which allows users to use their own IDP.

Default redirect url is as follows:

 {baseUrl}/-servlet-name-/oauth2/code/{registrationId}
 

{baseUrl} resolves to {baseScheme}://{baseHost}{basePort}{basePath}.
The redirect url has been modified to match the servlet path and is deduced from the default OAuth2LoginAuthenticationFilter.DEFAULT_FILTER_PROCESSES_URI. Authentication base URL is: -servlet-name-/oauth2/authorization

This authenticator should be configured by setting its type to 'OAUTH2', for example:

 application.security.console.authentication.type=OAUTH2
 application.security.console.authentication.provider=google
 application.security.console.authentication.clientId=my-client-id
 application.security.console.authentication.clientSecret=my-client-secret
 

Author:

Niels Meijer

See Also:

• Spring Security OAuth2 Authorization Grants
• OAuth2AuthorizationRequestRedirectFilter.DEFAULT_AUTHORIZATION_REQUEST_BASE_URI

Field Summary

Fields inherited from class org.frankframework.lifecycle.servlets.AbstractServletAuthenticator

ALLOW_OPTIONS_REQUESTS_KEY, DEFAULT_IBIS_ROLES, log

Constructor Summary

Constructors

Constructor	Description
OAuth2Authenticator()

Method Summary

Modifier and Type	Method	Description
org.springframework.security.web.SecurityFilterChain	configure(org.springframework.security.config.annotation.web.builders.HttpSecurity http)	Before building, configure the FilterChain.
org.springframework.security.oauth2.client.registration.ClientRegistrationRepository	createClientRegistrationRepository()
org.springframework.security.oauth2.client.registration.ClientRegistration.Builder	createCustomBuilder(String name, String registrationId)

Methods inherited from class org.frankframework.lifecycle.servlets.AbstractServletAuthenticator

build, configureHttpSecurity, getAuthorizationManager, getEnvironmentProperties, getPrivateEndpoints, registerServlet, setApplicationContext

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Constructor Details

OAuth2Authenticator

public OAuth2Authenticator()

Method Details

configure

public org.springframework.security.web.SecurityFilterChain configure(org.springframework.security.config.annotation.web.builders.HttpSecurity http)
                                                               throws Exception

Description copied from class: AbstractServletAuthenticator

Before building, configure the FilterChain.

Specified by:

configure in class AbstractServletAuthenticator

Throws:

Exception

createClientRegistrationRepository

public org.springframework.security.oauth2.client.registration.ClientRegistrationRepository createClientRegistrationRepository()

createCustomBuilder

public org.springframework.security.oauth2.client.registration.ClientRegistration.Builder createCustomBuilder(String name,
 String registrationId)