org.springframework.security.oauth.provider.DefaultAuthenticationHandler Maven / Gradle / Ivy
package org.springframework.security.oauth.provider;
import org.springframework.security.Authentication;
import org.springframework.security.oauth.provider.token.OAuthAccessProviderToken;
import org.springframework.security.oauth.provider.token.OAuthProviderToken;
import org.springframework.security.providers.AbstractAuthenticationToken;
import javax.servlet.http.HttpServletRequest;
/**
* The default authentication handler.
*
* @author Ryan Heaton
*/
public class DefaultAuthenticationHandler implements OAuthAuthenticationHandler {
/**
* Default implementation returns the user authentication associated with the auth token, if the token is provided. Otherwise, the consumer authentication
* is returned.
*
* @param request The request that was successfully authenticated.
* @param authentication The consumer authentication (details about how the request was authenticated).
* @param authToken The OAuth token associated with the authentication. This token MAY be null if no authenticated token was needed to successfully
* authenticate the request (for example, in the case of 2-legged OAuth).
* @return The authentication.
*/
public Authentication createAuthentication(HttpServletRequest request, ConsumerAuthentication authentication, OAuthAccessProviderToken authToken) {
if (authToken != null) {
Authentication userAuthentication = authToken.getUserAuthentication();
if (userAuthentication instanceof AbstractAuthenticationToken) {
//initialize the details with the consumer that is actually making the request on behalf of the user.
((AbstractAuthenticationToken) userAuthentication).setDetails(new OAuthAuthenticationDetails(request, authentication.getConsumerDetails()));
}
return userAuthentication;
}
return authentication;
}
}
© 2015 - 2025 Weber Informatics LLC | Privacy Policy