All Downloads are FREE. Search and download functionalities are using the official Maven repository.

org.springframework.security.oauth2.spring-security-oauth2-1.0.xsd Maven / Gradle / Ivy

There is a newer version: 2.5.2.RELEASE
Show newest version



	

	
		
			
				Creates an OAuth2RestTemplate with all the pieces needed to connect to a remote resource from
				a web
				application. Injects request and session-scoped beans into the template, so can only be
				used in the context of a web
				request.
			
		
		
			
				
					
						
						
							
						
					
					
						
							
								The OAuth2ProtectedResourceDetails governing the configuration of this client. Mandatory.
							
						
					
					
						
							
								The reference to the bean that manages access token acquisition. Optional (defaults to a chain
								including common grant types from the spec).
							
						
					
				
			
		
	

	
		
			
				Specifies that the oauth 2 authorization and token
				endpoints should be created in the application
				context. These are
				implemented as regular Spring @Controller beans, so as long as the
				default Spring MVC set up in
				present in the application
				the endpoints should work (at /oauth/authorization and /oauth/token by
				default).
			
		
		

			
				
					
						
							The configuration of the authorization code
							mechanism. This
							mechanism enables a way for clients to
							obtain an
							access token by obtaining an authorization code.
						
					
					
						
							
								
									Whether to disable the authorization code
									mechanism.
								
							
						
						
							
								
									The reference to the bean that defines the
									authorization code
									services. Default value is an
									instance of
									"org.springframework.security.oauth2.provider.authorization_code.InMemoryAuthorizationCodeServices".
								
							
						
					
				
				
					
						
							The configuration of the client credentials
							grant type.
						
					
					
						
							
								
									Whether to disable the implicit grant type
								
							
						
					
				
				
					
						
							The configuration of the refresh token grant
							type.
						
					
					
						
							
								
									Whether to disable the refresh token grant
									type
								
							
						
					
				
				
					
						
							The configuration of the client credentials
							grant type.
						
					
					
						
							
								
									Whether to disable the refresh token grant
									type
								
							
						
					
				
				
					
						
							The configuration of the resource owner password
							grant type.
						
					
					
						
							
								
									Whether to disable the refresh token grant
									type
								
							
						
						
							
								
									A reference to an authentication manager that
									can be used to
									authenticate the resource owner
								
							
						
					
				
				
					
						
							The configuration of your custom grant type.
						
					
					
						
							
								
									Whether to disable this grant
									type
								
							
						
						
							
								
									A reference to your token granter
								
							
						
					
				
			
			
				
					
						The reference to the bean that defines the client
						details service.
					
				
			
			
				
					
						The URL at which a request for an access token
						will be serviced.
						Default value: "/oauth/token"
					
				
			
			
				
					
						The URL at which a user is redirected for
						authorization. Default
						value: "/oauth/authorize"
					
				
			

			
			
				
					
						The reference to the bean that defines the
						granter of different oauth
						token types.
					
				
			

			
				
					
						The reference to the bean that defines the
						implicit grant service.
					
				
			
			
			
				
					
						The reference to the bean that defines the token
						services. Default
						value is an instance of
						"org.springframework.security.oauth2.provider.token.DefaultTokenServices".
					
				
			

			
				
					
						The reference to the bean that defines the manager for
						authorization requests from the input
						parameters (e.g. request parameters).
						Default
						value is an
						instance of
						"org.springframework.security.oauth2.provider.token.DefaultAuthorizationRequestManager".
					
				
			

			
				
					
						Reference to a bean that handles user approval decisions. Using this strategy servers can
						selectively skip the approval process depending on decisions in the past or on the type of client.
					
				
			

			
				
					
						The URL of the page that handles the user
						approval form (if needed, depending on the grant type).
						The default is "forward:/oauth/confirm_access" which is not handled
						by the authorization endpoint, so normally you
						will have to supply a handler
						for this path.
					
				
			

			
				
					
						The URL of the page that handles errors (default forward:/oauth/error).
					
				
			

			
				
					
						The name of the form parameter that is used to
						indicate user
						approval of the client
						authentication
						request.
						Default value: "user_oauth_approval".
					
				
			

			
				
					
						The reference to the bean that defines the
						redirect resolver, used
						during the user
						authorization.
						Default
						value is an instance of
						"org.springframework.security.oauth2.provider.authorization_code.DefaultRedirectResolver".
					
				
			

		
	

	
		
			
				Specifies that there are oauth 2 protected resources in
				the application context. This element
				has an
				id which is the bean id of the filter created. The filter
				should be added to the Spring Security filter chain at
				position before="PRE_AUTH_FILTER"
			
		
		
			
				

					
						
							
								The resource id that is protected by this filter
								if any. If empty or
								absent then all resource ids
								are allowed,
								otherwise
								only tokens which are granted to a client that contains
								this reosurce
								id will be legal.
							
						
					

					
						
							
								The reference to the bean that defines the token
								services. Default
								value is an instance of
								"org.springframework.security.oauth2.provider.token.DefaultTokenServices".
							
						
					

					
						
							
								The reference to the bean that defines the entry point for failed authentications. Defaults to
								a vanilla
								org.springframework.security.oauth2.provider.error.OAuth2AuthenticationEntryPoint.
							
						
					

					
						
							
								The reference to the bean that defines the AuthenticationDetailsSource.
							
						
					
				
			
		
	

	
		
			
				Default element that contains the definition of the
				OAuth clients that are
				allowed to access this
				service.
			
		

		
			
				
					
						
							
								
									Definition of a client that can act on behalf
									of a user.
								
							

							
								
									
										
											The client id.
										
									
								
								
									
										
											The client secret. If the secret is
											undefined or empty (the
											default) the client does
											not
											require a
											secret.
										
									
								
								
									
										
											The re-direct URI(s) established during
											registration (optional, comma separated).
										
									
								
								
									
										
											The resource ids to which this client can be
											granted access
											(comma-separated). If missing or
											empty all
											resources are
											accessible (not recommended by the spec).
										
									
								
								
									
										
											The scopes to which the client is limited
											(comma-separated). If
											scope is undefined or empty
											(the
											default) the client
											is not limited by scope, but in that case
											the authorization
											service must explicitly
											accept unlimited
											access by not
											specifying any scopes itself.
										
									
								
								
									
										
											Grant types that are authorized for the
											client to use
											(comma-separated). Currently defined
											grant types
											include
											"authorization_code", "password", "assertion", and
											"refresh_token". Default value is
											"authorization_code,refresh_token".
										
									
								
								
									
										
											Authorities that are granted to the client
											(comma-separated). Distinct
											from the authorities
											granted to
											the user on behalf
											of whom the client is acting.
										
									
								
								
									
										
											The access token validity period in seconds (optional). If unspecified a global default will
											be applied by the token services.
										
									
								
								
									
										
											The refresh token validity period in seconds (optional). If unspecified a global default
											will
											be applied by the token services.
										
									
								
							
						
					
				
			
		
	

	
		
			
				Element for declaring and configuring an expression
				handler for oauth
				security expressions. See
				https://docs.spring.io/spring-security/site/docs/3.0.x/reference/el-access.html
			
		
		
			
				
			
		
	

	
		
			
				Element for declaring and configuring an expression
				handler for oauth
				security expressions in http
				intercept urls. See
				https://docs.spring.io/spring-security/site/docs/3.0.x/reference/el-access.html
			
		
		
			
				
			
		
	

	
		
			
				Creates the oauth 2 client filter be be added to the
				application security policy.
			
		
		
			
				
					
						
							
								The reference to the bean that defines the
								redirect strategy, used when redirecting the user for
								access authorization. Default value is an instance of
								"org.springframework.security.web.DefaultRedirectStrategy".
							
						
					
				
			
		
	

	
		
			
				Definition of a remote resource that is protected via
				OAuth2 to which this client application wants
				access.
			
		
		
			
				
					
						
							
								The grant type. Currently defined grant types
								include
								"authorization_code", "password", and
								"assertion".
								Default value
								is "authorization_code".
							
						
					
					
						
							
								The client id. This is the id by which the
								resource server will
								identify this application.
							
						
					
					
						
							
								The uri to where the access token may be
								obtained.
							
						
					
					
						
							
								Comma-separted list of string specifying the
								scope of the access to the
								resource. By default,
								no
								scope will be
								specified.
							
						
					
					
						
							
								The secret asssociated with the resource. By
								default, no secret
								will be supplied for access to
								the resource.
							
						
					
					
						
							
								The scheme that is used to pass the client
								secret. Suggested
								values: "header" and "form".
								Default:
								"header".
								See section 2.1 of the OAuth 2 spec.
							
						
					
					
						
							
								The uri to which the user will be redirected if
								the user is ever
								needed to grant an authorization
								code.
							
						
					
					
						
							
								The method for bearing the token when accessing
								the resource.
								Default value is "header". See
								AuthenticationScheme enum for possible values.
							
						
					
					
						
							
								The name of the bearer token. The default is
								"access_token", which
								is according to the spec,
								but
								some providers
								(e.g. Facebook) don't conform to the spec.
							
						
					
					
						
							
								Some resource servers may require a
								pre-established URI to which
								they will redirect users after
								users
								authorize an access token.
							
						
					
					
						
							
								Boolean flag indicating that the current URI should be used as a redirect (if available) rather
								than the
								registered redirect URI. Default is true.
							
						
					
					
						
							
								The username for authentication, required only when type is "password".
							
						
					
					
						
							
								The password for authentication, required only when type is "password".
							
						
					
				
			
		
	






© 2015 - 2025 Weber Informatics LLC | Privacy Policy