org.springframework.security.oauth2.provider.vote.ClientScopeVoter Maven / Gradle / Ivy
Go to download
Show more of this group Show more artifacts with this name
Show all versions of spring-security-oauth2 Show documentation
Show all versions of spring-security-oauth2 Show documentation
Module for providing OAuth2 support to Spring Security
package org.springframework.security.oauth2.provider.vote;
import java.util.Collection;
import java.util.Set;
import org.springframework.security.access.AccessDecisionVoter;
import org.springframework.security.access.AccessDeniedException;
import org.springframework.security.access.ConfigAttribute;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.authority.AuthorityUtils;
import org.springframework.security.oauth2.common.exceptions.InsufficientScopeException;
import org.springframework.security.oauth2.provider.ClientDetails;
import org.springframework.security.oauth2.provider.ClientDetailsService;
import org.springframework.security.oauth2.provider.OAuth2Authentication;
import org.springframework.security.oauth2.provider.OAuth2Request;
/**
* This voter checks scope in request is consistent with that held by the client. If there is no user in the request
* (client_credentials grant) it checks against authorities of client instead of scopes by default. Activate by adding
* CLIENT_HAS_SCOPE
to security attributes.
*
*
* @deprecated See the OAuth 2.0 Migration Guide for Spring Security 5.
*
* @author Dave Syer
*
*/
@Deprecated
public class ClientScopeVoter implements AccessDecisionVoter