Class AuthorizationServiceOpaqueTokenIntrospector

java.lang.Object
io.jmix.authserver.introspection.AuthorizationServiceOpaqueTokenIntrospector
All Implemented Interfaces:
org.springframework.security.oauth2.server.resource.introspection.OpaqueTokenIntrospector

public class AuthorizationServiceOpaqueTokenIntrospector extends Object implements org.springframework.security.oauth2.server.resource.introspection.OpaqueTokenIntrospector
Token introspector that queries the backing store of tokens (authorization service) and fills the authenticated principal authorities with proper roles depending on authorization grant type:
  • For AUTHORIZATION_CODE grant type, roles of authenticated user are used
  • For CLIENT_CREDENTIALS grant type, roles specified for the client in the properties file are used
  • Constructor Details

    • AuthorizationServiceOpaqueTokenIntrospector

      public AuthorizationServiceOpaqueTokenIntrospector(org.springframework.security.oauth2.server.authorization.OAuth2AuthorizationService authorizationService, TokenIntrospectorRolesHelper introspectorRolesHelper)
  • Method Details

    • introspect

      public org.springframework.security.oauth2.core.OAuth2AuthenticatedPrincipal introspect(String token)
      Specified by:
      introspect in interface org.springframework.security.oauth2.server.resource.introspection.OpaqueTokenIntrospector