Package io.jmix.authserver.introspection

Class AuthorizationServiceOpaqueTokenIntrospector

java.lang.Object

io.jmix.authserver.introspection.AuthorizationServiceOpaqueTokenIntrospector

All Implemented Interfaces:

org.springframework.security.oauth2.server.resource.introspection.OpaqueTokenIntrospector

public class AuthorizationServiceOpaqueTokenIntrospector
extends Object
implements org.springframework.security.oauth2.server.resource.introspection.OpaqueTokenIntrospector

Token introspector that queries the backing store of tokens (authorization service) and fills the authenticated principal authorities with proper roles depending on authorization grant type:

• For AUTHORIZATION_CODE grant type, roles of authenticated user are used
• For CLIENT_CREDENTIALS grant type, roles specified for the client in the properties file are used
• For PASSWORD grant type, roles of authenticated user are used

Constructor Summary

Constructors

Constructor	Description
AuthorizationServiceOpaqueTokenIntrospector(org.springframework.security.oauth2.server.authorization.OAuth2AuthorizationService authorizationService, TokenIntrospectorRolesHelper introspectorRolesHelper)

Method Summary

Modifier and Type	Method	Description
org.springframework.security.oauth2.core.OAuth2AuthenticatedPrincipal	introspect(String token)

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Constructor Details

AuthorizationServiceOpaqueTokenIntrospector

public AuthorizationServiceOpaqueTokenIntrospector(org.springframework.security.oauth2.server.authorization.OAuth2AuthorizationService authorizationService,
 TokenIntrospectorRolesHelper introspectorRolesHelper)

Method Details

introspect

public org.springframework.security.oauth2.core.OAuth2AuthenticatedPrincipal introspect(String token)

Specified by:

introspect in interface org.springframework.security.oauth2.server.resource.introspection.OpaqueTokenIntrospector