public class BearerAuthenticationReader extends Object implements GrpcAuthenticationReader
AuthenticationProvider implementations (e.g. in
spring-security-web/oauth2 or spring-security-oauth2-resource-server), so you need to provide a Function that
wraps the extracted token in a Authentication object supported by your AuthenticationProvider.| Constructor and Description |
|---|
BearerAuthenticationReader(Function<String,Authentication> tokenWrapper)
Creates a new BearerAuthenticationReader with the given wrapper function.
|
| Modifier and Type | Method and Description |
|---|---|
Authentication |
readAuthentication(ServerCall<?,?> call,
Metadata headers)
Tries to read the
Authentication information from the given call and metadata. |
public BearerAuthenticationReader(Function<String,Authentication> tokenWrapper)
Example-Usage:
For spring-security-web:
new BearerAuthenticationReader(token -> new PreAuthenticatedAuthenticationToken(token, null))
For spring-security-oauth2-resource-server:
new BearerAuthenticationReader(token -> new BearerTokenAuthenticationToken(token))
tokenWrapper - The function used to convert the token (without bearer prefix) into an Authentication
object.public Authentication readAuthentication(ServerCall<?,?> call, Metadata headers)
GrpcAuthenticationReaderAuthentication information from the given call and metadata.
Note: Implementations are free to throw an AuthenticationException if no credentials could be
found in the call. If an exception is thrown by an implementation then the authentication attempt should be
considered as failed and no subsequent GrpcAuthenticationReaders should be called. Additionally, the call
will fail as Status.UNAUTHENTICATED. If the call instead returns null, then the call processing
will proceed unauthenticated.
readAuthentication in interface GrpcAuthenticationReadercall - The call to get that send the request.headers - The metadata/headers as sent by the client.