Class ResourceServerTokenRelayAutoConfiguration
java.lang.Object
org.springframework.cloud.commons.security.ResourceServerTokenRelayAutoConfiguration
@Configuration(proxyBeanMethods=false)
@AutoConfigureAfter(org.springframework.boot.autoconfigure.security.oauth2.OAuth2AutoConfiguration.class)
@ConditionalOnOAuth2ClientInResourceServer
@ConditionalOnClass(org.springframework.security.oauth2.config.annotation.web.configuration.ResourceServerConfiguration.class)
@ConditionalOnWebApplication
@ConditionalOnProperty(value="spring.cloud.mvc.token-relay.enabled",
matchIfMissing=true)
public class ResourceServerTokenRelayAutoConfiguration
extends Object
Adds an MVC interceptor for relaying OAuth2 access tokens into the client context (if
there is one). In this way an incoming request to a resource server can be relayed
downstream just be using
N.B. an app that is using
@EnableOAuth2Client and an
OAuth2RestTemplate. An MVC interceptor is used so as to have a minimal
impact on the call stack. If you are not using MVC you could use a custom filter or AOP
interceptor wrapping the same call to an AccessTokenContextRelay.
N.B. an app that is using
UserInfoTokenServices generally doesn't need this
interceptor, but it doesn't hurt to include it.- Author:
- Dave Syer
-
Nested Class Summary
Nested ClassesModifier and TypeClassDescriptionstatic classAWebMvcConfigurerfor the access token interceptor. -
Constructor Summary
Constructors -
Method Summary
Modifier and TypeMethodDescriptionaccessTokenContextRelay(org.springframework.security.oauth2.client.OAuth2ClientContext context)
-
Constructor Details
-
ResourceServerTokenRelayAutoConfiguration
public ResourceServerTokenRelayAutoConfiguration()
-
-
Method Details
-
accessTokenContextRelay
@Bean public AccessTokenContextRelay accessTokenContextRelay(org.springframework.security.oauth2.client.OAuth2ClientContext context)
-