Class ResourceServerTokenRelayAutoConfiguration
java.lang.Object
org.springframework.cloud.commons.security.ResourceServerTokenRelayAutoConfiguration
@Configuration(proxyBeanMethods=false)
@AutoConfigureAfter(org.springframework.boot.autoconfigure.security.oauth2.OAuth2AutoConfiguration.class)
@ConditionalOnOAuth2ClientInResourceServer
@ConditionalOnClass(org.springframework.security.oauth2.config.annotation.web.configuration.ResourceServerConfiguration.class)
@ConditionalOnWebApplication
@ConditionalOnProperty(value="spring.cloud.mvc.token-relay.enabled",
matchIfMissing=true)
public class ResourceServerTokenRelayAutoConfiguration
extends Object
Adds an MVC interceptor for relaying OAuth2 access tokens into the client context (if
there is one). In this way an incoming request to a resource server can be relayed
downstream just be using
N.B. an app that is using
@EnableOAuth2Client
and an
OAuth2RestTemplate
. An MVC interceptor is used so as to have a minimal
impact on the call stack. If you are not using MVC you could use a custom filter or AOP
interceptor wrapping the same call to an AccessTokenContextRelay
.
N.B. an app that is using
UserInfoTokenServices
generally doesn't need this
interceptor, but it doesn't hurt to include it.- Author:
- Dave Syer
-
Nested Class Summary
Modifier and TypeClassDescriptionstatic class
AWebMvcConfigurer
for the access token interceptor. -
Constructor Summary
-
Method Summary
Modifier and TypeMethodDescriptionaccessTokenContextRelay
(org.springframework.security.oauth2.client.OAuth2ClientContext context)
-
Constructor Details
-
ResourceServerTokenRelayAutoConfiguration
public ResourceServerTokenRelayAutoConfiguration()
-
-
Method Details
-
accessTokenContextRelay
@Bean public AccessTokenContextRelay accessTokenContextRelay(org.springframework.security.oauth2.client.OAuth2ClientContext context)
-