Class SAPOfflineTokenServicesCloud
- java.lang.Object
-
- com.sap.cloud.security.adapter.spring.SAPOfflineTokenServicesCloud
-
- All Implemented Interfaces:
org.springframework.beans.factory.InitializingBean,org.springframework.security.oauth2.provider.token.ResourceServerTokenServices
public class SAPOfflineTokenServicesCloud extends Object implements org.springframework.security.oauth2.provider.token.ResourceServerTokenServices, org.springframework.beans.factory.InitializingBean
This constructor requires a dependency to spring-security-oauth2, which is deprecated.
By default it used Apache Rest Client for communicating with the OAuth2 Server.<dependency> <groupId>org.springframework.security.oauth</groupId> <artifactId>spring-security-oauth2</artifactId> <scope>provided</scope> </dependency> <dependency> <groupId>org.springframework</groupId> <artifactId>spring-beans</artifactId> <scope>provided</scope> </dependency>
When used in conjunction with Java Http Servlets, the
Spring Security framework initializes theHttpServletRequest.getRemoteUser()will be filled with either theuser_nameclaim of the token or the client id (azp) if it is not an user token.SecurityContextwith theOAuth2Authenticationwhich is provided as part ofloadAuthentication(java.lang.String)method.
This gives you the following options:- All Spring security features are supported that uses
SecurityContext.getAuthentication() - You can access the
AuthenticationviaSecurityContextHolder.getContext()also within asynchronous threads. - You can access the
TokenviaSpringSecurityContext.getToken()also within asynchronous threads.
-
-
Constructor Summary
Constructors Constructor Description SAPOfflineTokenServicesCloud()Constructs an instance which is preconfigured for XSUAA service configuration from SAP CP Environment.SAPOfflineTokenServicesCloud(OAuth2ServiceConfiguration serviceConfiguration)Deprecated.In favor of {SAPOfflineTokenServicesCloud(OAuth2ServiceConfiguration, RestOperations)} gets removed with the version 3.0.0, does not support certificate based authenticationSAPOfflineTokenServicesCloud(OAuth2ServiceConfiguration serviceConfiguration, org.springframework.web.client.RestOperations restOperations)Constructs an instance with custom configuration and rest template.
-
Method Summary
All Methods Instance Methods Concrete Methods Modifier and Type Method Description voidafterPropertiesSet()org.springframework.security.oauth2.provider.OAuth2AuthenticationloadAuthentication(String accessToken)org.springframework.security.oauth2.common.OAuth2AccessTokenreadAccessToken(String accessToken)SAPOfflineTokenServicesCloudsetLocalScopeAsAuthorities(boolean extractLocalScopesOnly)This method allows to overwrite the default behavior of the authorities converter implementation.SAPOfflineTokenServicesCloudwithAnotherServiceConfiguration(OAuth2ServiceConfiguration otherServiceConfiguration)Configure another XSUAA instance, e.g.
-
-
-
Constructor Detail
-
SAPOfflineTokenServicesCloud
public SAPOfflineTokenServicesCloud()
Constructs an instance which is preconfigured for XSUAA service configuration from SAP CP Environment.
-
SAPOfflineTokenServicesCloud
@Deprecated public SAPOfflineTokenServicesCloud(OAuth2ServiceConfiguration serviceConfiguration)
Deprecated.In favor of {SAPOfflineTokenServicesCloud(OAuth2ServiceConfiguration, RestOperations)} gets removed with the version 3.0.0, does not support certificate based authenticationConstructs an instance with custom configuration.- Parameters:
serviceConfiguration- the service configuration. You can useEnvironmentsin order to load service configuration from the binding information in your environment.
-
SAPOfflineTokenServicesCloud
public SAPOfflineTokenServicesCloud(OAuth2ServiceConfiguration serviceConfiguration, org.springframework.web.client.RestOperations restOperations)
Constructs an instance with custom configuration and rest template.- Parameters:
serviceConfiguration- the service configuration. You can useEnvironmentsin order to load service configuration from the binding information in your environment.restOperations- the spring rest template
-
-
Method Detail
-
withAnotherServiceConfiguration
public SAPOfflineTokenServicesCloud withAnotherServiceConfiguration(OAuth2ServiceConfiguration otherServiceConfiguration)
Configure another XSUAA instance, e.g. of plan broker.- Parameters:
otherServiceConfiguration- another service configuration. You can useCFEnvironment.getXsuaaConfigurationForTokenExchange()in order to load additional broker service configuration from the binding information in your environment.- Returns:
- the instance itself
-
loadAuthentication
public org.springframework.security.oauth2.provider.OAuth2Authentication loadAuthentication(@Nonnull String accessToken) throws org.springframework.security.core.AuthenticationException, org.springframework.security.oauth2.common.exceptions.InvalidTokenException
- Specified by:
loadAuthenticationin interfaceorg.springframework.security.oauth2.provider.token.ResourceServerTokenServices- Throws:
org.springframework.security.core.AuthenticationExceptionorg.springframework.security.oauth2.common.exceptions.InvalidTokenException
-
afterPropertiesSet
public void afterPropertiesSet()
- Specified by:
afterPropertiesSetin interfaceorg.springframework.beans.factory.InitializingBean
-
readAccessToken
public org.springframework.security.oauth2.common.OAuth2AccessToken readAccessToken(String accessToken)
- Specified by:
readAccessTokenin interfaceorg.springframework.security.oauth2.provider.token.ResourceServerTokenServices
-
setLocalScopeAsAuthorities
public SAPOfflineTokenServicesCloud setLocalScopeAsAuthorities(boolean extractLocalScopesOnly)
This method allows to overwrite the default behavior of the authorities converter implementation.- Parameters:
extractLocalScopesOnly- true when only local scopes are extracted. Local scopes means that non-application specific scopes are filtered out and scopes are returned without appId prefix, e.g. "Display".- Returns:
- the token authenticator itself
-
-