Cwikius-Spring
/
spring-security
mirror of https://github.com/spring-projects/spring-security.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Clarify OAuth 2.0 Resource Server Multitenancy Snippet 

Closes gh-10233
This commit is contained in:
Josh Cummings 2021-09-03 16:54:27 -06:00
parent f1691370d6
commit 989c1419d5
1 changed files with 13 additions and 18 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

31
docs/manual/src/docs/asciidoc/_includes/servlet/oauth2/oauth2-resourceserver.adoc
View File

@ -2336,18 +2336,12 @@ If this decision must be made at request-time, then you can use an `Authenticati
[source,java,role="primary"] [source,java,role="primary"]
---- ----
@Bean @Bean
AuthenticationManagerResolver<HttpServletRequest> tokenAuthenticationManagerResolver() { AuthenticationManagerResolver<HttpServletRequest> tokenAuthenticationManagerResolver
BearerTokenResolver bearerToken = new DefaultBearerTokenResolver(); (JwtDecoder jwtDecoder, OpaqueTokenIntrospector opaqueTokenIntrospector) {
JwtAuthenticationProvider jwt = jwt(); AuthenticationManager jwt = new ProviderManager(new JwtAuthenticationProvider(jwtDecoder));
OpaqueTokenAuthenticationProvider opaqueToken = opaqueToken(); AuthenticationManager opaqueToken = new ProviderManager(
new OpaqueTokenAuthenticationProvider(opaqueTokenIntrospector));
return request -> { return (request) -> useJwt(request) ? jwt : opaqueToken;
if (useJwt(request)) {
return jwt::authenticate;
} else {
return opaqueToken::authenticate;
}
}
} }
---- ----
@ -2355,16 +2349,17 @@ AuthenticationManagerResolver<HttpServletRequest> tokenAuthenticationManagerReso
[source,kotlin,role="secondary"] [source,kotlin,role="secondary"]
---- ----
@Bean @Bean
fun tokenAuthenticationManagerResolver(): AuthenticationManagerResolver<HttpServletRequest> { fun tokenAuthenticationManagerResolver
val bearerToken: BearerTokenResolver = DefaultBearerTokenResolver() (jwtDecoder: JwtDecoder, opaqueTokenIntrospector: OpaqueTokenIntrospector):
val jwt: JwtAuthenticationProvider = jwt() AuthenticationManagerResolver<HttpServletRequest> {
val opaqueToken: OpaqueTokenAuthenticationProvider = opaqueToken() val jwt = ProviderManager(JwtAuthenticationProvider(jwtDecoder))
val opaqueToken = ProviderManager(OpaqueTokenAuthenticationProvider(opaqueTokenIntrospector));
return AuthenticationManagerResolver { request -> return AuthenticationManagerResolver { request ->
if (useJwt(request)) { if (useJwt(request)) {
AuthenticationManager { jwt.authenticate(it) } jwt
} else { } else {
AuthenticationManager { opaqueToken.authenticate(it) } opaqueToken
} }
} }
} }