Cwikius-Spring/spring-security
1
0
Fork 0
mirror of https://github.com/spring-projects/spring-security.git synced 2025-06-08 05:02:13 +00:00
Code Issues Packages Projects Releases Wiki Activity

Update OpaqueTokenIntrospector Documentation

Browse Source 
Issue gh-15988
This commit is contained in:
Josh Cummings 2025-01-16 16:46:46 -07:00
parent aced3bcf16
commit a5af8503df
No known key found for this signature in database
GPG Key ID: 869B37A20E876129
2 changed files with 64 additions and 33 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

48
docs/modules/ROOT/pages/reactive/oauth2/resource-server/opaque-token.adoc
View File

@ -273,7 +273,8 @@ Java::
---- ----
@Bean @Bean
public ReactiveOpaqueTokenIntrospector introspector() { public ReactiveOpaqueTokenIntrospector introspector() {
return new NimbusReactiveOpaqueTokenIntrospector(introspectionUri, clientId, clientSecret); return SpringReactiveOpaqueTokenIntrospector.withIntrospectionUri(introspectionUri)
.clientId(clientId).clientSecret(clientSecret).build();
} }
---- ----
@ -283,7 +284,8 @@ Kotlin::
---- ----
@Bean @Bean
fun introspector(): ReactiveOpaqueTokenIntrospector { fun introspector(): ReactiveOpaqueTokenIntrospector {
return NimbusReactiveOpaqueTokenIntrospector(introspectionUri, clientId, clientSecret) return SpringReactiveOpaqueTokenIntrospector.withIntrospectionUri(introspectionUri)
.clientId(clientId).clientSecret(clientSecret).build()
} }
---- ----
====== ======
@ -411,7 +413,8 @@ Java::
---- ----
@Bean @Bean
public ReactiveOpaqueTokenIntrospector introspector() { public ReactiveOpaqueTokenIntrospector introspector() {
return new NimbusReactiveOpaqueTokenIntrospector(introspectionUri, clientId, clientSecret); return SpringReactiveOpaqueTokenIntrospector.withIntrospectionUri(introspectionUri)
.clientId(clientId).clientSecret(clientSecret).build()
} }
---- ----
@ -421,7 +424,8 @@ Kotlin::
---- ----
@Bean @Bean
fun introspector(): ReactiveOpaqueTokenIntrospector { fun introspector(): ReactiveOpaqueTokenIntrospector {
return NimbusReactiveOpaqueTokenIntrospector(introspectionUri, clientId, clientSecret) return SpringReactiveOpaqueTokenIntrospector.withIntrospectionUri(introspectionUri)
.clientId(clientId).clientSecret(clientSecret).build()
} }
---- ----
====== ======
@ -534,8 +538,9 @@ Java::
[source,java,role="primary"] [source,java,role="primary"]
---- ----
public class CustomAuthoritiesOpaqueTokenIntrospector implements ReactiveOpaqueTokenIntrospector { public class CustomAuthoritiesOpaqueTokenIntrospector implements ReactiveOpaqueTokenIntrospector {
private ReactiveOpaqueTokenIntrospector delegate = private ReactiveOpaqueTokenIntrospector delegate = SpringReactiveOpaqueTokenIntrospector
new NimbusReactiveOpaqueTokenIntrospector("https://idp.example.org/introspect", "client", "secret"); .withIntrospectionUri("https://idp.example.org/introspect")
.clientId("client").clientSecret("secret").build();
public Mono<OAuth2AuthenticatedPrincipal> introspect(String token) { public Mono<OAuth2AuthenticatedPrincipal> introspect(String token) {
return this.delegate.introspect(token) return this.delegate.introspect(token)
@ -557,7 +562,9 @@ Kotlin::
[source,kotlin,role="secondary"] [source,kotlin,role="secondary"]
---- ----
class CustomAuthoritiesOpaqueTokenIntrospector : ReactiveOpaqueTokenIntrospector { class CustomAuthoritiesOpaqueTokenIntrospector : ReactiveOpaqueTokenIntrospector {
private val delegate: ReactiveOpaqueTokenIntrospector = NimbusReactiveOpaqueTokenIntrospector("https://idp.example.org/introspect", "client", "secret") private val delegate: ReactiveOpaqueTokenIntrospector = SpringReactiveOpaqueTokenIntrospector
.withIntrospectionUri("https://idp.example.org/introspect")
.clientId("client").clientSecret("secret").build()
override fun introspect(token: String): Mono<OAuth2AuthenticatedPrincipal> { override fun introspect(token: String): Mono<OAuth2AuthenticatedPrincipal> {
return delegate.introspect(token) return delegate.introspect(token)
.map { principal: OAuth2AuthenticatedPrincipal -> .map { principal: OAuth2AuthenticatedPrincipal ->
@ -637,8 +644,9 @@ Java::
[source,java,role="primary"] [source,java,role="primary"]
---- ----
public class JwtOpaqueTokenIntrospector implements ReactiveOpaqueTokenIntrospector { public class JwtOpaqueTokenIntrospector implements ReactiveOpaqueTokenIntrospector {
private ReactiveOpaqueTokenIntrospector delegate = private ReactiveOpaqueTokenIntrospector delegate = SpringReactiveOpaqueTokenIntrospector
new NimbusReactiveOpaqueTokenIntrospector("https://idp.example.org/introspect", "client", "secret"); .withIntrospectionUri("https://idp.example.org/introspect")
.clientId("client").clientSecret("secret").build();
private ReactiveJwtDecoder jwtDecoder = new NimbusReactiveJwtDecoder(new ParseOnlyJWTProcessor()); private ReactiveJwtDecoder jwtDecoder = new NimbusReactiveJwtDecoder(new ParseOnlyJWTProcessor());
public Mono<OAuth2AuthenticatedPrincipal> introspect(String token) { public Mono<OAuth2AuthenticatedPrincipal> introspect(String token) {
@ -664,7 +672,9 @@ Kotlin::
[source,kotlin,role="secondary"] [source,kotlin,role="secondary"]
---- ----
class JwtOpaqueTokenIntrospector : ReactiveOpaqueTokenIntrospector { class JwtOpaqueTokenIntrospector : ReactiveOpaqueTokenIntrospector {
private val delegate: ReactiveOpaqueTokenIntrospector = NimbusReactiveOpaqueTokenIntrospector("https://idp.example.org/introspect", "client", "secret") private val delegate: ReactiveOpaqueTokenIntrospector = SpringReactiveOpaqueTokenIntrospector
.withIntrospectionUri("https://idp.example.org/introspect")
.clientId("client").clientSecret("secret").build()
private val jwtDecoder: ReactiveJwtDecoder = NimbusReactiveJwtDecoder(ParseOnlyJWTProcessor()) private val jwtDecoder: ReactiveJwtDecoder = NimbusReactiveJwtDecoder(ParseOnlyJWTProcessor())
override fun introspect(token: String): Mono<OAuth2AuthenticatedPrincipal> { override fun introspect(token: String): Mono<OAuth2AuthenticatedPrincipal> {
return delegate.introspect(token) return delegate.introspect(token)
@ -731,8 +741,9 @@ Java::
[source,java,role="primary"] [source,java,role="primary"]
---- ----
public class UserInfoOpaqueTokenIntrospector implements ReactiveOpaqueTokenIntrospector { public class UserInfoOpaqueTokenIntrospector implements ReactiveOpaqueTokenIntrospector {
private final ReactiveOpaqueTokenIntrospector delegate = private final ReactiveOpaqueTokenIntrospector delegate = SpringReactiveOpaqueTokenIntrospector
new NimbusReactiveOpaqueTokenIntrospector("https://idp.example.org/introspect", "client", "secret"); .withIntrospectionUri("https://idp.example.org/introspect")
.clientId("client").clientSecret("secret").build();
private final ReactiveOAuth2UserService<OAuth2UserRequest, OAuth2User> oauth2UserService = private final ReactiveOAuth2UserService<OAuth2UserRequest, OAuth2User> oauth2UserService =
new DefaultReactiveOAuth2UserService(); new DefaultReactiveOAuth2UserService();
@ -761,7 +772,9 @@ Kotlin::
[source,kotlin,role="secondary"] [source,kotlin,role="secondary"]
---- ----
class UserInfoOpaqueTokenIntrospector : ReactiveOpaqueTokenIntrospector { class UserInfoOpaqueTokenIntrospector : ReactiveOpaqueTokenIntrospector {
private val delegate: ReactiveOpaqueTokenIntrospector = NimbusReactiveOpaqueTokenIntrospector("https://idp.example.org/introspect", "client", "secret") private val delegate: ReactiveOpaqueTokenIntrospector = SpringReactiveOpaqueTokenIntrospector
.withIntrospectionUri("https://idp.example.org/introspect")
.clientId("client").clientSecret("secret").build()
private val oauth2UserService: ReactiveOAuth2UserService<OAuth2UserRequest, OAuth2User> = DefaultReactiveOAuth2UserService() private val oauth2UserService: ReactiveOAuth2UserService<OAuth2UserRequest, OAuth2User> = DefaultReactiveOAuth2UserService()
private val repository: ReactiveClientRegistrationRepository? = null private val repository: ReactiveClientRegistrationRepository? = null
@ -792,8 +805,9 @@ Java::
[source,java,role="primary"] [source,java,role="primary"]
---- ----
public class UserInfoOpaqueTokenIntrospector implements ReactiveOpaqueTokenIntrospector { public class UserInfoOpaqueTokenIntrospector implements ReactiveOpaqueTokenIntrospector {
private final ReactiveOpaqueTokenIntrospector delegate = private final ReactiveOpaqueTokenIntrospector delegate = SpringReactiveOpaqueTokenIntrospector
new NimbusReactiveOpaqueTokenIntrospector("https://idp.example.org/introspect", "client", "secret"); .withIntrospectionUri("https://idp.example.org/introspect")
.clientId("client").clientSecret("secret").build();
private final WebClient rest = WebClient.create(); private final WebClient rest = WebClient.create();
@Override @Override
@ -809,7 +823,9 @@ Kotlin::
[source,kotlin,role="secondary"] [source,kotlin,role="secondary"]
---- ----
class UserInfoOpaqueTokenIntrospector : ReactiveOpaqueTokenIntrospector { class UserInfoOpaqueTokenIntrospector : ReactiveOpaqueTokenIntrospector {
private val delegate: ReactiveOpaqueTokenIntrospector = NimbusReactiveOpaqueTokenIntrospector("https://idp.example.org/introspect", "client", "secret") private val delegate: ReactiveOpaqueTokenIntrospector = SpringReactiveOpaqueTokenIntrospector
.withIntrospectionUri("https://idp.example.org/introspect")
.clientId("client").clientSecret("secret").build()
private val rest: WebClient = WebClient.create() private val rest: WebClient = WebClient.create()
override fun introspect(token: String): Mono<OAuth2AuthenticatedPrincipal> { override fun introspect(token: String): Mono<OAuth2AuthenticatedPrincipal> {

49
docs/modules/ROOT/pages/servlet/oauth2/resource-server/opaque-token.adoc
View File

@ -307,7 +307,8 @@ Java::
---- ----
@Bean @Bean
public OpaqueTokenIntrospector introspector() { public OpaqueTokenIntrospector introspector() {
return new NimbusOpaqueTokenIntrospector(introspectionUri, clientId, clientSecret); return SpringOpaqueTokenIntrospector.withIntrospectionUri(introspectionUri)
.clientId(clientId).clientSecret(clientSecret).build();
} }
---- ----
@ -317,7 +318,8 @@ Kotlin::
---- ----
@Bean @Bean
fun introspector(): OpaqueTokenIntrospector { fun introspector(): OpaqueTokenIntrospector {
return NimbusOpaqueTokenIntrospector(introspectionUri, clientId, clientSecret) return SpringOpaqueTokenIntrospector.withIntrospectionUri(introspectionUri)
.clientId(clientId).clientSecret(clientSecret).build()
} }
---- ----
====== ======
@ -532,7 +534,8 @@ Or, exposing a <<oauth2resourceserver-opaque-architecture-introspector,`OpaqueTo
---- ----
@Bean @Bean
public OpaqueTokenIntrospector introspector() { public OpaqueTokenIntrospector introspector() {
return new NimbusOpaqueTokenIntrospector(introspectionUri, clientId, clientSecret); return return SpringOpaqueTokenIntrospector.withIntrospectionUri(introspectionUri)
.clientId(clientId).clientSecret(clientSecret).build();
} }
---- ----
@ -662,8 +665,9 @@ Java::
[source,java,role="primary"] [source,java,role="primary"]
---- ----
public class CustomAuthoritiesOpaqueTokenIntrospector implements OpaqueTokenIntrospector { public class CustomAuthoritiesOpaqueTokenIntrospector implements OpaqueTokenIntrospector {
private OpaqueTokenIntrospector delegate = private OpaqueTokenIntrospector delegate = SpringOpaqueTokenIntrospector
new NimbusOpaqueTokenIntrospector("https://idp.example.org/introspect", "client", "secret"); .withIntrospectionUri("https://idp.example.org/introspect")
.clientId("client").clientSecret("secret").build();
public OAuth2AuthenticatedPrincipal introspect(String token) { public OAuth2AuthenticatedPrincipal introspect(String token) {
OAuth2AuthenticatedPrincipal principal = this.delegate.introspect(token); OAuth2AuthenticatedPrincipal principal = this.delegate.introspect(token);
@ -685,7 +689,9 @@ Kotlin::
[source,kotlin,role="secondary"] [source,kotlin,role="secondary"]
---- ----
class CustomAuthoritiesOpaqueTokenIntrospector : OpaqueTokenIntrospector { class CustomAuthoritiesOpaqueTokenIntrospector : OpaqueTokenIntrospector {
private val delegate: OpaqueTokenIntrospector = NimbusOpaqueTokenIntrospector("https://idp.example.org/introspect", "client", "secret") private val delegate: OpaqueTokenIntrospector = SpringOpaqueTokenIntrospector
.withIntrospectionUri("https://idp.example.org/introspect")
.clientId("client").clientSecret("secret").build()
override fun introspect(token: String): OAuth2AuthenticatedPrincipal { override fun introspect(token: String): OAuth2AuthenticatedPrincipal {
val principal: OAuth2AuthenticatedPrincipal = delegate.introspect(token) val principal: OAuth2AuthenticatedPrincipal = delegate.introspect(token)
return DefaultOAuth2AuthenticatedPrincipal( return DefaultOAuth2AuthenticatedPrincipal(
@ -750,7 +756,7 @@ public OpaqueTokenIntrospector introspector(RestTemplateBuilder builder, OAuth2R
.setReadTimeout(Duration.ofSeconds(60)) .setReadTimeout(Duration.ofSeconds(60))
.build(); .build();
return new NimbusOpaqueTokenIntrospector(introspectionUri, rest); return SpringOpaqueTokenIntrospector(introspectionUri, rest);
} }
---- ----
@ -765,7 +771,7 @@ fun introspector(builder: RestTemplateBuilder, properties: OAuth2ResourceServerP
.setConnectTimeout(Duration.ofSeconds(60)) .setConnectTimeout(Duration.ofSeconds(60))
.setReadTimeout(Duration.ofSeconds(60)) .setReadTimeout(Duration.ofSeconds(60))
.build() .build()
return NimbusOpaqueTokenIntrospector(introspectionUri, rest) return SpringOpaqueTokenIntrospector(introspectionUri, rest)
} }
---- ----
====== ======
@ -807,8 +813,9 @@ Java::
[source,java,role="primary"] [source,java,role="primary"]
---- ----
public class JwtOpaqueTokenIntrospector implements OpaqueTokenIntrospector { public class JwtOpaqueTokenIntrospector implements OpaqueTokenIntrospector {
private OpaqueTokenIntrospector delegate = private OpaqueTokenIntrospector delegate = SpringOpaqueTokenIntrospector
new NimbusOpaqueTokenIntrospector("https://idp.example.org/introspect", "client", "secret"); .withIntrospectionUri("https://idp.example.org/introspect")
.clientId("client").clientSecret("secret").build();
private JwtDecoder jwtDecoder = new NimbusJwtDecoder(new ParseOnlyJWTProcessor()); private JwtDecoder jwtDecoder = new NimbusJwtDecoder(new ParseOnlyJWTProcessor());
public OAuth2AuthenticatedPrincipal introspect(String token) { public OAuth2AuthenticatedPrincipal introspect(String token) {
@ -835,7 +842,9 @@ Kotlin::
[source,kotlin,role="secondary"] [source,kotlin,role="secondary"]
---- ----
class JwtOpaqueTokenIntrospector : OpaqueTokenIntrospector { class JwtOpaqueTokenIntrospector : OpaqueTokenIntrospector {
private val delegate: OpaqueTokenIntrospector = NimbusOpaqueTokenIntrospector("https://idp.example.org/introspect", "client", "secret") private val delegate: OpaqueTokenIntrospector = SpringOpaqueTokenIntrospector
.withIntrospectionUri("https://idp.example.org/introspect")
.clientId("client").clientSecret("secret").build()
private val jwtDecoder: JwtDecoder = NimbusJwtDecoder(ParseOnlyJWTProcessor()) private val jwtDecoder: JwtDecoder = NimbusJwtDecoder(ParseOnlyJWTProcessor())
override fun introspect(token: String): OAuth2AuthenticatedPrincipal { override fun introspect(token: String): OAuth2AuthenticatedPrincipal {
val principal = delegate.introspect(token) val principal = delegate.introspect(token)
@ -902,8 +911,9 @@ Java::
[source,java,role="primary"] [source,java,role="primary"]
---- ----
public class UserInfoOpaqueTokenIntrospector implements OpaqueTokenIntrospector { public class UserInfoOpaqueTokenIntrospector implements OpaqueTokenIntrospector {
private final OpaqueTokenIntrospector delegate = private final OpaqueTokenIntrospector delegate = SpringOpaqueTokenIntrospector
new NimbusOpaqueTokenIntrospector("https://idp.example.org/introspect", "client", "secret"); .withIntrospectionUri("https://idp.example.org/introspect")
.clientId("client").clientSecret("secret").build();
private final OAuth2UserService oauth2UserService = new DefaultOAuth2UserService(); private final OAuth2UserService oauth2UserService = new DefaultOAuth2UserService();
private final ClientRegistrationRepository repository; private final ClientRegistrationRepository repository;
@ -928,7 +938,9 @@ Kotlin::
[source,kotlin,role="secondary"] [source,kotlin,role="secondary"]
---- ----
class UserInfoOpaqueTokenIntrospector : OpaqueTokenIntrospector { class UserInfoOpaqueTokenIntrospector : OpaqueTokenIntrospector {
private val delegate: OpaqueTokenIntrospector = NimbusOpaqueTokenIntrospector("https://idp.example.org/introspect", "client", "secret") private val delegate: OpaqueTokenIntrospector = SpringOpaqueTokenIntrospector
.withIntrospectionUri("https://idp.example.org/introspect")
.clientId("client").clientSecret("secret").build()
private val oauth2UserService = DefaultOAuth2UserService() private val oauth2UserService = DefaultOAuth2UserService()
private val repository: ClientRegistrationRepository? = null private val repository: ClientRegistrationRepository? = null
@ -957,8 +969,9 @@ Java::
[source,java,role="primary"] [source,java,role="primary"]
---- ----
public class UserInfoOpaqueTokenIntrospector implements OpaqueTokenIntrospector { public class UserInfoOpaqueTokenIntrospector implements OpaqueTokenIntrospector {
private final OpaqueTokenIntrospector delegate = private final OpaqueTokenIntrospector delegate = SpringOpaqueTokenIntrospector
new NimbusOpaqueTokenIntrospector("https://idp.example.org/introspect", "client", "secret"); .withIntrospectionUri("https://idp.example.org/introspect")
.clientId("client").clientSecret("secret").build();
private final WebClient rest = WebClient.create(); private final WebClient rest = WebClient.create();
@Override @Override
@ -974,7 +987,9 @@ Kotlin::
[source,kotlin,role="secondary"] [source,kotlin,role="secondary"]
---- ----
class UserInfoOpaqueTokenIntrospector : OpaqueTokenIntrospector { class UserInfoOpaqueTokenIntrospector : OpaqueTokenIntrospector {
private val delegate: OpaqueTokenIntrospector = NimbusOpaqueTokenIntrospector("https://idp.example.org/introspect", "client", "secret") private val delegate: OpaqueTokenIntrospector = SpringOpaqueTokenIntrospector
.withIntrospectionUri("https://idp.example.org/introspect")
.clientId("client").clientSecret("secret").build()
private val rest: WebClient = WebClient.create() private val rest: WebClient = WebClient.create()
override fun introspect(token: String): OAuth2AuthenticatedPrincipal { override fun introspect(token: String): OAuth2AuthenticatedPrincipal {