mirror of
https://github.com/spring-projects/spring-security.git
synced 2025-11-11 12:09:14 +00:00
29 lines
1.5 KiB
Plaintext
29 lines
1.5 KiB
Plaintext
[[oauth2resourceserver-protected-resource-metadata]]
|
|
= OAuth 2.0 Protected Resource Metadata
|
|
|
|
`OAuth2ResourceServerConfigurer.ProtectedResourceMetadataConfigurer` provides the ability to customize the https://www.rfc-editor.org/rfc/rfc9728.html#section-3[OAuth 2.0 Protected Resource Metadata endpoint].
|
|
It defines an extension point that lets you customize the https://www.rfc-editor.org/rfc/rfc9728.html#section-3.2[OAuth 2.0 Protected Resource Metadata response].
|
|
|
|
`OAuth2ResourceServerConfigurer.ProtectedResourceMetadataConfigurer` provides the following configuration option:
|
|
|
|
[source,java]
|
|
----
|
|
@Bean
|
|
public SecurityFilterChain filterChain(HttpSecurity http) throws Exception {
|
|
http
|
|
.oauth2ResourceServer((resourceServer) ->
|
|
resourceServer
|
|
.protectedResourceMetadata(protectedResourceMetadata ->
|
|
protectedResourceMetadata
|
|
.protectedResourceMetadataCustomizer(protectedResourceMetadataCustomizer) <1>
|
|
)
|
|
);
|
|
|
|
return http.build();
|
|
}
|
|
----
|
|
<1> `protectedResourceMetadataCustomizer()`: The `Consumer` providing access to the `OAuth2ProtectedResourceMetadata.Builder` allowing the ability to customize the claims of the Resource Server's configuration.
|
|
|
|
`OAuth2ResourceServerConfigurer.ProtectedResourceMetadataConfigurer` configures the `OAuth2ProtectedResourceMetadataFilter` and registers it with the Resource Server `SecurityFilterChain` `@Bean`.
|
|
`OAuth2ProtectedResourceMetadataFilter` is the `Filter` that returns the https://www.rfc-editor.org/rfc/rfc9728.html#section-3.2[OAuth2ProtectedResourceMetadata response].
|