Package com.okta.spring.boot.oauth

Interface AuthoritiesProvider

public interface AuthoritiesProvider

Allows for custom GrantedAuthoritys to be added to the current OAuth Principal. Multiple implementations are allowed, by default OAuth scopes are converted to Authorities with the format SCOPE_<scope-name> and if a `groups` claim exists in the access or id token, those are converted as well. Example usage:

     @Bean
     AuthoritiesProvider myCustomAuthoritiesProvider() {
         return (user, userRequest) -> lookupExtraAuthoritesByName(user.getAttributes().get("email"));
     }
 

Since:

1.4.0

Method Summary

Modifier and Type	Method	Description
default Collection<? extends org.springframework.security.core.GrantedAuthority>	getAuthorities(org.springframework.security.oauth2.core.oidc.user.OidcUser user, org.springframework.security.oauth2.client.oidc.userinfo.OidcUserRequest userRequest)
Collection<? extends org.springframework.security.core.GrantedAuthority>	getAuthorities(org.springframework.security.oauth2.core.user.OAuth2User user, org.springframework.security.oauth2.client.userinfo.OAuth2UserRequest userRequest)

Method Details

getAuthorities

Collection<? extends org.springframework.security.core.GrantedAuthority> getAuthorities(org.springframework.security.oauth2.core.user.OAuth2User user,
 org.springframework.security.oauth2.client.userinfo.OAuth2UserRequest userRequest)

getAuthorities

default Collection<? extends org.springframework.security.core.GrantedAuthority> getAuthorities(org.springframework.security.oauth2.core.oidc.user.OidcUser user,
 org.springframework.security.oauth2.client.oidc.userinfo.OidcUserRequest userRequest)