A

ACCESS_TOKEN - Static variable in class org.springframework.security.oauth2.server.authorization.TokenType

 

ACCESS_TOKEN_ATTRIBUTES - Static variable in interface org.springframework.security.oauth2.server.authorization.OAuth2AuthorizationAttributeNames

The name of the attribute used for the attributes/claims of the OAuth2AccessToken.

accessToken(OAuth2AccessToken) - Method in class org.springframework.security.oauth2.server.authorization.OAuth2Authorization.Builder

Sets the access token credential.

activatedOn(Instant) - Method in class org.springframework.security.crypto.keys.ManagedKey.Builder

Sets the time when this key was activated.

ALG - Static variable in interface org.springframework.security.oauth2.jose.JoseHeaderNames

alg - the algorithm header identifies the cryptographic algorithm used to secure a JWS or JWE

attribute(String, Object) - Method in class org.springframework.security.oauth2.server.authorization.OAuth2Authorization.Builder

Adds an attribute associated to the authorization.

attributes(Consumer<Map<String, Object>>) - Method in class org.springframework.security.oauth2.server.authorization.OAuth2Authorization.Builder

A Consumer of the attributes Map allowing the ability to add, replace, or remove.

audience(List<String>) - Method in class org.springframework.security.oauth2.jwt.JwtClaimsSet.Builder

Sets the audience (aud) claim, which identifies the recipient(s) that the JWT is intended for.

authenticate(Authentication) - Method in class org.springframework.security.oauth2.server.authorization.authentication.OAuth2AuthorizationCodeAuthenticationProvider

 

authenticate(Authentication) - Method in class org.springframework.security.oauth2.server.authorization.authentication.OAuth2ClientAuthenticationProvider

 

authenticate(Authentication) - Method in class org.springframework.security.oauth2.server.authorization.authentication.OAuth2ClientCredentialsAuthenticationProvider

 

AUTHORIZATION_CODE - Static variable in class org.springframework.security.oauth2.server.authorization.TokenType

 

AUTHORIZATION_REQUEST - Static variable in interface org.springframework.security.oauth2.server.authorization.OAuth2AuthorizationAttributeNames

The name of the attribute used for the OAuth2AuthorizationRequest.

authorizationGrantType(AuthorizationGrantType) - Method in class org.springframework.security.oauth2.server.authorization.client.RegisteredClient.Builder

Adds an authorization grant type the client may use.

authorizationGrantTypes(Consumer<Set<AuthorizationGrantType>>) - Method in class org.springframework.security.oauth2.server.authorization.client.RegisteredClient.Builder

A Consumer of the authorization grant type(s) allowing the ability to add, replace, or remove.

authorizationService(OAuth2AuthorizationService) - Method in class org.springframework.security.config.annotation.web.configurers.oauth2.server.authorization.OAuth2AuthorizationServerConfigurer

Sets the authorization service.

B

build() - Method in class org.springframework.security.crypto.keys.ManagedKey.Builder

Builds a new ManagedKey.

build() - Method in class org.springframework.security.oauth2.jose.JoseHeader.Builder

Builds a new JoseHeader.

build() - Method in class org.springframework.security.oauth2.jwt.JwtClaimsSet.Builder

Builds a new JwtClaimsSet.

build() - Method in class org.springframework.security.oauth2.server.authorization.client.RegisteredClient.Builder

Builds a new RegisteredClient.

build() - Method in class org.springframework.security.oauth2.server.authorization.OAuth2Authorization.Builder

Builds a new OAuth2Authorization.

Builder(String) - Constructor for class org.springframework.security.oauth2.server.authorization.client.RegisteredClient.Builder

 

Builder(RegisteredClient) - Constructor for class org.springframework.security.oauth2.server.authorization.client.RegisteredClient.Builder

 

Builder(String) - Constructor for class org.springframework.security.oauth2.server.authorization.OAuth2Authorization.Builder

 

C

claim(String, Object) - Method in class org.springframework.security.oauth2.jwt.JwtClaimsSet.Builder

Sets the claim.

claims(Consumer<Map<String, Object>>) - Method in class org.springframework.security.oauth2.jwt.JwtClaimsSet.Builder

A Consumer to be provided access to the claims set allowing the ability to add, replace, or remove.

clientAuthenticationMethod(ClientAuthenticationMethod) - Method in class org.springframework.security.oauth2.server.authorization.client.RegisteredClient.Builder

Adds an authentication method the client may use when authenticating with the authorization server.

clientAuthenticationMethods(Consumer<Set<ClientAuthenticationMethod>>) - Method in class org.springframework.security.oauth2.server.authorization.client.RegisteredClient.Builder

A Consumer of the authentication method(s) allowing the ability to add, replace, or remove.

clientId(String) - Method in class org.springframework.security.oauth2.server.authorization.client.RegisteredClient.Builder

Sets the client identifier.

clientSecret(String) - Method in class org.springframework.security.oauth2.server.authorization.client.RegisteredClient.Builder

Sets the client secret.

ClientSecretBasicAuthenticationConverter - Class in org.springframework.security.oauth2.server.authorization.web

Attempts to extract HTTP Basic credentials from HttpServletRequest and then converts to an OAuth2ClientAuthenticationToken used for authenticating the client.

ClientSecretBasicAuthenticationConverter() - Constructor for class org.springframework.security.oauth2.server.authorization.web.ClientSecretBasicAuthenticationConverter

 

CODE - Static variable in interface org.springframework.security.oauth2.server.authorization.OAuth2AuthorizationAttributeNames

The name of the attribute used for the OAuth2ParameterNames#CODE parameter.

configure(HttpSecurity) - Method in class org.springframework.security.config.annotation.web.configuration.OAuth2AuthorizationServerSecurity

 

configure(B) - Method in class org.springframework.security.config.annotation.web.configurers.oauth2.server.authorization.OAuth2AuthorizationServerConfigurer

 

contentType(String) - Method in class org.springframework.security.oauth2.jose.JoseHeader.Builder

Sets the content type header that declares the media type of the secured content (the payload).

convert(HttpServletRequest) - Method in class org.springframework.security.oauth2.server.authorization.web.ClientSecretBasicAuthenticationConverter

 

convert(HttpServletRequest) - Method in class org.springframework.security.oauth2.server.authorization.web.DelegatingAuthorizationGrantAuthenticationConverter

 

CRIT - Static variable in interface org.springframework.security.oauth2.jose.JoseHeaderNames

crit - the critical header indicates that extensions to the JWS/JWE/JWA specifications are being used that MUST be understood and processed

critical(Set<String>) - Method in class org.springframework.security.oauth2.jose.JoseHeader.Builder

Sets the critical headers that indicates which extensions to the JWS/JWE/JWA specifications are being used that MUST be understood and processed.

CTY - Static variable in interface org.springframework.security.oauth2.jose.JoseHeaderNames

cty - the content type header is used by JWS/JWE applications to declare the media type of the secured content (the payload)

D

deactivatedOn(Instant) - Method in class org.springframework.security.crypto.keys.ManagedKey.Builder

Sets the time when this key was deactivated.

DEFAULT_AUTHORIZATION_ENDPOINT_URI - Static variable in class org.springframework.security.oauth2.server.authorization.web.OAuth2AuthorizationEndpointFilter

The default endpoint URI for authorization requests.

DEFAULT_JWK_SET_ENDPOINT_URI - Static variable in class org.springframework.security.oauth2.server.authorization.web.JwkSetEndpointFilter

The default endpoint URI for JWK Set requests.

DEFAULT_TOKEN_ENDPOINT_URI - Static variable in class org.springframework.security.oauth2.server.authorization.web.OAuth2TokenEndpointFilter

The default endpoint URI for access token requests.

defaultOAuth2AuthorizationServerSecurity() - Method in class org.springframework.security.config.annotation.web.configuration.OAuth2AuthorizationServerConfiguration

 

DelegatingAuthorizationGrantAuthenticationConverter - Class in org.springframework.security.oauth2.server.authorization.web

A Converter that selects (and delegates) to one of the internal Map of Converter's using the OAuth2ParameterNames#GRANT_TYPE request parameter.

DelegatingAuthorizationGrantAuthenticationConverter(Map<AuthorizationGrantType, <any>>) - Constructor for class org.springframework.security.oauth2.server.authorization.web.DelegatingAuthorizationGrantAuthenticationConverter

Constructs a DelegatingAuthorizationGrantAuthenticationConverter using the provided parameters.

doFilterInternal(HttpServletRequest, HttpServletResponse, FilterChain) - Method in class org.springframework.security.oauth2.server.authorization.web.JwkSetEndpointFilter

 

doFilterInternal(HttpServletRequest, HttpServletResponse, FilterChain) - Method in class org.springframework.security.oauth2.server.authorization.web.OAuth2AuthorizationEndpointFilter

 

doFilterInternal(HttpServletRequest, HttpServletResponse, FilterChain) - Method in class org.springframework.security.oauth2.server.authorization.web.OAuth2ClientAuthenticationFilter

 

doFilterInternal(HttpServletRequest, HttpServletResponse, FilterChain) - Method in class org.springframework.security.oauth2.server.authorization.web.OAuth2TokenEndpointFilter

 

E

encode(JoseHeader, JwtClaimsSet) - Method in class org.springframework.security.oauth2.jose.jws.NimbusJwsEncoder

 

encode(JoseHeader, JwtClaimsSet) - Method in interface org.springframework.security.oauth2.jwt.JwtEncoder

Encode the JWT to it's compact claims representation format.

equals(Object) - Method in class org.springframework.security.crypto.keys.ManagedKey

 

equals(Object) - Method in class org.springframework.security.oauth2.server.authorization.OAuth2Authorization

 

equals(Object) - Method in class org.springframework.security.oauth2.server.authorization.TokenType

 

expiresAt(Instant) - Method in class org.springframework.security.oauth2.jwt.JwtClaimsSet.Builder

Sets the expiration time (exp) claim, which identifies the time on or after which the JWT MUST NOT be accepted for processing.

F

findByAlgorithm(String) - Method in interface org.springframework.security.crypto.keys.KeyManager

Returns a Set of ManagedKey(s) having the provided key algorithm, or an empty Set if not found.

findByAlgorithm(String) - Method in class org.springframework.security.crypto.keys.StaticKeyGeneratingKeyManager

 

findByClientId(String) - Method in class org.springframework.security.oauth2.server.authorization.client.InMemoryRegisteredClientRepository

 

findByClientId(String) - Method in interface org.springframework.security.oauth2.server.authorization.client.RegisteredClientRepository

Returns the registered client identified by the provided clientId, or null if not found.

findById(String) - Method in class org.springframework.security.oauth2.server.authorization.client.InMemoryRegisteredClientRepository

 

findById(String) - Method in interface org.springframework.security.oauth2.server.authorization.client.RegisteredClientRepository

Returns the registered client identified by the provided id, or null if not found.

findByKeyId(String) - Method in interface org.springframework.security.crypto.keys.KeyManager

Returns the ManagedKey identified by the provided keyId, or null if not found.

findByKeyId(String) - Method in class org.springframework.security.crypto.keys.StaticKeyGeneratingKeyManager

 

findByToken(String, TokenType) - Method in class org.springframework.security.oauth2.server.authorization.InMemoryOAuth2AuthorizationService

 

findByToken(String, TokenType) - Method in interface org.springframework.security.oauth2.server.authorization.OAuth2AuthorizationService

Returns the OAuth2Authorization containing the provided token, or null if not found.

from(JoseHeader) - Static method in class org.springframework.security.oauth2.jose.JoseHeader

Returns a new JoseHeader.Builder, initialized with the provided headers.

from(JwtClaimsSet) - Static method in class org.springframework.security.oauth2.jwt.JwtClaimsSet

Returns a new JwtClaimsSet.Builder, initialized with the provided claims.

from(OAuth2Authorization) - Static method in class org.springframework.security.oauth2.server.authorization.OAuth2Authorization

Returns a new OAuth2Authorization.Builder, initialized with the values from the provided authorization.

G

generateEcKey() - Static method in class org.springframework.security.crypto.keys.KeyGeneratorUtils

 

generateRsaKey() - Static method in class org.springframework.security.crypto.keys.KeyGeneratorUtils

 

generateSecretKey() - Static method in class org.springframework.security.crypto.keys.KeyGeneratorUtils

 

getAccessToken() - Method in class org.springframework.security.oauth2.server.authorization.authentication.OAuth2AccessTokenAuthenticationToken

Returns the access token.

getAccessToken() - Method in class org.springframework.security.oauth2.server.authorization.OAuth2Authorization

Returns the access token credential.

getActivatedOn() - Method in class org.springframework.security.crypto.keys.ManagedKey

Returns the time when this key was activated.

getAlgorithm() - Method in class org.springframework.security.crypto.keys.ManagedKey

Returns the key algorithm.

getAttribute(String) - Method in class org.springframework.security.oauth2.server.authorization.OAuth2Authorization

Returns the value of an attribute associated to the authorization.

getAttributes() - Method in class org.springframework.security.oauth2.server.authorization.OAuth2Authorization

Returns the attribute(s) associated to the authorization.

getAuthorizationGrantTypes() - Method in class org.springframework.security.oauth2.server.authorization.client.RegisteredClient

Returns the authorization grant type(s) that the client may use.

getClaims() - Method in class org.springframework.security.oauth2.jwt.JwtClaimsSet

 

getClientAuthenticationMethods() - Method in class org.springframework.security.oauth2.server.authorization.client.RegisteredClient

Returns the authentication method(s) used when authenticating the client with the authorization server.

getClientId() - Method in class org.springframework.security.oauth2.server.authorization.client.RegisteredClient

Returns the client identifier.

getClientSecret() - Method in class org.springframework.security.oauth2.server.authorization.client.RegisteredClient

Returns the client secret.

getCode() - Method in class org.springframework.security.oauth2.server.authorization.authentication.OAuth2AuthorizationCodeAuthenticationToken

Returns the authorization code.

getContentType() - Method in class org.springframework.security.oauth2.jose.JoseHeader

Returns the content type header that declares the media type of the secured content (the payload).

getCredentials() - Method in class org.springframework.security.oauth2.server.authorization.authentication.OAuth2AccessTokenAuthenticationToken

 

getCredentials() - Method in class org.springframework.security.oauth2.server.authorization.authentication.OAuth2AuthorizationCodeAuthenticationToken

 

getCredentials() - Method in class org.springframework.security.oauth2.server.authorization.authentication.OAuth2ClientAuthenticationToken

 

getCredentials() - Method in class org.springframework.security.oauth2.server.authorization.authentication.OAuth2ClientCredentialsAuthenticationToken

 

getCritical() - Method in class org.springframework.security.oauth2.jose.JoseHeader

Returns the critical headers that indicates which extensions to the JWS/JWE/JWA specifications are being used that MUST be understood and processed.

getDeactivatedOn() - Method in class org.springframework.security.crypto.keys.ManagedKey

Returns the time when this key was deactivated, null if still active.

getEndpointMatchers() - Method in class org.springframework.security.config.annotation.web.configurers.oauth2.server.authorization.OAuth2AuthorizationServerConfigurer

Returns a List of RequestMatcher's for the authorization server endpoints.

getHeader(String) - Method in class org.springframework.security.oauth2.jose.JoseHeader

Returns the header value.

getHeaders() - Method in class org.springframework.security.oauth2.jose.JoseHeader

Returns the headers.

getId() - Method in class org.springframework.security.oauth2.server.authorization.client.RegisteredClient

Returns the identifier for the registration.

getJwk() - Method in class org.springframework.security.oauth2.jose.JoseHeader

Returns the JSON Web Key which is the public key that corresponds to the key used to digitally sign the JWS or encrypt the JWE.

getJwkSetUri() - Method in class org.springframework.security.oauth2.jose.JoseHeader

Returns the JWK Set URL that refers to the resource of a set of JSON-encoded public keys, one of which corresponds to the key used to digitally sign the JWS or encrypt the JWE.

getJwsAlgorithm() - Method in class org.springframework.security.oauth2.jose.JoseHeader

Returns the JWS algorithm used to digitally sign the JWS.

getKey() - Method in class org.springframework.security.crypto.keys.ManagedKey

Returns a type of java.security.Key, e.g.

getKeyId() - Method in class org.springframework.security.crypto.keys.ManagedKey

Returns the key ID.

getKeyId() - Method in class org.springframework.security.oauth2.jose.JoseHeader

Returns the key ID that is a hint indicating which key was used to secure the JWS or JWE.

getKeys() - Method in interface org.springframework.security.crypto.keys.KeyManager

Returns a Set of the ManagedKey(s).

getKeys() - Method in class org.springframework.security.crypto.keys.StaticKeyGeneratingKeyManager

 

getParameters(HttpServletRequest) - Static method in class org.springframework.security.oauth2.server.authorization.web.OAuth2EndpointUtils

 

getPrincipal() - Method in class org.springframework.security.oauth2.server.authorization.authentication.OAuth2AccessTokenAuthenticationToken

 

getPrincipal() - Method in class org.springframework.security.oauth2.server.authorization.authentication.OAuth2AuthorizationCodeAuthenticationToken

 

getPrincipal() - Method in class org.springframework.security.oauth2.server.authorization.authentication.OAuth2ClientAuthenticationToken

 

getPrincipal() - Method in class org.springframework.security.oauth2.server.authorization.authentication.OAuth2ClientCredentialsAuthenticationToken

 

getPrincipalName() - Method in class org.springframework.security.oauth2.server.authorization.OAuth2Authorization

Returns the resource owner's Principal name.

getPublicKey() - Method in class org.springframework.security.crypto.keys.ManagedKey

Returns the java.security.PublicKey if this is a asymmetric key, null otherwise.

getRedirectUri() - Method in class org.springframework.security.oauth2.server.authorization.authentication.OAuth2AuthorizationCodeAuthenticationToken

Returns the redirect uri.

getRedirectUris() - Method in class org.springframework.security.oauth2.server.authorization.client.RegisteredClient

Returns the redirect URI(s) that the client may use in redirect-based flows.

getRegisteredClient() - Method in class org.springframework.security.oauth2.server.authorization.authentication.OAuth2AccessTokenAuthenticationToken

Returns the registered client.

getRegisteredClient() - Method in class org.springframework.security.oauth2.server.authorization.authentication.OAuth2ClientAuthenticationToken

Returns the registered client.

getRegisteredClientId() - Method in class org.springframework.security.oauth2.server.authorization.OAuth2Authorization

Returns the identifier for the registered client.

getScopes() - Method in class org.springframework.security.oauth2.server.authorization.authentication.OAuth2ClientCredentialsAuthenticationToken

Returns the requested scope(s).

getScopes() - Method in class org.springframework.security.oauth2.server.authorization.client.RegisteredClient

Returns the scope(s) used by the client.

getType() - Method in class org.springframework.security.oauth2.jose.JoseHeader

Returns the type header that declares the media type of the JWS/JWE.

getValue() - Method in class org.springframework.security.oauth2.server.authorization.TokenType

 

getVersion() - Static method in class org.springframework.security.core.SpringSecurityCoreVersion2

 

getX509CertificateChain() - Method in class org.springframework.security.oauth2.jose.JoseHeader

Returns the X.509 certificate chain that contains the X.509 public key certificate or certificate chain corresponding to the key used to digitally sign the JWS or encrypt the JWE.

getX509SHA1Thumbprint() - Method in class org.springframework.security.oauth2.jose.JoseHeader

Returns the X.509 certificate SHA-1 thumbprint that is a base64url-encoded SHA-1 thumbprint (a.k.a.

getX509SHA256Thumbprint() - Method in class org.springframework.security.oauth2.jose.JoseHeader

Returns the X.509 certificate SHA-256 thumbprint that is a base64url-encoded SHA-256 thumbprint (a.k.a.

getX509Uri() - Method in class org.springframework.security.oauth2.jose.JoseHeader

Returns the X.509 URL that refers to the resource for the X.509 public key certificate or certificate chain corresponding to the key used to digitally sign the JWS or encrypt the JWE.

H

hashCode() - Method in class org.springframework.security.crypto.keys.ManagedKey

 

hashCode() - Method in class org.springframework.security.oauth2.server.authorization.OAuth2Authorization

 

hashCode() - Method in class org.springframework.security.oauth2.server.authorization.TokenType

 

header(String, Object) - Method in class org.springframework.security.oauth2.jose.JoseHeader.Builder

Sets the header.

headers(Consumer<Map<String, Object>>) - Method in class org.springframework.security.oauth2.jose.JoseHeader.Builder

A Consumer to be provided access to the headers allowing the ability to add, replace, or remove.

I

id(String) - Method in class org.springframework.security.oauth2.jwt.JwtClaimsSet.Builder

Sets the JWT ID (jti) claim, which provides a unique identifier for the JWT.

id(String) - Method in class org.springframework.security.oauth2.server.authorization.client.RegisteredClient.Builder

Sets the identifier for the registration.

init(B) - Method in class org.springframework.security.config.annotation.web.configurers.oauth2.server.authorization.OAuth2AuthorizationServerConfigurer

 

InMemoryOAuth2AuthorizationService - Class in org.springframework.security.oauth2.server.authorization

An OAuth2AuthorizationService that stores OAuth2Authorization's in-memory.

InMemoryOAuth2AuthorizationService() - Constructor for class org.springframework.security.oauth2.server.authorization.InMemoryOAuth2AuthorizationService

 

InMemoryRegisteredClientRepository - Class in org.springframework.security.oauth2.server.authorization.client

A RegisteredClientRepository that stores RegisteredClient(s) in-memory.

InMemoryRegisteredClientRepository(RegisteredClient...) - Constructor for class org.springframework.security.oauth2.server.authorization.client.InMemoryRegisteredClientRepository

Constructs an InMemoryRegisteredClientRepository using the provided parameters.

InMemoryRegisteredClientRepository(List<RegisteredClient>) - Constructor for class org.springframework.security.oauth2.server.authorization.client.InMemoryRegisteredClientRepository

Constructs an InMemoryRegisteredClientRepository using the provided parameters.

isActive() - Method in class org.springframework.security.crypto.keys.ManagedKey

Returns true if this key is active, false otherwise.

isAsymmetric() - Method in class org.springframework.security.crypto.keys.ManagedKey

Returns true if this is a asymmetric key, false otherwise.

issuedAt(Instant) - Method in class org.springframework.security.oauth2.jwt.JwtClaimsSet.Builder

Sets the issued at (iat) claim, which identifies the time at which the JWT was issued.

issuer(URL) - Method in class org.springframework.security.oauth2.jwt.JwtClaimsSet.Builder

Sets the issuer (iss) claim, which identifies the principal that issued the JWT.

isSymmetric() - Method in class org.springframework.security.crypto.keys.ManagedKey

Returns true if this is a symmetric key, false otherwise.

J

JKU - Static variable in interface org.springframework.security.oauth2.jose.JoseHeaderNames

jku - the JWK Set URL header is a URI that refers to a resource for a set of JSON-encoded public keys, one of which corresponds to the key used to digitally sign a JWS or encrypt a JWE

JoseHeader - Class in org.springframework.security.oauth2.jose

The JOSE header is a JSON object representing the header parameters of a JSON Web Token, whether the JWT is a JWS or JWE, that describe the cryptographic operations applied to the JWT and optionally, additional properties of the JWT.

JoseHeader.Builder - Class in org.springframework.security.oauth2.jose

A builder for JoseHeader.

JoseHeaderNames - Interface in org.springframework.security.oauth2.jose

The Registered Header Parameter Names defined by the JSON Web Token (JWT), JSON Web Signature (JWS) and JSON Web Encryption (JWE) specifications that may be contained in the JOSE Header of a JWT.

jwk(Map<String, Object>) - Method in class org.springframework.security.oauth2.jose.JoseHeader.Builder

Sets the JSON Web Key which is the public key that corresponds to the key used to digitally sign the JWS or encrypt the JWE.

JWK - Static variable in interface org.springframework.security.oauth2.jose.JoseHeaderNames

jwk - the JSON Web Key header is the public key that corresponds to the key used to digitally sign a JWS or encrypt a JWE

JwkSetEndpointFilter - Class in org.springframework.security.oauth2.server.authorization.web

A Filter that processes JWK Set requests.

JwkSetEndpointFilter(KeyManager) - Constructor for class org.springframework.security.oauth2.server.authorization.web.JwkSetEndpointFilter

Constructs a JwkSetEndpointFilter using the provided parameters.

JwkSetEndpointFilter(KeyManager, String) - Constructor for class org.springframework.security.oauth2.server.authorization.web.JwkSetEndpointFilter

Constructs a JwkSetEndpointFilter using the provided parameters.

jwkSetUri(String) - Method in class org.springframework.security.oauth2.jose.JoseHeader.Builder

Sets the JWK Set URL that refers to the resource of a set of JSON-encoded public keys, one of which corresponds to the key used to digitally sign the JWS or encrypt the JWE.

JwtClaimsSet - Class in org.springframework.security.oauth2.jwt

The JWT Claims Set is a JSON object representing the claims conveyed by a JSON Web Token.

JwtClaimsSet.Builder - Class in org.springframework.security.oauth2.jwt

A builder for JwtClaimsSet.

JwtEncoder - Interface in org.springframework.security.oauth2.jwt

Implementations of this interface are responsible for encoding a JSON Web Token (JWT) to it's compact claims representation format.

JwtEncodingException - Class in org.springframework.security.oauth2.jwt

This exception is thrown when an error occurs while attempting to encode a JSON Web Token (JWT).

JwtEncodingException(String) - Constructor for class org.springframework.security.oauth2.jwt.JwtEncodingException

Constructs a JwtEncodingException using the provided parameters.

JwtEncodingException(String, Throwable) - Constructor for class org.springframework.security.oauth2.jwt.JwtEncodingException

Constructs a JwtEncodingException using the provided parameters.

K

KeyGeneratorUtils - Class in org.springframework.security.crypto.keys

 

KeyGeneratorUtils() - Constructor for class org.springframework.security.crypto.keys.KeyGeneratorUtils

 

keyId(String) - Method in class org.springframework.security.crypto.keys.ManagedKey.Builder

Sets the key ID.

keyId(String) - Method in class org.springframework.security.oauth2.jose.JoseHeader.Builder

Sets the key ID that is a hint indicating which key was used to secure the JWS or JWE.

keyManager(KeyManager) - Method in class org.springframework.security.config.annotation.web.configurers.oauth2.server.authorization.OAuth2AuthorizationServerConfigurer

Sets the key manager.

KeyManager - Interface in org.springframework.security.crypto.keys

Implementations of this interface are responsible for the management of ManagedKey(s), e.g.

KID - Static variable in interface org.springframework.security.oauth2.jose.JoseHeaderNames

kid - the key ID header is a hint indicating which key was used to secure a JWS or JWE

M

ManagedKey - Class in org.springframework.security.crypto.keys

A java.security.Key that is managed by a KeyManager.

ManagedKey.Builder - Class in org.springframework.security.crypto.keys

A builder for ManagedKey.

N

NimbusJwsEncoder - Class in org.springframework.security.oauth2.jose.jws

An implementation of a JwtEncoder that encodes a JSON Web Token (JWT) using the JSON Web Signature (JWS) Compact Serialization format.

NimbusJwsEncoder(KeyManager) - Constructor for class org.springframework.security.oauth2.jose.jws.NimbusJwsEncoder

Constructs a NimbusJwsEncoder using the provided parameters.

notBefore(Instant) - Method in class org.springframework.security.oauth2.jwt.JwtClaimsSet.Builder

Sets the not before (nbf) claim, which identifies the time before which the JWT MUST NOT be accepted for processing.

O

OAuth2AccessTokenAuthenticationToken - Class in org.springframework.security.oauth2.server.authorization.authentication

An Authentication implementation used when issuing an OAuth 2.0 Access Token.

OAuth2AccessTokenAuthenticationToken(RegisteredClient, Authentication, OAuth2AccessToken) - Constructor for class org.springframework.security.oauth2.server.authorization.authentication.OAuth2AccessTokenAuthenticationToken

Constructs an OAuth2AccessTokenAuthenticationToken using the provided parameters.

OAuth2Authorization - Class in org.springframework.security.oauth2.server.authorization

A representation of an OAuth 2.0 Authorization, which holds state related to the authorization granted to the client by the resource owner.

OAuth2Authorization() - Constructor for class org.springframework.security.oauth2.server.authorization.OAuth2Authorization

 

OAuth2Authorization.Builder - Class in org.springframework.security.oauth2.server.authorization

A builder for OAuth2Authorization.

OAuth2AuthorizationAttributeNames - Interface in org.springframework.security.oauth2.server.authorization

The name of the attributes that may be contained in the OAuth2Authorization.getAttributes()Map.

OAuth2AuthorizationCodeAuthenticationProvider - Class in org.springframework.security.oauth2.server.authorization.authentication

An AuthenticationProvider implementation for the OAuth 2.0 Authorization Code Grant.

OAuth2AuthorizationCodeAuthenticationProvider(RegisteredClientRepository, OAuth2AuthorizationService, JwtEncoder) - Constructor for class org.springframework.security.oauth2.server.authorization.authentication.OAuth2AuthorizationCodeAuthenticationProvider

Constructs an OAuth2AuthorizationCodeAuthenticationProvider using the provided parameters.

OAuth2AuthorizationCodeAuthenticationToken - Class in org.springframework.security.oauth2.server.authorization.authentication

An Authentication implementation used for the OAuth 2.0 Authorization Code Grant.

OAuth2AuthorizationCodeAuthenticationToken(String, Authentication, String) - Constructor for class org.springframework.security.oauth2.server.authorization.authentication.OAuth2AuthorizationCodeAuthenticationToken

Constructs an OAuth2AuthorizationCodeAuthenticationToken using the provided parameters.

OAuth2AuthorizationEndpointFilter - Class in org.springframework.security.oauth2.server.authorization.web

A Filter for the OAuth 2.0 Authorization Code Grant, which handles the processing of the OAuth 2.0 Authorization Request.

OAuth2AuthorizationEndpointFilter(RegisteredClientRepository, OAuth2AuthorizationService) - Constructor for class org.springframework.security.oauth2.server.authorization.web.OAuth2AuthorizationEndpointFilter

Constructs an OAuth2AuthorizationEndpointFilter using the provided parameters.

OAuth2AuthorizationEndpointFilter(RegisteredClientRepository, OAuth2AuthorizationService, String) - Constructor for class org.springframework.security.oauth2.server.authorization.web.OAuth2AuthorizationEndpointFilter

Constructs an OAuth2AuthorizationEndpointFilter using the provided parameters.

OAuth2AuthorizationServerConfiguration - Class in org.springframework.security.config.annotation.web.configuration

Configuration for OAuth 2.0 Authorization Server support.

OAuth2AuthorizationServerConfiguration() - Constructor for class org.springframework.security.config.annotation.web.configuration.OAuth2AuthorizationServerConfiguration

 

OAuth2AuthorizationServerConfigurer<B extends <any>> - Class in org.springframework.security.config.annotation.web.configurers.oauth2.server.authorization

An AbstractHttpConfigurer for OAuth 2.0 Authorization Server support.

OAuth2AuthorizationServerConfigurer() - Constructor for class org.springframework.security.config.annotation.web.configurers.oauth2.server.authorization.OAuth2AuthorizationServerConfigurer

 

OAuth2AuthorizationServerSecurity - Class in org.springframework.security.config.annotation.web.configuration

WebSecurityConfigurerAdapter providing default security configuration for OAuth 2.0 Authorization Server.

OAuth2AuthorizationServerSecurity() - Constructor for class org.springframework.security.config.annotation.web.configuration.OAuth2AuthorizationServerSecurity

 

OAuth2AuthorizationService - Interface in org.springframework.security.oauth2.server.authorization

Implementations of this interface are responsible for the management of OAuth 2.0 Authorization(s).

OAuth2ClientAuthenticationFilter - Class in org.springframework.security.oauth2.server.authorization.web

A Filter that processes an authentication request for an OAuth 2.0 Client.

OAuth2ClientAuthenticationFilter(AuthenticationManager, RequestMatcher) - Constructor for class org.springframework.security.oauth2.server.authorization.web.OAuth2ClientAuthenticationFilter

Constructs an OAuth2ClientAuthenticationFilter using the provided parameters.

OAuth2ClientAuthenticationProvider - Class in org.springframework.security.oauth2.server.authorization.authentication

An AuthenticationProvider implementation that validates OAuth2ClientAuthenticationToken's.

OAuth2ClientAuthenticationProvider(RegisteredClientRepository) - Constructor for class org.springframework.security.oauth2.server.authorization.authentication.OAuth2ClientAuthenticationProvider

Constructs an OAuth2ClientAuthenticationProvider using the provided parameters.

OAuth2ClientAuthenticationToken - Class in org.springframework.security.oauth2.server.authorization.authentication

An Authentication implementation used for OAuth 2.0 Client Authentication.

OAuth2ClientAuthenticationToken(String, String) - Constructor for class org.springframework.security.oauth2.server.authorization.authentication.OAuth2ClientAuthenticationToken

Constructs an OAuth2ClientAuthenticationToken using the provided parameters.

OAuth2ClientAuthenticationToken(RegisteredClient) - Constructor for class org.springframework.security.oauth2.server.authorization.authentication.OAuth2ClientAuthenticationToken

Constructs an OAuth2ClientAuthenticationToken using the provided parameters.

OAuth2ClientCredentialsAuthenticationProvider - Class in org.springframework.security.oauth2.server.authorization.authentication

An AuthenticationProvider implementation for the OAuth 2.0 Client Credentials Grant.

OAuth2ClientCredentialsAuthenticationProvider(OAuth2AuthorizationService, JwtEncoder) - Constructor for class org.springframework.security.oauth2.server.authorization.authentication.OAuth2ClientCredentialsAuthenticationProvider

Constructs an OAuth2ClientCredentialsAuthenticationProvider using the provided parameters.

OAuth2ClientCredentialsAuthenticationToken - Class in org.springframework.security.oauth2.server.authorization.authentication

An Authentication implementation used for the OAuth 2.0 Client Credentials Grant.

OAuth2ClientCredentialsAuthenticationToken(Authentication) - Constructor for class org.springframework.security.oauth2.server.authorization.authentication.OAuth2ClientCredentialsAuthenticationToken

Constructs an OAuth2ClientCredentialsAuthenticationToken using the provided parameters.

OAuth2ClientCredentialsAuthenticationToken(Authentication, Set<String>) - Constructor for class org.springframework.security.oauth2.server.authorization.authentication.OAuth2ClientCredentialsAuthenticationToken

Constructs an OAuth2ClientCredentialsAuthenticationToken using the provided parameters.

OAuth2EndpointUtils - Class in org.springframework.security.oauth2.server.authorization.web

Utility methods for the OAuth 2.0 Protocol Endpoints.

OAuth2TokenEndpointFilter - Class in org.springframework.security.oauth2.server.authorization.web

A Filter for the OAuth 2.0 Authorization Code Grant, which handles the processing of the OAuth 2.0 Access Token Request.

OAuth2TokenEndpointFilter(AuthenticationManager, OAuth2AuthorizationService) - Constructor for class org.springframework.security.oauth2.server.authorization.web.OAuth2TokenEndpointFilter

Constructs an OAuth2TokenEndpointFilter using the provided parameters.

OAuth2TokenEndpointFilter(AuthenticationManager, OAuth2AuthorizationService, String) - Constructor for class org.springframework.security.oauth2.server.authorization.web.OAuth2TokenEndpointFilter

Constructs an OAuth2TokenEndpointFilter using the provided parameters.

org.springframework.security.config.annotation.web.configuration - package org.springframework.security.config.annotation.web.configuration

 

org.springframework.security.config.annotation.web.configurers.oauth2.server.authorization - package org.springframework.security.config.annotation.web.configurers.oauth2.server.authorization

 

org.springframework.security.core - package org.springframework.security.core

 

org.springframework.security.crypto.keys - package org.springframework.security.crypto.keys

 

org.springframework.security.oauth2.jose - package org.springframework.security.oauth2.jose

 

org.springframework.security.oauth2.jose.jws - package org.springframework.security.oauth2.jose.jws

 

org.springframework.security.oauth2.jwt - package org.springframework.security.oauth2.jwt

 

org.springframework.security.oauth2.server.authorization - package org.springframework.security.oauth2.server.authorization

 

org.springframework.security.oauth2.server.authorization.authentication - package org.springframework.security.oauth2.server.authorization.authentication

 

org.springframework.security.oauth2.server.authorization.client - package org.springframework.security.oauth2.server.authorization.client

 

org.springframework.security.oauth2.server.authorization.web - package org.springframework.security.oauth2.server.authorization.web

 

P

principalName(String) - Method in class org.springframework.security.oauth2.server.authorization.OAuth2Authorization.Builder

Sets the resource owner's Principal name.

R

redirectUri(String) - Method in class org.springframework.security.oauth2.server.authorization.client.RegisteredClient.Builder

Adds a redirect URI the client may use in a redirect-based flow.

redirectUris(Consumer<Set<String>>) - Method in class org.springframework.security.oauth2.server.authorization.client.RegisteredClient.Builder

A Consumer of the redirect URI(s) allowing the ability to add, replace, or remove.

RegisteredClient - Class in org.springframework.security.oauth2.server.authorization.client

A representation of a client registration with an OAuth 2.0 Authorization Server.

RegisteredClient() - Constructor for class org.springframework.security.oauth2.server.authorization.client.RegisteredClient

 

RegisteredClient.Builder - Class in org.springframework.security.oauth2.server.authorization.client

A builder for RegisteredClient.

registeredClientRepository(RegisteredClientRepository) - Method in class org.springframework.security.config.annotation.web.configurers.oauth2.server.authorization.OAuth2AuthorizationServerConfigurer

Sets the repository of registered clients.

RegisteredClientRepository - Interface in org.springframework.security.oauth2.server.authorization.client

A repository for OAuth 2.0 RegisteredClient(s).

S

save(OAuth2Authorization) - Method in class org.springframework.security.oauth2.server.authorization.InMemoryOAuth2AuthorizationService

 

save(OAuth2Authorization) - Method in interface org.springframework.security.oauth2.server.authorization.OAuth2AuthorizationService

Saves the OAuth2Authorization.

scope(String) - Method in class org.springframework.security.oauth2.server.authorization.client.RegisteredClient.Builder

Adds a scope the client may use.

scopes(Consumer<Set<String>>) - Method in class org.springframework.security.oauth2.server.authorization.client.RegisteredClient.Builder

A Consumer of the scope(s) allowing the ability to add, replace, or remove.

SERIAL_VERSION_UID - Static variable in class org.springframework.security.core.SpringSecurityCoreVersion2

Global Serialization value for Spring Security Authorization Server classes.

setAuthenticationConverter(AuthenticationConverter) - Method in class org.springframework.security.oauth2.server.authorization.web.OAuth2ClientAuthenticationFilter

Sets the AuthenticationConverter used for converting a HttpServletRequest to an OAuth2ClientAuthenticationToken.

setAuthenticationFailureHandler(AuthenticationFailureHandler) - Method in class org.springframework.security.oauth2.server.authorization.web.OAuth2ClientAuthenticationFilter

Sets the AuthenticationFailureHandler used for handling failed authentications.

setAuthenticationSuccessHandler(AuthenticationSuccessHandler) - Method in class org.springframework.security.oauth2.server.authorization.web.OAuth2ClientAuthenticationFilter

Sets the AuthenticationSuccessHandler used for handling successful authentications.

SpringSecurityCoreVersion2 - Class in org.springframework.security.core

Internal class used for serialization across Spring Security Authorization Server classes.

SpringSecurityCoreVersion2() - Constructor for class org.springframework.security.core.SpringSecurityCoreVersion2

 

StaticKeyGeneratingKeyManager - Class in org.springframework.security.crypto.keys

An implementation of a KeyManager that generates the ManagedKey(s) when constructed.

StaticKeyGeneratingKeyManager() - Constructor for class org.springframework.security.crypto.keys.StaticKeyGeneratingKeyManager

 

subject(String) - Method in class org.springframework.security.oauth2.jwt.JwtClaimsSet.Builder

Sets the subject (sub) claim, which identifies the principal that is the subject of the JWT.

supports(Class<?>) - Method in class org.springframework.security.oauth2.server.authorization.authentication.OAuth2AuthorizationCodeAuthenticationProvider

 

supports(Class<?>) - Method in class org.springframework.security.oauth2.server.authorization.authentication.OAuth2ClientAuthenticationProvider

 

supports(Class<?>) - Method in class org.springframework.security.oauth2.server.authorization.authentication.OAuth2ClientCredentialsAuthenticationProvider

 

T

TokenType - Class in org.springframework.security.oauth2.server.authorization

 

TokenType(String) - Constructor for class org.springframework.security.oauth2.server.authorization.TokenType

 

toString() - Method in class org.springframework.security.oauth2.server.authorization.client.RegisteredClient

 

TYP - Static variable in interface org.springframework.security.oauth2.jose.JoseHeaderNames

typ - the type header is used by JWS/JWE applications to declare the media type of a JWS/JWE

type(String) - Method in class org.springframework.security.oauth2.jose.JoseHeader.Builder

Sets the type header that declares the media type of the JWS/JWE.

W

withAlgorithm(JwsAlgorithm) - Static method in class org.springframework.security.oauth2.jose.JoseHeader

Returns a new JoseHeader.Builder, initialized with the provided JwsAlgorithm.

withAsymmetricKey(PublicKey, PrivateKey) - Static method in class org.springframework.security.crypto.keys.ManagedKey

Returns a new ManagedKey.Builder, initialized with the provided java.security.PublicKey and java.security.PrivateKey.

withClaims() - Static method in class org.springframework.security.oauth2.jwt.JwtClaimsSet

Returns a new JwtClaimsSet.Builder.

withId(String) - Static method in class org.springframework.security.oauth2.server.authorization.client.RegisteredClient

Returns a new RegisteredClient.Builder, initialized with the provided registration identifier.

withRegisteredClient(RegisteredClient) - Static method in class org.springframework.security.oauth2.server.authorization.client.RegisteredClient

Returns a new RegisteredClient.Builder, initialized with the provided RegisteredClient.

withRegisteredClient(RegisteredClient) - Static method in class org.springframework.security.oauth2.server.authorization.OAuth2Authorization

Returns a new OAuth2Authorization.Builder, initialized with the provided RegisteredClient.getId().

withSymmetricKey(SecretKey) - Static method in class org.springframework.security.crypto.keys.ManagedKey

Returns a new ManagedKey.Builder, initialized with the provided javax.crypto.SecretKey.

X

x509CertificateChain(List<String>) - Method in class org.springframework.security.oauth2.jose.JoseHeader.Builder

Sets the X.509 certificate chain that contains the X.509 public key certificate or certificate chain corresponding to the key used to digitally sign the JWS or encrypt the JWE.

x509SHA1Thumbprint(String) - Method in class org.springframework.security.oauth2.jose.JoseHeader.Builder

Sets the X.509 certificate SHA-1 thumbprint that is a base64url-encoded SHA-1 thumbprint (a.k.a.

x509SHA256Thumbprint(String) - Method in class org.springframework.security.oauth2.jose.JoseHeader.Builder

Sets the X.509 certificate SHA-256 thumbprint that is a base64url-encoded SHA-256 thumbprint (a.k.a.

x509Uri(String) - Method in class org.springframework.security.oauth2.jose.JoseHeader.Builder

Sets the X.509 URL that refers to the resource for the X.509 public key certificate or certificate chain corresponding to the key used to digitally sign the JWS or encrypt the JWE.

X5C - Static variable in interface org.springframework.security.oauth2.jose.JoseHeaderNames

x5c - the X.509 certificate chain header contains the X.509 public key certificate or certificate chain corresponding to the key used to digitally sign a JWS or encrypt a JWE

X5T - Static variable in interface org.springframework.security.oauth2.jose.JoseHeaderNames

x5t - the X.509 certificate SHA-1 thumbprint header is a base64url-encoded SHA-1 thumbprint (a.k.a.

X5T_S256 - Static variable in interface org.springframework.security.oauth2.jose.JoseHeaderNames

x5t#S256 - the X.509 certificate SHA-256 thumbprint header is a base64url-encoded SHA-256 thumbprint (a.k.a.

X5U - Static variable in interface org.springframework.security.oauth2.jose.JoseHeaderNames

x5u - the X.509 URL header is a URI that refers to a resource for the X.509 public key certificate or certificate chain corresponding to the key used to digitally sign a JWS or encrypt a JWE