Class RefreshableOpenIdConnectServiceAccount
java.lang.Object
com.aquima.web.boot.security.openid.RefreshableOpenIdConnectServiceAccount
- All Implemented Interfaces:
OpenIdConnectAuthentication,OpenIdConnectServiceAuthentication,com.blueriq.component.api.security.BlueriqAuthentication,com.blueriq.component.api.security.BlueriqServiceAccount,Serializable,Principal,org.springframework.security.core.Authentication
public class RefreshableOpenIdConnectServiceAccount
extends Object
implements OpenIdConnectServiceAuthentication
A service account that is capable of obtaining a new access token when the existing token expires.
The getEncodedAccessToken() method of this class always returns a valid access token, obtaining a new access
token if needed.
This class is not serializable. The service account is intended to be switched to temporarily, in order to execute some code as the service account instead of as the logged in user. After the code execution completes the current authentication must be switched back to the original user. Attempting to serialize the service account may indicate that switching back to the original user was not performed.
- Since:
- 11.6
- Author:
- Petru Galanton
- See Also:
-
Constructor Summary
ConstructorsConstructorDescriptionRefreshableOpenIdConnectServiceAccount(OpenIdConnectServiceAuthentication delegate, OpenIdConnectClient client, org.springframework.security.authentication.AuthenticationManager authManager) -
Method Summary
Modifier and TypeMethodDescriptionCollection<? extends org.springframework.security.core.GrantedAuthority>The access token in encoded form.getName()getRoles()getTeams()booleanbooleanbooleanbooleanvoidsetAuthenticated(boolean isAuthenticated)
-
Constructor Details
-
RefreshableOpenIdConnectServiceAccount
public RefreshableOpenIdConnectServiceAccount(OpenIdConnectServiceAuthentication delegate, OpenIdConnectClient client, org.springframework.security.authentication.AuthenticationManager authManager)
-
-
Method Details
-
getTeams
- Specified by:
getTeamsin interfacecom.blueriq.component.api.security.BlueriqAuthentication
-
getRoles
- Specified by:
getRolesin interfacecom.blueriq.component.api.security.BlueriqAuthentication
-
isAnonymous
public boolean isAnonymous()- Specified by:
isAnonymousin interfacecom.blueriq.component.api.security.BlueriqAuthentication
-
isAutomatic
public boolean isAutomatic()- Specified by:
isAutomaticin interfacecom.blueriq.component.api.security.BlueriqAuthentication
-
getClaimNames
- Specified by:
getClaimNamesin interfacecom.blueriq.component.api.security.BlueriqAuthentication
-
getClaim
- Specified by:
getClaimin interfacecom.blueriq.component.api.security.BlueriqAuthentication
-
getAuthorities
- Specified by:
getAuthoritiesin interfaceorg.springframework.security.core.Authentication
-
getCredentials
- Specified by:
getCredentialsin interfaceorg.springframework.security.core.Authentication
-
getDetails
- Specified by:
getDetailsin interfaceorg.springframework.security.core.Authentication
-
getPrincipal
- Specified by:
getPrincipalin interfaceorg.springframework.security.core.Authentication
-
isAuthenticated
public boolean isAuthenticated()- Specified by:
isAuthenticatedin interfaceorg.springframework.security.core.Authentication
-
setAuthenticated
- Specified by:
setAuthenticatedin interfaceorg.springframework.security.core.Authentication- Throws:
IllegalArgumentException
-
getName
-
getEncodedAccessToken
Description copied from interface:OpenIdConnectAuthenticationThe access token in encoded form. This form is suitable for use in an Authorization: Bearer header.- Specified by:
getEncodedAccessTokenin interfaceOpenIdConnectAuthentication- Returns:
- the encoded access token
-
isAccessTokenExpired
public boolean isAccessTokenExpired()- Specified by:
isAccessTokenExpiredin interfaceOpenIdConnectServiceAuthentication- Returns:
- true if the access token is expired
-