diff --git a/spring-boot-autoconfigure/src/main/java/org/springframework/boot/autoconfigure/security/oauth2/resource/AuthoritiesExtractor.java b/spring-boot-autoconfigure/src/main/java/org/springframework/boot/autoconfigure/security/oauth2/resource/AuthoritiesExtractor.java index e06a07bdbba..4db5c9e9f14 100644 --- a/spring-boot-autoconfigure/src/main/java/org/springframework/boot/autoconfigure/security/oauth2/resource/AuthoritiesExtractor.java +++ b/spring-boot-autoconfigure/src/main/java/org/springframework/boot/autoconfigure/security/oauth2/resource/AuthoritiesExtractor.java @@ -22,10 +22,20 @@ import java.util.Map; import org.springframework.security.core.GrantedAuthority; /** + * Strategy used by {@link UserInfoTokenServices} to extract authorities from the resource + * server's response. + * * @author Dave Syer + * @since 1.3.0 */ public interface AuthoritiesExtractor { + /** + * Extract the authorities from the resource server's response. + * + * @param map the response + * @return the extracted authorities + */ List extractAuthorities(Map map); } diff --git a/spring-boot-autoconfigure/src/main/java/org/springframework/boot/autoconfigure/security/oauth2/resource/FixedAuthoritiesExtractor.java b/spring-boot-autoconfigure/src/main/java/org/springframework/boot/autoconfigure/security/oauth2/resource/FixedAuthoritiesExtractor.java index 8a8bd85837e..3d3045fd5d5 100644 --- a/spring-boot-autoconfigure/src/main/java/org/springframework/boot/autoconfigure/security/oauth2/resource/FixedAuthoritiesExtractor.java +++ b/spring-boot-autoconfigure/src/main/java/org/springframework/boot/autoconfigure/security/oauth2/resource/FixedAuthoritiesExtractor.java @@ -26,7 +26,12 @@ import org.springframework.util.ObjectUtils; import org.springframework.util.StringUtils; /** + * Default implementation of {@link AuthoritiesExtractor}. Extracts the authorities from + * the map with the key {@code authorities}. If no such value exists, a single + * {@code ROLE_USER} authority is returned. + * * @author Dave Syer + * @since 1.3.0 */ public class FixedAuthoritiesExtractor implements AuthoritiesExtractor {