Define plain data constructor for OAuth2AuthenticationDetails #1001
Conversation
|
@patope Please sign the Contributor License Agreement! Click here to manually synchronize the status of this Pull Request. See the FAQ for frequently asked questions. |
|
@patope Thank you for signing the Contributor License Agreement! |
|
@jgrandja Any plans to merge this? |
|
@villuv No plans as of yet. Tests would need to be added to this PR for it to be even considered. Also as an FYI, this project is in maintenance mode as our efforts are focused on the new OAuth 2.0/OpenID Connect 1.0 support we are building in Spring Security 5.0. We are only looking at providing bug fixes and minor enhancements going forward. |
|
|
||
| HttpSession session = request.getSession(false); | ||
| this.sessionId = (session != null) ? session.getId() : null; | ||
| public OAuth2AuthenticationDetails(String remoteAddress, String sessionId, String tokenType, String tokenValue) { |
There was a problem hiding this comment.
OAuth2AuthenticationDetails was intended to be used with HttpServletRequest, so I don't see a reason to provide this overloaded constructor.
jgrandja
added
in: oauth2
status: declined
and removed
status: waiting-for-triage
labels
OAuth2AuthenticationDetailsconstructor depends onHttpServletRequest. It's not possible to define jackson2 module mixin for such type. Eg. #983 cannot be resolved without jackson 2 module mixins.imo
OAuth2AuthenticationDetails(HttpServletRequest)should be deprecated andOAuth2AuthenticationDetailsSourceshould extract attributes from request.