Skip to content

Allow configuration for the issued JWTs #166

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Closed
annabast opened this issue Nov 24, 2020 · 1 comment
Closed

Allow configuration for the issued JWTs #166

annabast opened this issue Nov 24, 2020 · 1 comment
Assignees
@jgrandja
Labels
status: duplicate A duplicate of another issue

Comments

@annabast
Copy link

Expected Behavior

While doing the configuration of the authorization server, there should be a way to set claims of the JWT to unique values that better reflect what the JWT's are being used for. For example, there should be a way to change the issuer from "https://oauth2.provider.com" to "https://myissuer.com"

Current Behavior

Currently the issuer and time to live are hard coded into org.springframework.security.oauth2.server.authorization.authentication.OAuth2TokenIssuerUtil.

Context

By being able to customize the issuer, a resource server can accept JWTs from multiple different Spring Security OAuth2 Authorization Servers.
@annabast annabast added the type: enhancement A general enhancement label Nov 24, 2020
@jgrandja jgrandja added status: duplicate A duplicate of another issue and removed type: enhancement A general enhancement labels Nov 24, 2020
@jgrandja
Copy link
Collaborator

@annabast This customization is coming in #143 and #145

@jgrandja jgrandja self-assigned this Nov 24, 2020
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@jgrandja jgrandja

Labels
status: duplicate A duplicate of another issue
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@jgrandja @annabast