Return registration_endpoint in OidcProviderConfigurationEndpointFilter

[sahariardev]

Before: client registration endpoint was not retuned in oidc
Provider Configuration response

After: Returns client registration endpoint in oidc provider configuration
response if client registration is enabled

Fixes gh-370

[jgrandja]

@sahariardev Adding the flag dynamicClientRegistrationEnabled to the constructor will not provide us the flexibility we need. There will be other features that are enabled/disabled and adding more flags to constructor provides limited flexibility and API will constantly change.

[sahariardev]

Hi @jgrandja,
Thanks for your feedback.
One thing we can do is keep this flag inside provider settings as this is a provider related settings. What do you think? Or do you have any better idea for keeping this flag?

[jgrandja]

@sahariardev

One thing we can do is keep this flag inside provider settings

I'd prefer to find an approach that doesn't introduce an "enabled" setting in ProviderSettings. The less settings there are the easier it will be to use and maintain. Let's try to find a way to implement this without a setting. We know it's disabled by default so we just need to know when it's enabled (based on custom configuration) and then apply the logic in OidcProviderConfigurationEndpointFilter. Please give it some further thought. No rush.

FYI, I'm on PTO starting this coming Wed and away for just over 2 weeks.

[sahariardev]

Thanks for your feedback, will try to find a way out

[sahariardev]

Hi @jgrandja,
I have updated the PR. Please have a look and provider your feedback.

[jgrandja]

Thanks for the updates @sahariardev.

We cannot rely on the bean being called authorizationServerSecurityFilterChain. The consuming application could name the bean to something different and then this logic would not work.

[jgrandja]

@sahariardev I might have an idea on how to implement this as part of the work involved for gh-616. Let me think about it for a bit and I'll get back to you.

[sahariardev]

Okay thanks.

[jgrandja]

@sahariardev Sorry for the delayed response. I haven't had a chance to revisit this yet. I have some re-factoring tasks that are higher priority at the moment. I will touch base as soon as I get a chance to revisit this.

[sahariardev]

Okay, no problem.

[jgrandja]

Thanks for your patience @sahariardev. I just merged gh-616 via 0994a1e.

Based on the updates in that commit, the following code (add to OidcConfigurer.configure()) will allow you to determine when oidc.clientRegistrationEndpoint() is enabled so you can apply the registration_endpoint configuration:

OidcClientRegistrationEndpointConfigurer clientRegistrationEndpointConfigurer =
		getConfigurer(OidcClientRegistrationEndpointConfigurer.class);
if (clientRegistrationEndpointConfigurer != null) {
	OidcProviderConfigurationEndpointConfigurer providerConfigurationEndpointConfigurer =
			getConfigurer(OidcProviderConfigurationEndpointConfigurer.class);
	providerConfigurationEndpointConfigurer.addDefaultProviderConfigurationCustomizer(
			builder -> builder.clientRegistrationEndpoint("https://localhost/connect/register"));
}

Let me know if you have any questions. Thanks.

[jgrandja]

Also, please rebase the PR off of 0.4.x branch.

[sahariardev]

Thanks @jgrandja. I will update those ASAP.

[sahariardev]

Hi @jgrandja,
I have started working on this. As I was facing some trouble to rebase with 0.4.x, I had do close this one and opening a new PR. Will let you know the updates ASAP.

[sahariardev]

Here is the new PR link. let's continue our discussion there.

#881