Skip to content

OAuth2 Token Response Customization #10260

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Closed
bishoybasily opened this issue Sep 13, 2021 · 2 comments
Closed

OAuth2 Token Response Customization #10260

bishoybasily opened this issue Sep 13, 2021 · 2 comments
Assignees
@jzheaux
Labels
in: oauth2 An issue in OAuth2 modules (oauth2-core, oauth2-client, oauth2-resource-server, oauth2-jose) type: enhancement A general enhancement

Comments

@bishoybasily
Copy link
Contributor

bishoybasily commented Sep 13, 2021
edited
Loading

Summary

Provide a way to customize the token response being extracted by OAuth2BodyExtractors before parsing it.

Current Behavior
Using WebClient to authenticate against a server that returns custom JSON Response, for example: {"Token":"xyz"},
where "xyz" is the token and "bearer" is the type, but since the server doesn't follow the right naming convention and some properties are missing, I can't read the token.

Desired Behavior
A way to customize the raw Map<String, Object> before it gets decoded by OAuth2BodyExtractors
@bishoybasily bishoybasily added status: waiting-for-triage An issue we've not yet triaged type: enhancement A general enhancement labels Sep 13, 2021
@bishoybasily bishoybasily mentioned this issue Sep 13, 2021
Closed
@jzheaux
Copy link
Contributor

jzheaux commented Sep 14, 2021

Thanks for the suggestion, @bishoybasily. I think it makes sense to add a setBodyExtractor method to AbstractWebClientReactiveOAuth2AccessTokenResponseClient. This would allow an application to take the ReactiveHttpInputMessage and transform it in the way that they need to.

Are you able to submit a PR to add this?

@jzheaux jzheaux self-assigned this Sep 14, 2021
@jzheaux jzheaux added in: oauth2 An issue in OAuth2 modules (oauth2-core, oauth2-client, oauth2-resource-server, oauth2-jose) and removed status: waiting-for-triage An issue we've not yet triaged labels Sep 14, 2021
bishoybasily added a commit to bishoybasily/spring-security that referenced this issue Sep 14, 2021
@bishoybasily
Merge remote-tracking branch 'origin/spring-projectsgh-10260' into sp…
81b484b 
…ring-projectsgh-10260
@bishoybasily
Copy link
Contributor Author

Hi @jzheaux, Yes submitted
Please check #10269

bishoybasily added a commit to bishoybasily/spring-security that referenced this issue Sep 15, 2021
@bishoybasily
Add setBodyExtractor
9cb8835 
Closes spring-projectsgh-10260
bishoybasily added a commit to bishoybasily/spring-security that referenced this issue Sep 16, 2021
@bishoybasily
Temporary (one import sorting check style error)
36a8269 
Add setBodyExtractor

Closes spring-projectsgh-10260
bishoybasily added a commit to bishoybasily/spring-security that referenced this issue Sep 16, 2021
@bishoybasily
all CheckStyle errors fixed
49d0007 
Closes spring-projectsgh-10260
@bishoybasily bishoybasily mentioned this issue Sep 16, 2021
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@jzheaux jzheaux

Labels
in: oauth2 An issue in OAuth2 modules (oauth2-core, oauth2-client, oauth2-resource-server, oauth2-jose) type: enhancement A general enhancement
Projects
None yet
Milestone
No milestone
2 participants
@jzheaux @bishoybasily