Skip to content

DefaultOAuth2UserService should extract authorities #7339

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Closed
jzheaux opened this issue Sep 3, 2019 · 0 comments · Fixed by #7351
Closed

DefaultOAuth2UserService should extract authorities #7339

jzheaux opened this issue Sep 3, 2019 · 0 comments · Fixed by #7351
Assignees
@jzheaux
Labels
in: oauth2 An issue in OAuth2 modules (oauth2-core, oauth2-client, oauth2-resource-server, oauth2-jose) type: enhancement A general enhancement
Milestone
5.2.0.RC1

Comments

@jzheaux
Copy link
Contributor

jzheaux commented Sep 3, 2019

JwtGrantedAuthoritiesConverter is handy in Resource Server for extracting each scope into individual GrantedAuthoritys:

Jwt jwt = Jwt.withTokenValue("token")
    .claim("scope", "message:read message:write")
    .header("alg", "none")
    .build();
JwtGrantedAuthoritiesConverter converter = new JwtGrantedAuthoritiesConverter();
assertThat(converter.convert(jwt)).containsExactly(
    new SimpleGrantedAuthority("SCOPE_message:read"),
    new SimpleGrantedAuthority("SCOPE_message:write"));

It'd be nice if DefaultOAuth2UserService did the same thing by default. Currently, it adds the OAuth2UserAuthority to the list of granted authorities, so this ticket would serve to append several SimpleGrantedAuthoritys to that list.

Note that we should also keep #5349 in mind when completing this feature.
@jzheaux jzheaux added in: oauth2 An issue in OAuth2 modules (oauth2-core, oauth2-client, oauth2-resource-server, oauth2-jose) type: enhancement A general enhancement labels Sep 3, 2019
@jzheaux jzheaux modified the milestones: 5.2.0, 5.2.0.RC1 Sep 3, 2019
@jzheaux jzheaux self-assigned this Sep 3, 2019
jzheaux added a commit to jzheaux/spring-security that referenced this issue Sep 4, 2019
@jzheaux
Grant Individual Authorities From Claims
b846898 
Fixes spring-projectsgh-7339
@jzheaux jzheaux mentioned this issue Sep 4, 2019
Merged
jzheaux added a commit that referenced this issue Sep 4, 2019
@jzheaux
Grant Individual Authorities From Claims
aa1c80c 
Fixes gh-7339
@husam-e husam-e mentioned this issue May 13, 2022
Open
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@jzheaux jzheaux

Labels
in: oauth2 An issue in OAuth2 modules (oauth2-core, oauth2-client, oauth2-resource-server, oauth2-jose) type: enhancement A general enhancement
Projects
None yet
Milestone
5.2.0.RC1
Development

Successfully merging a pull request may close this issue.

Grant Individual Authorities From Claims jzheaux/spring-security
1 participant
@jzheaux