Skip to content

Resource Server configurers should pick up a JwtAuthenticationConverter bean #8185

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Closed
jzheaux opened this issue Mar 24, 2020 · 5 comments
Closed

Resource Server configurers should pick up a JwtAuthenticationConverter bean #8185

jzheaux opened this issue Mar 24, 2020 · 5 comments
Assignees
@jzheaux
Labels
in: oauth2 An issue in OAuth2 modules (oauth2-core, oauth2-client, oauth2-resource-server, oauth2-jose) type: enhancement A general enhancement
Milestone
5.4.0-M1

Comments

@jzheaux
Copy link
Contributor

jzheaux commented Mar 24, 2020

It's quite convenient to be able to expose JwtDecoder or ReactiveJwtDecoder as a bean and have Spring Security's OAuth 2.0 Resource Server pick it up.

It would be nice to be able to do the same with JwtAuthenticationConverter:

@Bean 
JwtAuthenticationConverter jwtAuthenticationConverter() {
    JwtAuthenticationConverter converter = new JwtAuthenticationConverter();
    converter.setJwtGrantedAuthoritiesConverter(...);
    return converter;
}
@jzheaux jzheaux added type: enhancement A general enhancement status: ideal-for-contribution An issue that we actively are looking for someone to help us with in: oauth2 An issue in OAuth2 modules (oauth2-core, oauth2-client, oauth2-resource-server, oauth2-jose) labels Mar 24, 2020
@jzheaux jzheaux self-assigned this Mar 24, 2020
@jzheaux jzheaux mentioned this issue Apr 6, 2020
Closed
@evgeniycheban
Copy link
Contributor

I would like to take this task.

@akuma8
Copy link
Contributor

akuma8 commented Apr 9, 2020

@jzheaux Yes this could solve my issue where I have multiple filter chains but as a client I should not have to worry about that bean, I want to define it and forget it. I mean, I don’t want to inject that bean in each filter chain, spring security should handle it behind the scene.

@jzheaux
Copy link
Contributor Author

jzheaux commented Apr 9, 2020

Sure, @evgeniycheban! It's yours.

@jzheaux jzheaux removed the status: ideal-for-contribution An issue that we actively are looking for someone to help us with label Apr 9, 2020
evgeniycheban added a commit to evgeniycheban/spring-security that referenced this issue Apr 12, 2020
@evgeniycheban
Allow expose JwtAuthenticationConverter as a bean for Resource Server
a591d26 
Fixes spring-projectsgh-8185
@evgeniycheban evgeniycheban mentioned this issue Apr 12, 2020
Closed
jzheaux added a commit that referenced this issue Apr 14, 2020
@jzheaux
Add JwtAuthenticationConverter docs
13b2b00 
Issue gh-8185
@jzheaux jzheaux added this to the 5.4.0-M1 milestone Aug 5, 2020
@akuma8
Copy link
Contributor

akuma8 commented Oct 12, 2020

Hi @jzheaux,
Is this feature released? If yes, which version of Spring Security? I would like to migrate my current configurations to this one.
Also I would like to contribute again, if you have issues for new committers please let me kow.

@jzheaux
Copy link
Contributor Author

jzheaux commented Oct 13, 2020

Yes, @akuma8, it was released in 5.4.0-M1. The GA version (5.4.0) released in September.

It would be great to get more contributions from you! Please check for the ideal-for-contribution label for some ideas. Currently, I don't see any OAuth 2.0 ones, but there's a SAML 2.0 ticket there that would be helpful.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@jzheaux jzheaux

Labels
in: oauth2 An issue in OAuth2 modules (oauth2-core, oauth2-client, oauth2-resource-server, oauth2-jose) type: enhancement A general enhancement
Projects
None yet
Milestone
5.4.0-M1
Development

Successfully merging a pull request may close this issue.

Allow expose JwtAuthenticationConverter as a bean for Resource Server evgeniycheban/spring-security
3 participants
@akuma8 @jzheaux @evgeniycheban