Skip to content

Adding Enhancement for Client Authentication using JWT Secret assertion #8737

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Closed
wants to merge 6 commits into from
Closed

Adding Enhancement for Client Authentication using JWT Secret assertion #8737

wants to merge 6 commits into from

Conversation

visweshwar
Copy link

One of the protocols support by OAuth is Client Assertion as authentication

A client uses an assertion to authenticate to the authorization server's token endpoint by using the "client_assertion_type" and "client_assertion" parameters

https://tools.ietf.org/html/rfc7521#section-6.1

Current Behavior

No Support

Context

This is something supported by jose.nimbus and as consumer and provider of OAuth we want to secure our authentication to the token endpoint using this protocol.

#8735

@spring-projects-issues spring-projects-issues added the status: waiting-for-triage An issue we've not yet triaged label Jun 20, 2020
Visweshwar Ganesh and others added 2 commits June 20, 2020 19:58
@jgrandja jgrandja mentioned this pull request Jun 22, 2020
Closed
@jgrandja
Copy link
Contributor

@visweshwar This feature is being tracked in #6881 and work has already started via #8583 and spring-authorization-server#81 .

Although #8583 has been closed, @krajcsovszkig-ms will provide a new PR after the work provided in spring-authorization-server#81 is merged into Spring Security. Please review the comments in #8583 to understand the strategy on delivering this feature.

Going forward, it is always best to reach out first to see if this feature is already implemented or currently being worked on. We typically assign issues for feature requests after we have agreed upon the approach for implementation.

I'm going to close this as duplicate.

@jgrandja jgrandja closed this Jun 22, 2020
@jgrandja jgrandja self-assigned this Jun 22, 2020
@jgrandja jgrandja added in: oauth2 An issue in OAuth2 modules (oauth2-core, oauth2-client, oauth2-resource-server, oauth2-jose) status: duplicate A duplicate of another issue and removed status: waiting-for-triage An issue we've not yet triaged labels Jun 22, 2020
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees

@jgrandja jgrandja

Labels
in: oauth2 An issue in OAuth2 modules (oauth2-core, oauth2-client, oauth2-resource-server, oauth2-jose) status: duplicate A duplicate of another issue
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@visweshwar @jgrandja @spring-projects-issues