Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Allow customizing the strategy for resolving the principal in OAuth2ClientHttpRequestInterceptor #15826

Closed
sjohnr opened this issue Sep 18, 2024 · 0 comments
Closed

Allow customizing the strategy for resolving the principal in OAuth2ClientHttpRequestInterceptor #15826

sjohnr opened this issue Sep 18, 2024 · 0 comments
Assignees
@sjohnr
Labels
in: oauth2 An issue in OAuth2 modules (oauth2-core, oauth2-client, oauth2-resource-server, oauth2-jose) status: duplicate A duplicate of another issue type: enhancement A general enhancement
Milestone
6.4.0-RC1

Comments

@sjohnr
Copy link
Member

sjohnr commented Sep 18, 2024
edited
Loading

Similar to OAuth2ClientHttpRequestInterceptor.ClientRegistrationIdResolver, we need a way to customize how the principal (Authentication) is resolved. This is particularly important when applications are using the client_credentials grant type, which typically requires access tokens to be scoped to the application instead of the current user.

Related gh-13588, gh-15299
@sjohnr sjohnr added type: enhancement A general enhancement in: oauth2 An issue in OAuth2 modules (oauth2-core, oauth2-client, oauth2-resource-server, oauth2-jose) labels Sep 18, 2024
@sjohnr sjohnr added this to the 6.4.x milestone Sep 18, 2024
@sjohnr sjohnr self-assigned this Sep 18, 2024
@sjohnr sjohnr moved this to Prioritized in Spring Security Team Sep 18, 2024
sjohnr added a commit to sjohnr/spring-security that referenced this issue Sep 20, 2024
@sjohnr
Customize the strategy for resolving the principal
fdb48e0 
Closes spring-projectsgh-15826
sjohnr added a commit to sjohnr/spring-security that referenced this issue Sep 20, 2024
@sjohnr
Customize the strategy for resolving the principal
2ae9e0f 
Closes spring-projectsgh-15826
sjohnr added a commit to sjohnr/spring-security that referenced this issue Sep 20, 2024
@sjohnr
Customize the strategy for resolving the principal
a672d23 
Closes spring-projectsgh-15826
sjohnr added a commit to sjohnr/spring-security that referenced this issue Sep 20, 2024
@sjohnr
Customize the strategy for resolving the principal
d725e7b 
Closes spring-projectsgh-15826
@sjohnr sjohnr mentioned this issue Sep 20, 2024
Closed
@sjohnr sjohnr moved this from Prioritized to In Progress in Spring Security Team Sep 20, 2024
@sjohnr sjohnr closed this as completed in e11c188 Sep 27, 2024
@sjohnr sjohnr modified the milestones: 6.4.x, 6.4.0-RC1 Sep 27, 2024
@sjohnr sjohnr moved this from In Progress to Done in Spring Security Team Sep 27, 2024
@sjohnr sjohnr added the status: duplicate A duplicate of another issue label Sep 27, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@sjohnr sjohnr

Labels
in: oauth2 An issue in OAuth2 modules (oauth2-core, oauth2-client, oauth2-resource-server, oauth2-jose) status: duplicate A duplicate of another issue type: enhancement A general enhancement
Projects
Spring Security Team
Status: Done
Milestone
6.4.0-RC1
Development

Successfully merging a pull request may close this issue.

Customize the strategy for resolving the principal sjohnr/spring-security
1 participant
@sjohnr