Skip to content

Support UserDetailsService components in OAuth2 Resource Server flows #6237

New issue
New issue
Open
#17191
Open
Support UserDetailsService components in OAuth2 Resource Server flows#6237
#17191
Assignees
jzheauxtherepanic
Labels
in: oauth2An issue in OAuth2 modules (oauth2-core, oauth2-client, oauth2-resource-server, oauth2-jose)type: enhancementA general enhancement
@edeandrea

Description

@edeandrea
edeandrea
opened on Dec 5, 2018

Spun out from #6219.

We need the ability to apply a UserDetailsChecker to the OAuth2 Resource Server flows.

My initial thoughts on implementation would be to have converters (i.e. Converter<Jwt, AbstractAuthenticationToken> & Converter<Jwt, Mono<AbstractAuthenticationToken>>) that can take an underlying Converter and apply a UserDetailsChecker to it before returning the AbstractAuthenticationToken/Mono<AbstractAuthenticationToken>.

That way in the configuration DSL a consumer could choose to have this ability or not via something like

http.oauth2ResourceServer()
  .jwt()
    .jwtAuthenticationConverter(new ReactiveJwtPostAutneticationChecksAuthenticationConverter(userDetailsService));

I'm open to discussing the correct approach on how best to integrate it and am happy to supply a PR for the correct approach.

If you'd rather me submit a PR with what I have and discuss the approach on the PR thats fine too.

Metadata

Metadata

Assignees

Labels

in: oauth2An issue in OAuth2 modules (oauth2-core, oauth2-client, oauth2-resource-server, oauth2-jose)type: enhancementA general enhancement

Type

No type

Projects

No projects

Milestone

No milestone

Relationships

None yet

Development

No branches or pull requests

Issue actions