Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Resource Server should support WebClient Bearer Token propagation #7284

Closed
jzheaux opened this issue Aug 20, 2019 · 2 comments · Fixed by #7330
Closed

Resource Server should support WebClient Bearer Token propagation #7284

jzheaux opened this issue Aug 20, 2019 · 2 comments · Fixed by #7330
Assignees
@jzheaux
Labels
in: oauth2 An issue in OAuth2 modules (oauth2-core, oauth2-client, oauth2-resource-server, oauth2-jose) type: enhancement A general enhancement
Milestone
5.2.0.RC1

Comments

@jzheaux
Copy link
Contributor

jzheaux commented Aug 20, 2019

A resource server can propagate the bearer token by fashioning an ExchangeFilterFunction:

ExchangeFilterFunction oauth2 = (request, next) -> {
    AbstractOAuth2TokenAuthenticationToken<?> authentication = 
        (AbstractOAuth2TokenAuthenticationToken<?>) 
            SecurityContextHolder.getContext().getAuthentication();
    request.headers().setBearerAuth(authentication.getToken().getTokenValue());
    return next.exchange(request);
};

It would be nice to remove some of this boilerplate.
@jzheaux jzheaux added type: enhancement A general enhancement in: oauth2 An issue in OAuth2 modules (oauth2-core, oauth2-client, oauth2-resource-server, oauth2-jose) labels Aug 20, 2019
@jzheaux jzheaux added this to the 5.2.0.RC1 milestone Aug 20, 2019
@jzheaux jzheaux self-assigned this Aug 20, 2019
@jzheaux
Copy link
Contributor Author

jzheaux commented Aug 20, 2019

Related to https://github.com/spring-cloud/spring-cloud-security/issues/217

@jgrandja
Copy link
Contributor

jgrandja commented Aug 23, 2019
edited
Loading

@jzheaux Ticket #5334 is related as well. Please consider a solution that could resolve both issues.

@jzheaux jzheaux added status: duplicate A duplicate of another issue and removed status: duplicate A duplicate of another issue labels Aug 29, 2019
@jzheaux jzheaux mentioned this issue Aug 29, 2019
Merged
jzheaux added a commit to jzheaux/spring-security that referenced this issue Sep 3, 2019
@jzheaux
Add Servlet and ServerBearerExchangeFilterFunction
352a187 
Fixes spring-projectsgh-5334
Fixes spring-projectsgh-7284
jzheaux added a commit that referenced this issue Sep 3, 2019
@jzheaux
Add Servlet and ServerBearerExchangeFilterFunction
f350988 
Fixes gh-5334
Fixes gh-7284
@jgrandja jgrandja mentioned this issue Nov 19, 2019
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@jzheaux jzheaux

Labels
in: oauth2 An issue in OAuth2 modules (oauth2-core, oauth2-client, oauth2-resource-server, oauth2-jose) type: enhancement A general enhancement
Projects
None yet
Milestone
5.2.0.RC1
Development

Successfully merging a pull request may close this issue.

Add Servlet and ServerBearerExchangeFilterFunction jzheaux/spring-security
2 participants
@jzheaux @jgrandja