-
Notifications
You must be signed in to change notification settings - Fork 5.9k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Allow for multiple Jwt to GrantedAuthorizies converters #7596 #7597
Conversation
@rolaca11 would you be able to adjust this PR to conform to #7596 (comment) |
Yes, I'll make time for it this evening. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Thanks, @rolaca11! Will you please take a look at https://github.com/spring-projects/spring-security/blob/master/oauth2/oauth2-core/src/main/java/org/springframework/security/oauth2/core/DelegatingOAuth2TokenValidator.java and emulate that contract, for consistency?
Namely, please have a Collection
constructor and varargs constructor, please remove the mutator methods, and please add some JavaDoc, including an @author
tag, if you'd like.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Thanks, @rolaca11! I've left just a bit more feedback inline.
.../oauth2/server/resource/authentication/ReactiveDelegatingJwtGrantedAuthoritiesConverter.java
Outdated
Show resolved
Hide resolved
...security/oauth2/server/resource/authentication/DelegatingJwtGrantedAuthoritiesConverter.java
Show resolved
Hide resolved
...security/oauth2/server/resource/authentication/DelegatingJwtGrantedAuthoritiesConverter.java
Outdated
Show resolved
Hide resolved
Of course, sorry for the lot of feedback iterations, I'll do my best |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Sorry this fell off my radar, @rolaca11. I just left a bit more feedback.
If you like, I'd be happy to make the remaining changes listed.
Or, if you still are able to complete the PR, please also squash your commits down to one commit that includes Closes gh-7596
at the end of the commit message.
...security/oauth2/server/resource/authentication/DelegatingJwtGrantedAuthoritiesConverter.java
Outdated
Show resolved
Hide resolved
...security/oauth2/server/resource/authentication/DelegatingJwtGrantedAuthoritiesConverter.java
Outdated
Show resolved
Hide resolved
...security/oauth2/server/resource/authentication/DelegatingJwtGrantedAuthoritiesConverter.java
Outdated
Show resolved
Hide resolved
This is my first time squashing commits of a branch, so I might have messed up somewhere along the way. Can you please help me make sure everything is correct? |
Resolution of gh-7596.
In this PR, I introduce a way to have multiple granted authority converters inspect the incoming Jwt token and return the union of authorities returned by those converters.
This PR also refactors the
OAuth2ResourceServerConfigurer
to make better use of the newly introduced way of managing aforementioned converters.