Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Make it easier to add validators to the auto-configured DelegatingOAuth2TokenValidator #35783

Closed
jzheaux opened this issue Jun 7, 2023 · 4 comments
Closed

Make it easier to add validators to the auto-configured DelegatingOAuth2TokenValidator #35783

jzheaux opened this issue Jun 7, 2023 · 4 comments
Labels
status: superseded An issue that has been superseded by another type: enhancement A general enhancement

Comments

@jzheaux
Copy link
Contributor

jzheaux commented Jun 7, 2023

Please see spring-projects/spring-security#13249 for background information.

It would be nice for those creating starters to be able to customize the JwtDecoder created by Spring Boot, namely its set of validators.

Something like the following would be more convenient and less error-prone than replacing the JwtDecoder bean definition:

@Bean 
JwtDecoderValidatorCustomizer jwtDecoderValidatorCustomizer() {
    return (validator) -> new DelegatingOAuth2TokenValidator<>(validator, customValidator);
}
@jzheaux jzheaux mentioned this issue Jun 7, 2023
Open
@spring-projects-issues spring-projects-issues added the status: waiting-for-triage An issue we've not yet triaged label Jun 7, 2023
@wilkinsona
Copy link
Member

Reading spring-projects/spring-security#13249, it sounds like @romangr would like to be able to add additional validators while keeping all of the default validators. Rather than introducing a customizer (there isn't really an instance of something to customize), I wonder if we could add any OAuth2TokenValidator<Jwt> beans to the auto-configured DelegatingOAuth2TokenValidator instead?

@wilkinsona wilkinsona added the status: waiting-for-internal-feedback An issue that needs input from a member or another Spring Team label Jun 8, 2023
@jzheaux
Copy link
Contributor Author

jzheaux commented Jun 12, 2023

I see, @wilkinsona. Yes, that makes sense.

@wilkinsona wilkinsona changed the title Add Support for Customizing Resource Server Token Validators Make it easier to add validators to the auto-configured DelegatingOAuth2TokenValidator Jun 13, 2023
@wilkinsona wilkinsona added type: enhancement A general enhancement and removed status: waiting-for-triage An issue we've not yet triaged status: waiting-for-internal-feedback An issue that needs input from a member or another Spring Team labels Jun 13, 2023
@wilkinsona wilkinsona added this to the 3.x milestone Jun 13, 2023
@romangr romangr mentioned this issue Jun 13, 2023
Closed
@romangr
Copy link
Contributor

romangr commented Jun 13, 2023

I created a PR with the implementation similar to the one I use in my starter library, please let me know if it makes sense

@wilkinsona
Copy link
Member

Closing in favor of #35874.

@wilkinsona wilkinsona closed this as not planned Won't fix, can't repro, duplicate, stale Jun 30, 2023
@wilkinsona wilkinsona removed this from the 3.x milestone Jun 30, 2023
@wilkinsona wilkinsona added the status: superseded An issue that has been superseded by another label Jun 30, 2023
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
status: superseded An issue that has been superseded by another type: enhancement A general enhancement
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

Support custom token validators for OAuth2 Resource Server auto-configuration
4 participants
@wilkinsona @romangr @jzheaux @spring-projects-issues