Description
Hi,
I successfully use the authorization server in a multitenant environment and now also want to use OpenId Connect functionality and struggle with what is currently offered for configuration. The problem is that AuthorizationServerSettings is a final class and not an interface I could proxy and therefore would need to replace the AuthorizationServerContextFilter and with it the whole default OpenID configuration.
If you don't want to make it an interface I would propose to introduce an AuthorizationServerContextResolver that is then used in the AuthorizationServerContextFilter to create the AuthorizationServerContext. A developer then could configure its own AuthorizationServerContextResolver to be used. How it could look like:
frederikz@a7b256d
I can make I pull request if you want me to.
I'm not really happy with that you still have a AuthorizationServerSettings bean that then has an URL with placeholders like /oauth2/{tenantName}/authorize (I encode the tenant name in the URL) as the configurers use the AuthorizationServerSettings bean to create requests matchers. An alternative would be to make the AuthorizationServerSettings bean optional and allow to specifiy your own request matchers for the various endpoints.