Skip to content

Consider adding PrincipalResolver to ExchangeFilterFunctions #16284

New issue
New issue
Open
Open
Consider adding PrincipalResolver to ExchangeFilterFunctions#16284
Assignees
sjohnr
Labels
in: oauth2An issue in OAuth2 modules (oauth2-core, oauth2-client, oauth2-resource-server, oauth2-jose)type: enhancementA general enhancement
Milestone
 
7.0.x
@sjohnr

Description

@sjohnr
sjohnr
opened on Dec 13, 2024

We should align (Server|Servlet)OAuth2AuthorizedClientExchangeFilterFunction with OAuth2ClientHttpRequestInterceptor which introduces a PrincipalResolver as a flexible strategy for resolving the Authentication for a given request.

For ServletOAuth2AuthorizedClientExchangeFilterFunction, the interface could be:

@FunctionalInterface
public interface PrincipalResolver {

	@Nullable
	Authentication resolve(ClientRequest request);

}

For ServerOAuth2AuthorizedClientExchangeFilterFunction, it may need to return a Mono<Authentication> to accommodate ReactiveSecurityContextHolder:

@FunctionalInterface
public interface PrincipalResolver {

	@Nullable
	Mono<Authentication> resolve(ClientRequest request);

}

Metadata

Metadata

Assignees

Labels

in: oauth2An issue in OAuth2 modules (oauth2-core, oauth2-client, oauth2-resource-server, oauth2-jose)type: enhancementA general enhancement

Type

No type

Projects

No projects

Milestone

Relationships

None yet

Development

No branches or pull requests

Issue actions