From 666c01b3a1597ab646576d24177afbebf97fda96 Mon Sep 17 00:00:00 2001 From: Romain LE BARO Date: Mon, 16 Dec 2024 14:53:30 +0100 Subject: [PATCH] Add resource parameter to the OAuth2 token request to follow RFC-8707 --- .../eclipse/edc/iam/oauth2/identity/Oauth2ServiceImpl.java | 1 + .../edc/iam/oauth2/spi/client/Oauth2CredentialsRequest.java | 6 ++++++ 2 files changed, 7 insertions(+) diff --git a/extensions/common/iam/oauth2/oauth2-core/src/main/java/org/eclipse/edc/iam/oauth2/identity/Oauth2ServiceImpl.java b/extensions/common/iam/oauth2/oauth2-core/src/main/java/org/eclipse/edc/iam/oauth2/identity/Oauth2ServiceImpl.java index 6c0eb800e38..aef504d9170 100644 --- a/extensions/common/iam/oauth2/oauth2-core/src/main/java/org/eclipse/edc/iam/oauth2/identity/Oauth2ServiceImpl.java +++ b/extensions/common/iam/oauth2/oauth2-core/src/main/java/org/eclipse/edc/iam/oauth2/identity/Oauth2ServiceImpl.java @@ -102,6 +102,7 @@ private Oauth2CredentialsRequest createRequest(TokenParameters parameters, Strin .url(tokenUrl) .clientAssertion(assertion) .scope(parameters.getStringClaim(JwtRegisteredClaimNames.SCOPE)) + .resource(parameters.getStringClaim(JwtRegisteredClaimNames.AUDIENCE)) .grantType(GRANT_TYPE) .build(); } diff --git a/spi/common/oauth2-spi/src/main/java/org/eclipse/edc/iam/oauth2/spi/client/Oauth2CredentialsRequest.java b/spi/common/oauth2-spi/src/main/java/org/eclipse/edc/iam/oauth2/spi/client/Oauth2CredentialsRequest.java index 19e02050842..124340299a9 100644 --- a/spi/common/oauth2-spi/src/main/java/org/eclipse/edc/iam/oauth2/spi/client/Oauth2CredentialsRequest.java +++ b/spi/common/oauth2-spi/src/main/java/org/eclipse/edc/iam/oauth2/spi/client/Oauth2CredentialsRequest.java @@ -25,6 +25,7 @@ public abstract class Oauth2CredentialsRequest { private static final String GRANT_TYPE = "grant_type"; private static final String SCOPE = "scope"; + private static final String RESOURCE = "resource"; protected String url; protected final Map params = new HashMap<>(); @@ -80,6 +81,10 @@ public B params(Map params) { return self(); } + public B resource(String targetedAudience) { + return param(RESOURCE, targetedAudience); + } + public abstract B self(); protected T build() { @@ -87,5 +92,6 @@ protected T build() { Objects.requireNonNull(request.params.get(GRANT_TYPE), GRANT_TYPE); return request; } + } }