Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Ensure Spring Security OAuth works well with Sagan #4993

Closed
rwinch opened this issue Feb 2, 2018 · 5 comments
Closed

Ensure Spring Security OAuth works well with Sagan #4993

rwinch opened this issue Feb 2, 2018 · 5 comments
Assignees
@jgrandja
Labels
in: oauth2 An issue in OAuth2 modules (oauth2-core, oauth2-client, oauth2-resource-server, oauth2-jose) type: task A general task

Comments

@rwinch
Copy link
Member

rwinch commented Feb 2, 2018
edited
Loading

Summary

We should provide a pull request to Sagan to update to use the new Spring Security OAuth support. Along the way we should find any areas for improvements in Spring Security OAuth support and make them.
@rwinch rwinch added the in: oauth2 An issue in OAuth2 modules (oauth2-core, oauth2-client, oauth2-resource-server, oauth2-jose) label Feb 2, 2018
@rwinch rwinch added this to the 5.1.0.M1 milestone Feb 2, 2018
@rwinch rwinch mentioned this issue Feb 2, 2018
Closed
@jgrandja jgrandja self-assigned this Mar 16, 2018
@jgrandja
Copy link
Contributor

@rwinch As mentioned, @bclozel is currently in the process of upgrading Sagan to Spring Boot 2. As soon as that is complete, I'll upgrade it to use the new OAuth client support.

@jgrandja jgrandja modified the milestones: 5.1.0.M1, 5.1.0.M2 May 3, 2018
@jgrandja jgrandja removed this from the 5.1.0.M2 milestone Jul 24, 2018
@jgrandja jgrandja added this to the General Backlog milestone May 21, 2019
@jgrandja jgrandja removed their assignment Jun 4, 2019
@jgrandja
Copy link
Contributor

@bclozel I'm circling back to this issue and wondering if you have already updated Sagan to use Spring Security's OAuth client support?

@bclozel
Copy link
Member

bclozel commented May 18, 2021

Hey @jgrandja thanks for reaching out!

We're now using the Spring Security OAuth client support, see the security config class and the github client registration.

As far as I understand the only missing piece in our security arrangement would be to use Bearer tokens as an authentication mechanism for the API (see spring-attic/sagan#1025).

@jgrandja
Copy link
Contributor

Thanks for the update @bclozel !

Bearer token authentication could be configured by adding a BearerTokenAuthenticationFilter as @rwinch mentioned. Let me know if you need any help with this.

@jgrandja jgrandja removed this from the General Backlog milestone May 18, 2021
@jgrandja jgrandja self-assigned this May 18, 2021
@jgrandja
Copy link
Contributor

Resolved as per comment.

@jgrandja jgrandja added the type: task A general task label May 18, 2021
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@jgrandja jgrandja

Labels
in: oauth2 An issue in OAuth2 modules (oauth2-core, oauth2-client, oauth2-resource-server, oauth2-jose) type: task A general task
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@bclozel @rwinch @jgrandja