Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Move and rename OAuth2IntrospectionClaimAccessor/Names #9647

Closed
jgrandja opened this issue Apr 16, 2021 · 1 comment · Fixed by #9903
Closed

Move and rename OAuth2IntrospectionClaimAccessor/Names #9647

jgrandja opened this issue Apr 16, 2021 · 1 comment · Fixed by #9903
Assignees
@qavid
Labels
in: oauth2 An issue in OAuth2 modules (oauth2-core, oauth2-client, oauth2-resource-server, oauth2-jose) type: enhancement A general enhancement
Milestone
5.6.0-M2

Comments

@jgrandja
Copy link
Contributor

jgrandja commented Apr 16, 2021
edited
Loading

We should move and rename OAuth2IntrospectionClaimAccessor and OAuth2IntrospectionClaimNames to allow for reuse.

Currently, the classes reside in org.springframework.security.oauth2.server.resource and are used by oauth2-resource-server for introspecting opaque access tokens. This is a "specialized flow" used by an OAuth 2.0 Client, since authentication is required at the Introspection Endpoint using client credentials or a bearer token.

Moving both classes to org.springframework.security.oauth2.core (oauth2-core module) will allow for reuse on the Authorization Server side spring-authorization-server#52.

As well, renaming OAuth2IntrospectionClaimAccessor to OAuth2TokenIntrospectionClaimAccessor and OAuth2IntrospectionClaimNames to OAuth2TokenIntrospectionClaimNames is explicit on "what is being introspected" (a token) and aligns with the spec language.

NOTE:

This is scheduled for 5.6.x with the following plan:

  1. Add OAuth2TokenIntrospectionClaimAccessor and OAuth2TokenIntrospectionClaimNames
  2. @Deprecate OAuth2IntrospectionClaimAccessor and OAuth2IntrospectionClaimNames
@jgrandja jgrandja added status: waiting-for-triage An issue we've not yet triaged type: enhancement A general enhancement labels Apr 16, 2021
@jgrandja jgrandja self-assigned this Apr 16, 2021
@jgrandja jgrandja added in: oauth2 An issue in OAuth2 modules (oauth2-core, oauth2-client, oauth2-resource-server, oauth2-jose) and removed status: waiting-for-triage An issue we've not yet triaged labels Apr 16, 2021
@jgrandja jgrandja added this to the 5.6.0-M1 milestone Apr 16, 2021
@qavid qavid mentioned this issue Jun 11, 2021
Merged
@qavid
Copy link
Contributor

qavid commented Jun 12, 2021

@jgrandja @jzheaux I have prepared PR #9903 for this issue. Please take a look at it.

@jgrandja jgrandja assigned qavid and unassigned jgrandja Jun 15, 2021
@eleftherias eleftherias modified the milestones: 5.6.0-M1, 5.6.0-M2 Jul 19, 2021
jzheaux pushed a commit that referenced this issue Aug 12, 2021
@qavid @jzheaux
Move and rename OAuth2IntrospectionClaimAccessor/Names
3ff8255 
Introduced OAuth2TokenIntrospectionClaimAccessor and OAuth2TokenIntrospectionClaimNames
with copied implementation from OAuth2IntrospectionClaimAccessor/Names.
OAuth2IntrospectionClaimAccessor and OAuth2IntrospectionClaimNames are
now deprecated.

Also method getScopes() returning list of scopes was introduced
and getScope() is now deprecated.

Closes gh-9647
jzheaux added a commit that referenced this issue Aug 12, 2021
@jzheaux
Update SpringOpaqueTokenIntrospector
cdc902d 
Issue gh-9647
@sjohnr sjohnr mentioned this issue Aug 19, 2021
Closed
akohli96 pushed a commit to akohli96/spring-security that referenced this issue Aug 25, 2021
@qavid
Move and rename OAuth2IntrospectionClaimAccessor/Names
944825d 
Introduced OAuth2TokenIntrospectionClaimAccessor and OAuth2TokenIntrospectionClaimNames
with copied implementation from OAuth2IntrospectionClaimAccessor/Names.
OAuth2IntrospectionClaimAccessor and OAuth2IntrospectionClaimNames are
now deprecated.

Also method getScopes() returning list of scopes was introduced
and getScope() is now deprecated.

Closes spring-projectsgh-9647
akohli96 pushed a commit to akohli96/spring-security that referenced this issue Aug 25, 2021
@jzheaux
Update SpringOpaqueTokenIntrospector
5a607aa 
Issue spring-projectsgh-9647
@jgrandja jgrandja mentioned this issue Jan 20, 2022
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@qavid qavid

Labels
in: oauth2 An issue in OAuth2 modules (oauth2-core, oauth2-client, oauth2-resource-server, oauth2-jose) type: enhancement A general enhancement
Projects
None yet
Milestone
5.6.0-M2
Development

Successfully merging a pull request may close this issue.

Move and rename OAuth2IntrospectionClaimAccessor/Names
3 participants
@qavid @eleftherias @jgrandja