Skip to content

Allow customizing the strategy for resolving the principal in OAuth2ClientHttpRequestInterceptor #15826

New issue
New issue
Closed
Closed
Allow customizing the strategy for resolving the principal in OAuth2ClientHttpRequestInterceptor#15826
Assignees
sjohnr
Labels
in: oauth2An issue in OAuth2 modules (oauth2-core, oauth2-client, oauth2-resource-server, oauth2-jose)status: duplicateA duplicate of another issuetype: enhancementA general enhancement
Milestone
 
6.4.0-RC1
@sjohnr

Description

@sjohnr
sjohnr
opened on Sep 18, 2024

Similar to OAuth2ClientHttpRequestInterceptor.ClientRegistrationIdResolver, we need a way to customize how the principal (Authentication) is resolved. This is particularly important when applications are using the client_credentials grant type, which typically requires access tokens to be scoped to the application instead of the current user.

Related gh-13588, gh-15299

Metadata

Metadata

Assignees

Labels

in: oauth2An issue in OAuth2 modules (oauth2-core, oauth2-client, oauth2-resource-server, oauth2-jose)status: duplicateA duplicate of another issuetype: enhancementA general enhancement

Type

No type

Projects

No projects

Milestone

Relationships

None yet

Development

No branches or pull requests

Issue actions