Add automatic token refresh to TokenRelayGatewayFilterFactory

[thekalinga]

Bug report

As of now TokenRelayGatewayFilterFactory cascades access token even if it expired. If the access token is expired, this filter should attempt to refresh the token if refresh tokens are supported, else get fresh new token before sending the request downstream

ServerOAuth2AuthorizedClientExchangeFilterFunction already does this for WebClient based on the current OAuth2AuthenticationToken, TokenRelayGatewayFilterFactory should emulate it

[spencergibb]

/cc @jgrandja @jzheaux

[agerock]

We use TokenRelayGatewayFilterFactory with OAuth2 and the access token expiry is 5 min. Any further requests are forwarded with expired token. Is there any timeline for implementation of this enhancement?

[wtatum]

It feels like the implementation of this would be really similar to ServerOAuth2AuthorizedClientExchangeFilterFunction but the interfaces of .web.reactive.function.client.ExchangeFilterFunction and .cloud.gateway.filter.GatewayFilter are pretty dramatically different even though their doing something trivially similar. I've tried to implement my own version of the TokenRelayGatewayFilterFactory but it feels like the only way to get it to work would be to re-implement the shouldRefresh and refreshAuthorizedClient code from ServerOAuth2AuthorizedClientExchangeFilterFunction again, but in terms of ServerWebExchange and GatewayFilterChain instead of ClientRequest.

[Alan210]

Thanks for advice! I wrote a custom TokenRelayGatewayFilterFactory to implement the shouldRefresh and refreshAuthorizedClient code from ServerOAuth2AuthorizedClientExchangeFilterFunction, used webclient post instead of the origin ExchangeFunction, and it worked.

[floresek]

Hi Alan210

Could you be so kind and share your implementation, please?

Cheers
Flores

[gongchao8888]

We use TokenRelayGatewayFilterFactory with OAuth2 and the access token expiry is 1 min.
When token expires。Token do not refreshed spring cloud G and spring cloud Hoxton

[tschlegel]

Here is my implementation of the custom TokenRelayGatewayFilterFactory with automatic token refresh based on the functionality from class ServerOAuth2AuthorizedClientExchangeFilterFunction

[floresek]

Thanks ;)

[gongchao8888]

Here is my implementation of the custom TokenRelayGatewayFilterFactory with automatic token refresh based on the functionality from class ServerOAuth2AuthorizedClientExchangeFilterFunction

this link do not open . can you let me see your demo? thanks

[spencergibb]

The link works fine for me