Default retrieveUserInfo for OidcUserService & OidcReactiveOAuth2UserService are inconsistent

By default `OidcReactiveOAuth2UserService` [uses](https://github.com/spring-projects/spring-security/blob/7.0.0-M1/oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/client/oidc/userinfo/OidcReactiveOAuth2UserService.java#L74) `OidcUserRequestUtils::shouldRetrieveUserInfo` but `OidcUserService` [uses](https://github.com/spring-projects/spring-security/blob/7.0.0-M1/oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/client/oidc/userinfo/OidcUserService.java#L83) `this::retrieveUserInfo`.  The logic between these two methods are not consistent and we need to update the logic in `retrieveUserInfo` for `OidcUserService` & `OidcReactiveOAuth2UserService` to be consistent.

We need to:

1) Ensure that the logic in `OidcUserRequestUtils::shouldRetrieveUserInfo` is correct (since it isn't consistent with `OidcUserService::retrieveUserInfo`
2) Update the default for `OidcUserService` to use `OidcUserService::retreiveUserInfo`.

@jgrandja 

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

Default retrieveUserInfo for OidcUserService & OidcReactiveOAuth2UserService are inconsistent #17625

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

Default retrieveUserInfo for OidcUserService & OidcReactiveOAuth2UserService are inconsistent #17625

Description

Metadata

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

Issue actions