Skip to content

OAuth2AuthorizedClientManager implementation works outside of request #7122

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Closed
wants to merge 2 commits into from
Closed

OAuth2AuthorizedClientManager implementation works outside of request #7122

wants to merge 2 commits into from

Conversation

jgrandja
Copy link
Contributor

@jgrandja jgrandja commented Jul 22, 2019
edited
Loading

Fixes gh-6780

Related #6683

NOTE: This PR is rebased off #7352. Please review the most recent commit, which includes all the changes for this PR.

@jgrandja jgrandja self-assigned this Jul 22, 2019
@jgrandja jgrandja added in: oauth2 An issue in OAuth2 modules (oauth2-core, oauth2-client, oauth2-resource-server, oauth2-jose) type: enhancement A general enhancement labels Jul 22, 2019
@jgrandja jgrandja modified the milestones: 5.2.x, 5.2.0.RC1 Jul 22, 2019
@jgrandja jgrandja force-pushed the gh-6683-authzclientmgr-outside-req branch 2 times, most recently from 665ab67 to b53fdbf Compare July 26, 2019 21:34
@jgrandja jgrandja force-pushed the gh-6683-authzclientmgr-outside-req branch from b53fdbf to e975a5f Compare August 28, 2019 13:44
@jgrandja jgrandja marked this pull request as ready for review August 28, 2019 13:46
@jgrandja jgrandja mentioned this pull request Aug 28, 2019
Closed
rwinch
rwinch requested changes Aug 29, 2019
View reviewed changes
Copy link
Member

@rwinch rwinch left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

If we want this to work outside of the scope of an HttpServletRequest we should not require HttpServletRequest on the classpath. I haven't looked at how we would do this yet, so some research would be necessary

@jgrandja
Copy link
Contributor Author

jgrandja commented Aug 29, 2019
edited
Loading

@rwinch

If we want this to work outside of the scope of an HttpServletRequest we should not require HttpServletRequest on the classpath

The use case we're trying to realize is the ability for a client to obtain an access token outside of a HttpServletRequest context, for example, in a @Scheduled process but still running in a web (Servlet) app. In addition to this, user's could directly leverage DefaultOAuth2AuthorizedClientManager in the service or data tier without depending on HttpServletRequest and HttpServletResponse.

For more details, please see this comment and this one:

I think there should be a way to just grab new access tokens in the service/data tier of a web application (for one to many authenticated clients) while using RestTemplate if desired

@jgrandja jgrandja mentioned this pull request Sep 4, 2019
Closed
@jgrandja jgrandja force-pushed the gh-6683-authzclientmgr-outside-req branch from e975a5f to 37eff2b Compare September 4, 2019 14:37
@jgrandja jgrandja changed the title DefaultOAuth2AuthorizedClientManager works outside of request OAuth2AuthorizedClientManager implementation works outside of request Sep 4, 2019
jzheaux
jzheaux requested changes Sep 5, 2019
View reviewed changes
...in/java/org/springframework/security/oauth2/client/OAuth2AuthorizedClientManagerService.java
* @see OAuth2AuthorizedClientProvider
* @see OAuth2AuthorizedClientService
*/
public final class OAuth2AuthorizedClientManagerService implements OAuth2AuthorizedClientManager {
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Would you please explain your reasoning for this name? Traditionally, I'd read this as "A class that serves OAuth2AuthorizedClientManagers", kind of like how OAuth2AuthorizedClientService serves OAuth2AuthorizedClients.

Maybe ServiceOAuth2AuthorizedClientManager is better since it places the thing that it is (an OAuth2AuthorizedClientManager) at the end and the thing it's reliant on (the OAuth2AuthorizedClientService) at the beginning of the name?

Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Talked with @jgrandja and looks like we'll rename this to AuthorizedClientServiceOAuth2AuthorizedClientManager so that the interface it's implementing goes at the end.

@jzheaux
Copy link
Contributor

jzheaux commented Sep 5, 2019

@jgrandja I've approved the changes, pending the class rename.

@jgrandja
Copy link
Contributor Author

jgrandja commented Sep 6, 2019

Merged via f7d0385

@jgrandja jgrandja closed this Sep 6, 2019
@jgrandja jgrandja deleted the gh-6683-authzclientmgr-outside-req branch September 8, 2019 10:32
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@rwinch rwinch rwinch requested changes

@jzheaux jzheaux jzheaux approved these changes

Assignees

@jgrandja jgrandja

Labels
in: oauth2 An issue in OAuth2 modules (oauth2-core, oauth2-client, oauth2-resource-server, oauth2-jose) type: enhancement A general enhancement
Projects
None yet
Milestone
5.2.0.RC1
Development

Successfully merging this pull request may close these issues.

OAuth2 Client Credentials Flow: Getting access tokens in the service/data tier
3 participants
@jgrandja @jzheaux @rwinch