Update OAuth2ClientAuthenticationFilter #1577
Closed
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
OAuth2AuthorizationRequest authorizationRequest = authorization.getAttribute(
OAuth2AuthorizationRequest.class.getName());
String codeChallenge = (String) authorizationRequest.getAdditionalParameters()
.get(PkceParameterNames.CODE_CHALLENGE);
Improved error handling with more descriptive error messages.
Enhanced logging to provide more information during the authentication process.
Added checks for null authorization request and unsupported code challenge methods.
Made the code more concise and readable by simplifying conditionals and refactoring repetitive code.
Prior to this commit, error handling and logging in the OAuth2 authorization process could be improved. This commit enhances the error handling to provide slightly more descriptive error messages and improves logging to include additional information during the authentication process. Changes made: - Improved error handling to provide slightly more descriptive error messages. - Enhanced logging to include additional information during the authentication process. The code previously relied on OAuth2AuthorizationRequest to retrieve the authorization request, which could potentially lead to a 'NullPointerException' if the request was not properly initialized. This commit ensures that the authorization request is retrieved safely.
…-server into my-1.2.1
This commit adds a new method, getClientSecret(), to the OAuth2ClientAuthenticationToken class. This method allows retrieving client secrets for confidential clients during client authentication. Before this commit, there was no method available to directly fetch the client secret from the OAuth2ClientAuthenticationToken class.
spring-projects-issues
added
the
status: waiting-for-triage
|
Closing as duplicate of gh-1576 |
jgrandja
added
status: duplicate
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
4 participants
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
This update enhances the OAuth2ClientAuthenticationFilter by adding the method validateClientAuthenticationMethod(Authentication authentication). This method ensures that client authentication methods requiring a client secret have it included in the authentication process. Additionally, the getClientSecret() method has been added to the OAuth2ClientAuthenticationToken class. These changes ensure compliance with the Client Authentication specifications outlined in the OAuth 2.0 RFC.