Skip to content

Implement OAuth 2.0 Token Exchange #60

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Closed
jgrandja opened this issue Apr 21, 2020 · 12 comments
Closed

Implement OAuth 2.0 Token Exchange #60

jgrandja opened this issue Apr 21, 2020 · 12 comments
Labels
status: duplicate A duplicate of another issue

Comments

@jgrandja
Copy link
Collaborator

jgrandja commented Apr 21, 2020
edited
Loading

This feature will deliver OAuth 2.0 Token Exchange.
@jgrandja jgrandja added the status: on-hold We can't start working on this issue yet label Apr 23, 2020
@oridool
Copy link

oridool commented Sep 16, 2020

Hi,
Great work so far!! looks very promising 👍

When is this Token Exchange planned for?

Or alternatively, any chance to add custom claims to JWT when using client_credentials flow? Claims that depends on my request (headers / scopes) ?
For example, if I send an HTTP header x-my-custom-claim : value, then I would like the token to be created with the claim x-my-custom-claim and the value value.

Thanks,
Ori.

@jgrandja
Copy link
Collaborator Author

Thanks @oridool !

Token Exchange will be delivered at a much later point. There are a few higher priority items ahead of it. You can always look at the ZenHub board (see Feature Planning section for link) to see the features which are prioritized in the order of development.

The ability to add custom claims is coming up soon so stay tuned.

@amit-github-personal
Copy link

Hi @jgrandja, let me know whenever you want to work on this epic. I would love to raise a PR for this.

@jgrandja
Copy link
Collaborator Author

Thanks for your interest @amit-github-personal. The are a few higher priority features at the moment but will let you know when this one gets closer to scheduling for a release.

@jgrandja jgrandja changed the title Epic: OAuth 2.0 Token Exchange Implement OAuth 2.0 Token Exchange Jul 29, 2021
@jacko9et
Copy link

This feature is very helpful for implementing stateless services and would love to see it progress.

@jacko9et jacko9et mentioned this issue Mar 11, 2022
Closed
@jgrandja jgrandja added the type: enhancement A general enhancement label Mar 29, 2022
@jgrandja jgrandja mentioned this issue Aug 31, 2022
Closed
@jgrandja jgrandja moved this to Planning in Spring Security Team May 27, 2023
@jgrandja jgrandja mentioned this issue May 30, 2023
Closed
@fzyzcjy
Copy link

fzyzcjy commented Jul 25, 2023

Hi, is there any updates? Thanks!

@fzyzcjy fzyzcjy mentioned this issue Jul 25, 2023
Closed
@pitagoras3
Copy link

Hello @jgrandja, at @allegro we're highly considering using spring-authorization-server as a core of our Authorization server, and Token Exchange is a crucial grant type for us. Do you have any information on when implementation of this grant type is planned? We're open to help with open-source contributions from our side :)

@jgrandja
Copy link
Collaborator Author

@pitagoras3 Thank you for your interest in this project. We're releasing 1.2 Nov 21 and then will be planning 1.3. We will consider adding this feature but I'm not sure at this point as we already have quite a bit of work planned for 1.3. Please reach out again in Dec. Thanks.

@bananich
Copy link

bananich commented Dec 4, 2023

Hello @pitagoras3, could you please advise if there are updates on this issue or ETA at this point? Thank you!

@pitagoras3
Copy link

As we are in the middle of December and spring-authorization-server 1.2 was released, I am reaching out to @jgrandja with same question as above - Do you have any information on when implementation of this grant type is planned?

@bananich I'm trying to get the answer for the same question that you're asking :)

@jgrandja
Copy link
Collaborator Author

@pitagoras3 Please see this comment for an update.

@jgrandja jgrandja moved this from Planning to Prioritized in Spring Security Team Jan 10, 2024
@jgrandja jgrandja removed the status: on-hold We can't start working on this issue yet label Jan 10, 2024
@jgrandja jgrandja added this to the 1.3.0-M2 milestone Jan 10, 2024
@sjohnr sjohnr moved this from Prioritized to In Progress in Spring Security Team Jan 10, 2024
sjohnr added a commit to sjohnr/spring-authorization-server that referenced this issue Feb 12, 2024
@sjohnr
Add support for OAuth 2.0 Token Exchange Grant
4bc3b59 
Issue spring-projectsgh-60
sjohnr added a commit to sjohnr/spring-authorization-server that referenced this issue Feb 12, 2024
@sjohnr
Add Token Exchange grant to demo-client sample
6039045 
Issue spring-projectsgh-60
sjohnr added a commit to sjohnr/spring-authorization-server that referenced this issue Feb 13, 2024
@sjohnr
Add support for OAuth 2.0 Token Exchange Grant
7d65fcf 
Issue spring-projectsgh-60
sjohnr added a commit to sjohnr/spring-authorization-server that referenced this issue Feb 13, 2024
@sjohnr
Add Token Exchange grant to demo-client sample
6759bc5 
Issue spring-projectsgh-60
sjohnr added a commit to sjohnr/spring-authorization-server that referenced this issue Feb 13, 2024
@sjohnr
Add support for OAuth 2.0 Token Exchange Grant
a97fcc5 
Issue spring-projectsgh-60
sjohnr added a commit to sjohnr/spring-authorization-server that referenced this issue Feb 27, 2024
@sjohnr
Add Token Exchange grant to demo-client sample
cf10fef 
Issue spring-projectsgh-60
sjohnr added a commit to sjohnr/spring-authorization-server that referenced this issue Feb 28, 2024
@sjohnr
Add support for OAuth 2.0 Token Exchange Grant
f2b539e 
Issue spring-projectsgh-60
sjohnr added a commit to sjohnr/spring-authorization-server that referenced this issue Feb 28, 2024
@sjohnr
Add Token Exchange grant to demo-client sample
b065ee3 
Issue spring-projectsgh-60
sjohnr added a commit to sjohnr/spring-authorization-server that referenced this issue Feb 28, 2024
@sjohnr
Add support for OAuth 2.0 Token Exchange Grant
aa3e6d6 
Issue spring-projectsgh-60
sjohnr added a commit to sjohnr/spring-authorization-server that referenced this issue Feb 28, 2024
@sjohnr
Add Token Exchange grant to demo-client sample
8cccb9e 
Issue spring-projectsgh-60
sjohnr added a commit that referenced this issue Feb 28, 2024
@sjohnr
Add support for OAuth 2.0 Token Exchange Grant
25a785d 
Issue gh-60
sjohnr added a commit that referenced this issue Feb 28, 2024
@sjohnr
Add Token Exchange grant to demo-client sample
2ec9329 
Issue gh-60
@jgrandja jgrandja added status: duplicate A duplicate of another issue and removed type: enhancement A general enhancement labels Feb 28, 2024
@jgrandja jgrandja removed this from the 1.3.0-M3 milestone Feb 28, 2024
@jgrandja
Copy link
Collaborator Author

Closing as duplicate of gh-1525

sjohnr added a commit that referenced this issue Mar 18, 2024
@sjohnr
Use constants from Spring Security 6.3
ddb2cd4 
Issue gh-60
Issue gh-1562
sjohnr added a commit that referenced this issue Mar 18, 2024
@sjohnr
Use token exchange support from Spring Security 6.3
6488243 
Issue gh-60
Issue gh-1562
sjohnr added a commit that referenced this issue Mar 18, 2024
@sjohnr
Temporarily remove validation logic for jwt token-type
a483db6 
Issue gh-60
sjohnr added a commit to sjohnr/spring-authorization-server that referenced this issue Apr 12, 2024
@sjohnr
Add docs for Token Exchange
a32eaaa 
Issue spring-projectsgh-60
sjohnr added a commit to sjohnr/spring-authorization-server that referenced this issue Apr 12, 2024
@sjohnr
Update Token Exchange
7ef544f 
* updates based on review feedback
* tests for Token Exchange

Issue spring-projectsgh-60
sjohnr added a commit to sjohnr/spring-authorization-server that referenced this issue Apr 12, 2024
@sjohnr
Move logic for populating Token Exchange claims
e7ab8b1 
Issue spring-projectsgh-60
sjohnr added a commit to sjohnr/spring-authorization-server that referenced this issue Apr 12, 2024
@sjohnr
Add tests
2d69150 
Issue spring-projectsgh-60
sjohnr added a commit to sjohnr/spring-authorization-server that referenced this issue Apr 15, 2024
@sjohnr
Update docs for Token Exchange
e7a0c06 
Issue spring-projectsgh-60
sjohnr added a commit to sjohnr/spring-authorization-server that referenced this issue Apr 15, 2024
@sjohnr
Token Exchange review updates
ab37e37 
Issue spring-projectsgh-60
sjohnr added a commit to sjohnr/spring-authorization-server that referenced this issue Apr 15, 2024
@sjohnr
Add tests for Token Exchange
48ecc8f 
Issue spring-projectsgh-60
sjohnr added a commit that referenced this issue Apr 15, 2024
@sjohnr
Update docs for Token Exchange
2bcf787 
Issue gh-60
sjohnr added a commit that referenced this issue Apr 15, 2024
@sjohnr
Token Exchange review updates
2f1f45b 
Issue gh-60
sjohnr added a commit that referenced this issue Apr 15, 2024
@sjohnr
Add tests for Token Exchange
ef859a3 
Issue gh-60
@sjohnr sjohnr mentioned this issue May 2, 2024
Closed
@nwholloway nwholloway mentioned this issue May 28, 2024
Closed
@banterCZ banterCZ mentioned this issue Jan 16, 2025
Open
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
status: duplicate A duplicate of another issue
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
8 participants
@fzyzcjy @sjohnr @jgrandja @pitagoras3 @jacko9et @bananich @oridool @amit-github-personal